Alfred wrote:
The only problem being that it will break every single server management/querying program on the planet... I think the developers of those programs may have something to say about that ;-)
Sometimes in order to fix a security problem, you have to change the protocol. Just bite the bullet and do it. The rate limiter idea is great to prevent remote services such as gamespy from being flooded, but my server can still be forced to chew up all of it's own upstream bandwidth with a minimal of incoming requests from spoofed sources. This can only be prevented by a handshake to validate the source. Otherwise, the only thing I can do is sit and watch as my server falls to its knees under its own outgoing load to nowhere.
btw, any sign of a client security patch, or do I have to make a working exploit to speed things along? -Mad _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux

