All this wouldn't be a problem if there'd some kind of validation of the
origin of the message. I think of some kind of handshake. An example:
The client performs an 'helloserver' and appends a random id-number to it.
The server in turn will then send back a message with an own random id to
the client ('helloclient')
The final step is, that the client has to respond with an id which is a
combination of both id's (XOR'ed .. whatever). The server compares this with
it's own client/server-id.
If the server agrees, then it will send the previously requested information
to the client.This way, there can't be any flood-attacks on a gameserver since the clienthello-msg will only be a few bytes long. Problem is of course the fact that all this works through UDP. So there wouldn't be Maybe this is a little contribution to this discussion. Good luck Jan _______________________________________________ hlds_apps mailing list [EMAIL PROTECTED] http://list.valvesoftware.com/mailman/listinfo/hlds_apps
