+2 they need a security advisor...
On Tuesday, March 16, 2010, Cc2iscooL <[email protected]> wrote: > +1 for Valve giving Neph a job. > > On Mar 16, 2010 6:08 PM, "Nephyrin Zey" <[email protected]> wrote: > > Speaking of unresolved problems... > > - Unconnected commands > - Basically any invalid packet causing the server to break in some way > -- A2S_INFO spam (query caching just makes it take slightly more packets > to lag everything out) > -- A2C_PRINT spam causes lag, even before \b or bell character issues. > - 'nuker' spam is still very effective (tons of huge packets with the > string 'lol' followed by hundreds of null bytes) > - Was that friendly-heavy exploit fixed? > - Master server issues (why isn't this handled through steam yet?) > - SteamID spoofing (protip: disabling some necessary ticket checks is > not a valid fix for invalid-steam-ticket drop issues, valve) > - Linux binaries *still* misdetect the CPU and disable what few sse2 > functions the engine has. > - Linux binaries suck balls and are completely unoptimized, presumably > so ancient machines that could never run OB engine servers can still > host them. > - 64bit binaries? PLZ > - Everything here http://wiki.alliedmods.net/SRCDS_Hardening > - Clients can *still* load plugins (VAC, lol) > - Empty names > - File uploads still work, you just have to be slightly more creative > and find one of the many unblocked extensions that can be used in a > exploitative fashion. > > AND SO ON > > PS Gimmiejobplzvalve > > - Neph > > > On 03/10/2010 09:34 AM, Ronny Schedel wrote: >> Hello, >> >> since the update from 2nd of March we suf... > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > -- Thanks, - Saul. _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
