It can be stopped with a server side plugin. All you have to do is to check the banned users steamid and ban the IP when he connects. Its working within our server plugin. Unfortunatly, I dont have the code in a seperate plugin, but it is very easy to implement. A decent coder can do this.
Starting a new thread, this really needs to be addressed by Valve.
Its a known bug amongst us who run the servers, but Alfred wont fix it until someone can duplicate it. If a person is banned, the server can be crashed at will by these kids by repeated rejoin attempts.
You were absolutely right. I discovered from log parsing that the same person from IP 63.197.68.40 (STEAM_0:0:6023457) has been crashing my server every day for a month since he was banned. However, I think the problem is worse than a DoS -- he is able to do it in one fast connect/disconnect attempt from the look of my logs. It's definitely him though, because every time the server gets a segmentation fault, it is him who join/parted immediately before.
My guess is that the join flooding is a red herring -- the script does that until the exploit works, but isn't the cause of the crash itself.
This needs to be addressed ASAP by Valve. I am very concerned that this may have the possibility to be exploited as remote code execution if it is a buffer overflow from malformed packets. What do I need to do to prove this is a critical exploit in server code to Valve? Would packet captures from his IP help? This loser has been doing this *every* day for a month! He is now blocked from the firewall, but this is a reactionary defense. This bug NEEDS to be fixed.
L 02/06/2005 - 00:28:23: "{ D-MOB } kiLLAZ<355><STEAM_ID_PENDING><>" connected, address "63.197.68.40:27005" LLAZ] [STEAM_ID_PENDING] L 02/06/2005 - 00:28:24: "{ D-MOB } kiLLAZ<355><STEAM_ID_PENDING><>" disconnected (reason "Disconnect by user.") Dropped { D-MOB } kiLLAZ from server Reason: Disconnect by user. /home/cjones/local/steam/srcds_run: line 423: 16168 Segmentation fault $HL_CMD
-- Chris
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
