Over the last few days I've had a couple of my servers experience weird
behaviour, pausing, restarting or outright crashing.
Notes:
- Servers are using the beta update from a few days ago.
- Servers are using latest version of SM/Meta Mod running kac and rcon_lock
- rcon TCP port is blocked and
Ok after a bit more googling its a hack:
http://www.youtube.com/watch?v=xsC8GtSWuyU
If you parse or stream your log files for monitoring you should probably add a
watch/event for these long disconnect messages as they are using a 3rd party
program to do so.
ML.
On 27/04/2010, at 11:16 AM,
This particular exploit is a buffer overflow in the event message
where the client can specify a disconnect message, and the server will
serialize an event containing that message. There is an issue with the
function that serializes the game event that causes a buffer overflow
in the net message,
A required update for Left 4 Dead 2 is now available. Please run
hldsupdatetool to receive the update. The specific changes include:
- Fixed addons content not loading if coop was the first game mode loaded.
- Fixed versus modes sometimes using incorrect game rule settings after server
http://forums.alliedmods.net/showthread.php?p=1139769
http://forums.alliedmods.net/showthread.php?p=1139769
http://forums.alliedmods.net/showthread.php?p=841590
http://forums.alliedmods.net/showthread.php?p=841590
http://forums.alliedmods.net/forumdisplay.php?f=133
KAC 1.2.1.0 should block the disconnect exploit without interfering
with normal disconnects so you know why someone left otherwise. All
the other fixes just replace the reason all the time with something
else.
Right now, I'm not really expecting any fix until it because pretty
normal for people
Watching that YouTube video he said he wrote a plugin for it (that he's now
selling), yet another reason why client-side plugins should be blocked.
-
From: Kigen theki...@gmail.com
Sent: Tuesday, April 27, 2010 11:25 AM
To: Half-Life dedicated
On 27/04/2010, at 2:45 PM, dmex wrote:
Watching that YouTube video he said he wrote a plugin for it (that he's now
selling), yet another reason why client-side plugins should be blocked.
Lets not start that up again. ;)
I did read an older source update from 2009 that was supposed to fix the
They all have to use LSS or some plugin they create. Its not that
new. Again, is anything going to happen? Probably not.
Unfortunately, many of my attempts to contact Valve employees to help
them fix the massive amounts of exploits that the Source engine has
fallen on deft ears.
On Tue, Apr
9 matches
Mail list logo
