Combine that steam ID changer with dynamic ip Internet service, and you will have some long sleepless nights.
Sent from my iPhone On 2010-08-14, at 8:31 AM, Eric Riemers <[email protected]> wrote: > I hate to go ban every ip instead of steamid. I'll instruct the admins to > take a look at this. Pretty annoying since the ingame menu usually bans the > steamid and not the ip. They always seem to crawl out at night when there is > almost no admin online. > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Kyle > Sanderson > Sent: zaterdag 14 augustus 2010 13:19 > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] STEAM_0:0:1 > > Simple google search reveals: > http://www.hackforums.net/showthread.php?tid=265369 > > Image of the application: > http://img39.imageshack.us/img39/4663/serenityclient.png > > They're selling slots at unbeatable prices! All you want trolling for one > easy payment of $50 for 5 months of access! > > Quote from the forums: > [quote='hav0k' pid='2565535' dateline='1266110769'] LOL I wanna get 0:0:1 > [/quote] - There is an Alfred wanna be already! > > It's rather disappointing to see this game out for over 5 years, and clients > can still freely set their SteamID (Along with HL1, which has been out for > well over 10). Along with maliciously attack servers flooding commands, or > simple Denial of Service attacks using 5kb/s of bandwidth, but can bring the > servers CPU to its knees. What's even worse is Valve not even addressing > these as issues, it's completely asinine. > > COMPLETELY UNRELATED | Personal Experience | Ranting | Speculation: So I was > running SRCDS as root (bad, I know). Just before we were about to swap the > IP addresses with the DC, someone had formatted the box for us. Since SRCDS > was the only program running as root... I can only draw one conclusion. In > the end we only lost one L4D and one TF2 server (both of which have not been > brought back up since), however if we were not in the process of moving, > that could have been catastrophic. Since then there have been multiple > extensions have been blacklisted. Why on earth not create a whitelist? I > have a white list of good cvars/commands and the rest have cheats set. I > honestly cannot understand the reasoning behind not doing this. However, > this is just flogging a dead horse to be honest, the exploit is terribly old > and first showed itself in 04 when the game was released. It would be nice > to have some protection though, instead of relying on numerous > extensions/plugins. > > As always, I've seemed to have taken the topic in another direction. > However, all of these exploits are monumental, and can cause catastrophic > damage to the server if used maliciously. Just like client plugins, > something needs to be done. > Kyle. > > On Sat, Aug 14, 2010 at 2:59 AM, ics <[email protected]> wrote: > >> Apparently there is some sort of things going on. Found this >> http://www.facepunch.com/showthread.php?t=962042 >> >> Perhaps someone has found a way to make it work on TF2 and other >> Source games. Propably some sort of LUA thing again, with clientside > plugins. >> >> -ics >> >> 14.8.2010 6:12, Kyle Sanderson kirjoitti: >> >> Alfred is quite the troll, apparently. >>> >>> In all seriousness though, it isn't difficult at all to change a >>> clients SteamID server side. It would not surprise me if this exploit >>> still exists, I know this still exists in HL1 (as of 2009, that is). >>> Just look at file Downloads/Uploads(deletions), they are still an >>> issue to this day. >>> >>> It's just sad, >>> Kyle. >>> >>> On Fri, Aug 13, 2010 at 8:01 PM, >>> DontWannaName!<[email protected] >>>> wrote: >>> >>> >>> >>>> VAC Banned says This SC ID does not match any Steam account. >>>> >>>> On Fri, Aug 13, 2010 at 7:51 PM, ics<[email protected]> wrote: >>>> >>>> >>>> >>>>> Heh, steam 0:0:1 belongs to valve folks so either you pranked >>>>> somehow or the old trick has resurfaced, which allows somehow >>>>> player to change the steamid he uses. This was happening last time >>>>> around 6 years ago when CS Source came out. Someone should look >>>>> into this @ Valve before it spreads. >>>>> >>>>> -ics >>>>> >>>>> 14.8.2010 5:41, Eric Riemers kirjoitti: >>>>> >>>>> All, >>>>> >>>>> >>>>>> I might not be up to date, but tonight i had a mic spammer. So I >>>>>> kicked him, came back ofcourse, banned him.. then still came back, >>>>>> then did some speedhacks. (we use sourcebans btw) >>>>>> >>>>>> When I did a "status" in my console to get the steamid it was >>>>>> "STEAM_0:0:1" >>>>>> thats also the id sourcebans tried to ban him for. He also came >>>>>> back >>>>>> >>>>>> >>>>> with >>>> >>>> >>>>> something like "STEAM_0:1:0", in the end I just banned his ip >>>>>> (84.74.29.218) >>>>>> >>>>>> Seen something familiar like this? >>>>>> >>>>>> See the stats as example >>>>>> http://stats.lethal-zone.eu/hlstats.php?mode=playerinfo&player=486 >>>>>> 342 >>>>>> >>>>>> http://stats.lethal-zone.eu/hlstats.php?mode=playerinfo&player=486 >>>>>> 344 >>>>>> >>>>>> (trying google with those steam id's didn't actually show up what >>>>>> I >>>>>> wanted) >>>>>> >>>>>> Eric >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> To unsubscribe, edit your list preferences, or view the list >>>>>> archives, please visit: >>>>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> To unsubscribe, edit your list preferences, or view the list >>>>> archives, please visit: >>>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>>> >>>>> >>>>> >>>> _______________________________________________ >>>> To unsubscribe, edit your list preferences, or view the list >>>> archives, please visit: >>>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>>> >>>> >>>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list >>> archives, please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >>> >>> >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
