Jeff: If these are players on our ban list, this would indeed work. However from reviewing my server logs they don't even connect long enough for the server to resolve their steamid. They wouldn't even need to own the game and could use some pirated copy, a VAC banned account, anything really.
ICS: This exploit isn't listed on there as it's not "blocked" by Rcon Lock. Also this isn't an rcon crash or anything of the kind... It's absolutely absurd that this hasn't been fixed yet. Kyle. On Tue, Dec 29, 2009 at 1:52 AM, ics <[email protected]> wrote: > This "connect flood" in which steamid does not have even time to auth > (sticks with Steam_id_pending), has been around atleast over 2 years. > The good thing in it is, that usually at some point attackers steamid is > revealed in the server log anyway. So once you ban that sucker's id, he > can't do the connect flood anymore. > > The rcon crash has also been around for a long time. Trick is that it > also does not work on every hardware setup and whilst i spoke with some > Valve employees with it while back, they could not reproduce it and so > there is no fix for it but the exploit remains that can bring down the > server. > > Besides these, there are several exploits available. > http://code.devicenull.org/index.php?title=Misc:HL2_Exploits > > -ics > > Jeff Sugar kirjoitti: > > I originally sent this in the duplicate thread someone else made, > thinking > > it was the main thread. I'll repost it here for ease: > > > > "There's a sourcemod plugin that blocks connects from a banned user via > IP > > for a short while (5min i think?) after their first attempt. After the > limit > > wears off, they can do so once more. No spam, no worries! :) I'm sure you > > could probably modify yit to also work on non-banned people who try > > connections to closely together > > > > One sec, I'll look for it now > > > > [moments pass aka ninja edit or whatever :v] > > > > Alright -- the one I'm using is this: > > http://forums.alliedmods.net/showthread.php?p=863444 > > > > There's also this one, which looks like the same thing but with a bit of > > unnecessary config options: > > http://forums.alliedmods.net/showthread.php?p=923828 > > > > Hope this helps! > > > > -Jeff/Atreus" > > > > On Tue, Dec 29, 2009 at 1:06 AM, Kyle Sanderson <[email protected]> > wrote: > > > > > >> I'm completely dumbfounded Attaul, this is exploit exists across > platforms > >> (Unless if you're on Linux as well). I'm running a CS:S Server, what > about > >> you? > >> > >> Kyle. > >> > >> On Mon, Dec 28, 2009 at 11:59 PM, Attaul N <[email protected]> > wrote: > >> > >> > >>> I got a msg earlier today from > >>> http://steamcommunity.com/profiles/76561197961100939 who is crashing > my > >>> servers as well. He asked me whos servers i wanted crashed tonight, > when > >>> > >> i > >> > >>> told him no ones and that server admins work hard to keep everything > >>> working, I somehow offended him. Not sure how hes managing to crash the > >>> servers, I have rcon_locker inabled. I know he doesn't have my rcon or > >>> > >> any > >> > >>> other info since i don't store the rcon password in server.cfg and I > even > >>> have the server.cfg renamed. Any ideas? > >>> _________________________________________________________________ > >>> Windows Live: Friends get your Flickr, Yelp, and Digg updates when they > >>> e-mail you. > >>> http://go.microsoft.com/?linkid=9691817 > >>> _______________________________________________ > >>> To unsubscribe, edit your list preferences, or view the list archives, > >>> please visit: > >>> http://list.valvesoftware.com/mailman/listinfo/hlds > >>> > >>> > >> _______________________________________________ > >> To unsubscribe, edit your list preferences, or view the list archives, > >> please visit: > >> http://list.valvesoftware.com/mailman/listinfo/hlds > >> > >> > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
