Lol Fix the CPU USE and everyone will be happy - just about.
Britt -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeremy Brooking Sent: Wednesday, June 04, 2003 4:24 PM To: [EMAIL PROTECTED] Subject: Re: [hlds_linux] the %n bug On Thu, 2003-06-05 at 03:51, Steven Hartland wrote: > Try reading the rest of the post before you reply. Including something > that actually contributes to the discussion would be good and don't > forget to make said comments within the context of this example where: > 1. It was discovered. > 2. It was patched. ( quickly ) > Is the patch 100% right? Have they missed something? Is there any 'approach' the coder took, that could possibly lead to other exploits? Releasing the code does 2 things. Allows valve to go over it and see if theres anything they have missed. Makes people wake up to the fact they need keep there servers up to date. If you cannot keep your server up to date, I have no sympathy for you. The number of times I have had to deal with a DoS/DDoS/DRDoS from comprimissed boxes in the last 10 years, I cannot count. The reason for the dos was NOT the fact source was released, its because people lack the understand of what implications of having your 1 little box on the net. And even after having an entire network of linux boxes teardrop'd I would still rather the code be released than not. > Our servers have been patched since the fix became available but you > don't seem to be able to comprehend that others may not have and may > not for some time. Hence, and I say again, releasing the code is > reckless and irresponsible. Don't make it easy for them. And what you seem to be to retarded to see is history. OpenSSL, a non issue UNTIL someone released a working exploit, which then turned up a couple more potential security issues. ssh, a non issue UNTIL source code for rre was released. apache, a non issue UNTIL source code for rre was released. nestea, a non issue UNTIL source code for exploit was released. teardrop, a non issue UNTIL someone ported it to windows. I could go on for ages, arguing the point, but you seem to simple to understand simple, history documented, facts. _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux

