I didn't like the part where it said 'gamespy will issue a patch' ... that sounds scary. TBH, it doesn't look like the people actually researched much, and just posted the article for publicity. Any service where you get more data then you send could theoretically be vulnerable, just UDP is dead easy to spoof. Their claims of being able to use a single 14.4 modem to take out a T1 line are quite frankly bollox. Sounds like Steve Gibson wrote the article :)
ISPs and edge servers can protect against these sorts of attacks by replacing the spoofed UDP source host/port with the actual UDP host/port - this has already been implemented on some services (think there's someone on the appropriate slashdot thread who mentioned this).
There is no way that companies will patch this problem. This would mean almost every game on the net would have to be patched and every server browser re-written (and I just re-wrote mine! gah!).
Kris.
At 20:09 19/01/2003, you wrote:
This is a really old "problem", and theres not much valve can do about it, except for adding a challenge to client querys, which will screw over most game query programs, and really reduce the speed of queries, which defeats the object.If you check around on bugtraq theres a similar exploit for quakeworld, which shows the age of this trick. -- Ginga _______________________________________________ hlds_apps mailing list [EMAIL PROTECTED] http://list.valvesoftware.com/mailman/listinfo/hlds_apps
_______________________________________________ hlds_apps mailing list [EMAIL PROTECTED] http://list.valvesoftware.com/mailman/listinfo/hlds_apps
