KAC 1.2.1.0 should block the disconnect exploit without interfering with normal disconnects so you know why someone left otherwise. All the other "fixes" just replace the reason all the time with something else.
Right now, I'm not really expecting any fix until it because pretty normal for people to go into unprotected servers and use the exploit to cause people to disconnect with VAC messages, pausing, and then the simple disconnect all. On Mon, Apr 26, 2010 at 10:06 PM, Kyle Sanderson <[email protected]> wrote: > http://forums.alliedmods.net/showthread.php?p=1139769 > <http://forums.alliedmods.net/showthread.php?p=1139769> > http://forums.alliedmods.net/showthread.php?p=841590 > <http://forums.alliedmods.net/showthread.php?p=841590> > http://forums.alliedmods.net/forumdisplay.php?f=133 > > <http://forums.alliedmods.net/forumdisplay.php?f=133>No acknowledgement from > Valve yet, as usual. > Kyle > > On Mon, Apr 26, 2010 at 7:03 PM, AzuiSleet <[email protected]> wrote: > >> This particular exploit is a buffer overflow in the event message >> where the client can specify a disconnect message, and the server will >> serialize an event containing that message. There is an issue with the >> function that serializes the game event that causes a buffer overflow >> in the net message, and so it has to potential to crash other clients >> or make them receive commands from another player relayed through the >> server. >> >> On Mon, Apr 26, 2010 at 7:57 PM, Matt Lyons <[email protected]> >> wrote: >> > Ok after a bit more googling its a hack: >> > >> > http://www.youtube.com/watch?v=xsC8GtSWuyU >> > >> > If you parse or stream your log files for monitoring you should probably >> add a watch/event for these long disconnect messages as they are using a 3rd >> party program to do so. >> > >> > >> > ML. >> > >> > >> > On 27/04/2010, at 11:16 AM, Matt Lyons wrote: >> > >> >> Over the last few days I've had a couple of my servers experience weird >> behaviour, pausing, restarting or outright crashing. >> >> >> >> Notes: >> >> - Servers are using the beta update from a few days ago. >> >> - Servers are using latest version of SM/Meta Mod running kac and >> rcon_lock >> >> - rcon TCP port is blocked and rcon password is secure (32 digits of >> random letters/numbers) >> >> - No crash dump >> >> - Log file cuts out mid stream. >> >> - Nothing obvious in the log files except for disconnect messages like >> the following: >> >> >> >> L 04/26/2010 - 16:30:28: "Player >> Name]<1260><STEAM_0:X:XXXXXXX><TERRORIST>" disconnected (reason >> "SSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS") >> >> >> >> (Player name and steam ID removed to protect the guilty.) >> >> >> >> When such a log entry appears there are lots of comments straight after >> of server weirdness. I was just in one of my servers then when it restarted >> after the above message. >> >> >> >> Anyone else seen this? >> > >> > -- >> > Matt Lyons >> > Content Administrator, games.on.net >> > Email: [email protected] >> > Web: http://games.on.net >> > "In theory, there is no difference between theory and practice; In >> practice, there is." >> > >> > >> > >> > _______________________________________________ >> > To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> > http://list.valvesoftware.com/mailman/listinfo/hlds >> > >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
