I had the same thought. I suppose it's possible this person may have an older version that has this behavior. I saw other packet traces from this same program that were all terminated properly.
I guess I was hoping to hear from someone at Valve about what the expected behavior would be. ----- Original Message ----- From: "Jeroen "ShadowLord" Bogers" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, August 11, 2003 9:19 AM Subject: Re: [hlds_apps] HLDS Server Query Protocol > What I mean is, maybe your server is being crashed by the exploit. > If the HL server suffers from a bug that it can crash from queries by a very > common monitoring program, wouldn't a LOT more HL server ops have this > problem? Just a thought... > > Jeroen "ShadowLord" Bogers > > ----- Original Message ----- > From: "Terry" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, August 11, 2003 05:49 > Subject: RE: [hlds_apps] HLDS Server Query Protocol > > > > I know I *should* upgrade to the new version (and I will be very soon), > but > > that doesn't answer the question of whether this *is* the problem I'm > having > > right now. > > > > I'm not running the client, I'm running HLDS as a dedicated server. > > > > When I do upgrade, I'll extend this question to the 4.1.1.1d version. How > > will that server handle request packets that are not terminated with a > zero > > byte? > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of Jeroen > > "ShadowLord" Bogers > > Sent: Sunday, August 10, 2003 10:38 PM > > To: [EMAIL PROTECTED] > > Subject: Re: [hlds_apps] HLDS Server Query Protocol > > > > > > You should be running 4.1.1.1d, since any previous version of the HL > server > > has a security hole, that enables other people to freeze you HL, crash > your > > HL, crash your machine or even take control of your machine! > > > > Also, running 1.x.x.x as server (which means you are using the client as > > server) is a bad idea, since it almost always lags behind in server > > versions. Install the full dedicated Windows server instead. > > > > Jeroen "ShadowLord" Bogers > > > > ----- Original Message ----- > > From: "Terry" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Monday, August 11, 2003 00:12 > > Subject: [hlds_apps] HLDS Server Query Protocol > > > > > > > The "server protocl.txt" file that ships with the HL SDK says : > > > > > > "Messages are sent to the server by sending 4 consecutive bytes of 255 > > > (32-bit integer -1) and then the string command followed by a zero byte > to > > > terminate it" > > > > > > How does HLDS (Windows) handle packets that are sent to it that are NOT > > > terminated with a zero byte. The reason I ask, is my server was > crashing > > > every few minutes. I thought I might be under some kind of attack so I > > ran > > > a packet sniffer and noticed a number of packets that were being sent by > a > > > popular game server monitoring program that were not terminated with a > > zero > > > byte. It looked as if it had a fixed size send buffer which is getting > > > stuffed with "ping", "info" etc, and it was sending the entire buffer > with > > > trailing garbage and all. > > > > > > Here's a few examples (showing only the relevant data section of the > > > packet): > > > > > > 0x0020 E0 68 1B DA 69 87 00 13-60 42 FF FF FF FF 70 6C > > ah.Ui?..`Byyyypl > > > 0x0030 61 79 65 72 73 08 3B 96-62 23 EC 78 ayers.;-b#ix > > > > > > 0x0020 E0 68 1B DA 69 87 00 12-C0 40 FF FF FF FF 73 74 > > [EMAIL PROTECTED] > > > 0x0030 61 74 75 73 1D 62 65 61-63 6F 6E 40 atus.beacon@ > > > > > > 0x0020 E0 68 1B DA 69 87 00 15-D2 E6 FF FF FF FF 67 65 > > ah.Ui?..Oayyyyge > > > 0x0030 74 73 74 61 74 75 73 10-2E 1D 32 E4 tstatus...2a > > > > > > 0x0020 E0 68 1B DA 69 87 00 12-3F CF 5C 65 63 68 6F 5C > > ah.Ui?..?I\echo\ > > > 0x0030 48 4C 53 57 56 F3 2C CB-91 F9 08 D2 HLSWVo,E'u.O > > > > > > Could these packets be crashing my Windows 1.1.1.0 server? > > > > > > > > > > > > _______________________________________________ > > > hlds_apps mailing list > > > [EMAIL PROTECTED] > > > http://list.valvesoftware.com/mailman/listinfo/hlds_apps > > > > > > > > > _______________________________________________ > > hlds_apps mailing list > > [EMAIL PROTECTED] > > http://list.valvesoftware.com/mailman/listinfo/hlds_apps > > > > > > _______________________________________________ > > hlds_apps mailing list > > [EMAIL PROTECTED] > > http://list.valvesoftware.com/mailman/listinfo/hlds_apps > > > > > > > _______________________________________________ > hlds_apps mailing list > [EMAIL PROTECTED] > http://list.valvesoftware.com/mailman/listinfo/hlds_apps _______________________________________________ hlds_apps mailing list [EMAIL PROTECTED] http://list.valvesoftware.com/mailman/listinfo/hlds_apps
