Sounds like a good idea. Are you familiar with tcpdump or Ethereal? This looks like an easy one to capture, as you've got a fixed IP you can filter on.
I am, I work in the security industry. :)
My question really is, would Valve look at them? I will be getting pcaps and passing them on regardless; I just hope they are taking this seriously. If this is triggered by a buffer overflow, someone smarter than these kiddies could work out an exploit for remote code execution.
Even if this isn't the case, the fact that anyone can crash the server at will is severely frustrating for everyone.
I will keep the list updated with my findings.
-- Chris
Can crash the server at will _if_ already banned. Is this more accurate on that way?
Fool
_______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
