What I find a bit hard to believe is that vavle go broken into, and there source code (or parts of it) stolen. Once that happened you would have thought Valve would have gone over any part of the code that interacts with players via the internet with a fine tooth comb. Already we have seen a number of vulnerabilities where players can crash servers, and vulnerabilities where remote rcon can crash servers. I cant believe that a year after the code being stolen, that their server code was vulnerable to a simple name variable bug. It scares me even more than rcon for servers is now via a TCP port. If you havent firewalled it out, hackers will connect to your rcon port trying buffer overflows to there hearts content. Vavle you make great games, but you guys need to put some serious thought into protecting server operators from malicious people. You should start thinking like a hacker to protect the server operaters from hackers....
Im not putting up any source servers for a few months at least. I just dont trust the code.
ScratchMonkey wrote:
--On Sunday, October 24, 2004 12:39 PM -0400 Ray Spaulding <[EMAIL PROTECTED]> wrote:
Maybe this is just a dumb question but why has Valve not made attempts with this site's host and registrar to send these punks to jail. The "intention" of the site is simply to break the law by intentionally exploiting a company's software.
Perhaps because it's better to have all of them operating where you can observe them? I've seen other sites move to countries where they can't be touched. And who knows how many operate without a well-known site?
I just encountered a cheat for another game I play, and jailing the miscreant wasn't my first instinct. Instead, I'd rather detect their code and screw with those who use it, perhaps by ruining their game in random ways.
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
