[hlds] CSS: Long disconnect messages crashing servers?
Over the last few days I've had a couple of my servers experience weird behaviour, pausing, restarting or outright crashing. Notes: - Servers are using the beta update from a few days ago. - Servers are using latest version of SM/Meta Mod running kac and rcon_lock - rcon TCP port is blocked and rcon password is secure (32 digits of random letters/numbers) - No crash dump - Log file cuts out mid stream. - Nothing obvious in the log files except for disconnect messages like the following: L 04/26/2010 - 16:30:28: Player Name]1260STEAM_0:X:XXXTERRORIST disconnected (reason SS) (Player name and steam ID removed to protect the guilty.) When such a log entry appears there are lots of comments straight after of server weirdness. I was just in one of my servers then when it restarted after the above message. Anyone else seen this? -- Matt Lyons Content Administrator, games.on.net Email: m...@games.on.net Web: http://games.on.net In theory, there is no difference between theory and practice; In practice, there is. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] CSS: Long disconnect messages crashing servers?
Ok after a bit more googling its a hack: http://www.youtube.com/watch?v=xsC8GtSWuyU If you parse or stream your log files for monitoring you should probably add a watch/event for these long disconnect messages as they are using a 3rd party program to do so. ML. On 27/04/2010, at 11:16 AM, Matt Lyons wrote: Over the last few days I've had a couple of my servers experience weird behaviour, pausing, restarting or outright crashing. Notes: - Servers are using the beta update from a few days ago. - Servers are using latest version of SM/Meta Mod running kac and rcon_lock - rcon TCP port is blocked and rcon password is secure (32 digits of random letters/numbers) - No crash dump - Log file cuts out mid stream. - Nothing obvious in the log files except for disconnect messages like the following: L 04/26/2010 - 16:30:28: Player Name]1260STEAM_0:X:XXXTERRORIST disconnected (reason SS) (Player name and steam ID removed to protect the guilty.) When such a log entry appears there are lots of comments straight after of server weirdness. I was just in one of my servers then when it restarted after the above message. Anyone else seen this? -- Matt Lyons Content Administrator, games.on.net Email: m...@games.on.net Web: http://games.on.net In theory, there is no difference between theory and practice; In practice, there is. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] CSS: Long disconnect messages crashing servers?
This particular exploit is a buffer overflow in the event message where the client can specify a disconnect message, and the server will serialize an event containing that message. There is an issue with the function that serializes the game event that causes a buffer overflow in the net message, and so it has to potential to crash other clients or make them receive commands from another player relayed through the server. On Mon, Apr 26, 2010 at 7:57 PM, Matt Lyons mly...@internode.com.au wrote: Ok after a bit more googling its a hack: http://www.youtube.com/watch?v=xsC8GtSWuyU If you parse or stream your log files for monitoring you should probably add a watch/event for these long disconnect messages as they are using a 3rd party program to do so. ML. On 27/04/2010, at 11:16 AM, Matt Lyons wrote: Over the last few days I've had a couple of my servers experience weird behaviour, pausing, restarting or outright crashing. Notes: - Servers are using the beta update from a few days ago. - Servers are using latest version of SM/Meta Mod running kac and rcon_lock - rcon TCP port is blocked and rcon password is secure (32 digits of random letters/numbers) - No crash dump - Log file cuts out mid stream. - Nothing obvious in the log files except for disconnect messages like the following: L 04/26/2010 - 16:30:28: Player Name]1260STEAM_0:X:XXXTERRORIST disconnected (reason SS) (Player name and steam ID removed to protect the guilty.) When such a log entry appears there are lots of comments straight after of server weirdness. I was just in one of my servers then when it restarted after the above message. Anyone else seen this? -- Matt Lyons Content Administrator, games.on.net Email: m...@games.on.net Web: http://games.on.net In theory, there is no difference between theory and practice; In practice, there is. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
[hlds] Left 4 Dead 2 Update Available
A required update for Left 4 Dead 2 is now available. Please run hldsupdatetool to receive the update. The specific changes include: - Fixed addons content not loading if coop was the first game mode loaded. - Fixed versus modes sometimes using incorrect game rule settings after server hibernation. - Fixed a crash in The Parish: The Park on Linux dedicated servers. - Updated dlc1 Russian UI text. Jason ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds From gentoo-embedded+bounces-3467-archive=mail-archive@lists.gentoo.org Mon Apr 26 19:09:11 2010 Return-path: gentoo-embedded+bounces-3467-archive=mail-archive@lists.gentoo.org Envelope-to: arch...@mail-archive.com Delivery-date: Mon, 26 Apr 2010 19:09:11 -0700 Received: from exprod5mx254.postini.com ([64.18.0.49] helo=psmtp.com) by mail-archive.com with esmtp (Exim 4.69) (envelope-from gentoo-embedded+bounces-3467-archive=mail-archive@lists.gentoo.org) id 1O6aEZ-0008Qw-52 for arch...@mail-archive.com; Mon, 26 Apr 2010 19:09:11 -0700 Received: from source ([208.92.234.80]) (using TLSv1) by exprod5mx254.postini.com ([64.18.4.10]) with SMTP; Mon, 26 Apr 2010 18:09:10 PST Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id EDB1CE0955 for arch...@mail-archive.com; Tue, 27 Apr 2010 02:09:04 + (UTC) X-Original-To: gentoo-embed...@lists.gentoo.org Delivered-To: gentoo-embed...@lists.gentoo.org Received: from mail-gw0-f53.google.com (mail-gw0-f53.google.com [74.125.83.53]) by pigeon.gentoo.org (Postfix) with ESMTP id BE654E07EF for gentoo-embed...@lists.gentoo.org; Tue, 27 Apr 2010 01:43:45 + (UTC) Received: by gwj21 with SMTP id 21so3945783gwj.40 for gentoo-embed...@lists.gentoo.org; Mon, 26 Apr 2010 18:43:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=mNLyoNc2cqW2m9fh5ts3Z1gjVhcGIwqKqSQ47xA9sBI=; b=uesGZ0w5kyHk+gop2mBaez9L7oS/nEfC+FEzdcpGmlV6jsyw0ehDufMNgfbsGg09m5 K945atsHm0Cm/l20kHAzebuuRNEfFnxThhZm8SdsjpI+OXCAqu1LR2jNQtjWbIBaSOQl wDpUaUbAeIG58S5ND5e9MNQRFwWG2649X6Gc4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=HkhLr5n0J2yH9oXnCjWGDyjSj54r8hbfuExPOynQ1jqEfLFl5vll9HmuPvlyx46w7d OaC2qZG+uzUE1IlhvT4GOuzKPf781dGfy9Uq+KHMK+eq6a1YF1UCpVLJx8N153HVenAm Zb8ew/P+st2moJ+zu3pfkbKIYuO81ZO+DOjCc= Precedence: bulk List-Post: mailto:gentoo-embed...@lists.gentoo.org List-Help: mailto:gentoo-embedded+h...@lists.gentoo.org List-Unsubscribe: mailto:gentoo-embedded+unsubscr...@lists.gentoo.org List-Subscribe: mailto:gentoo-embedded+subscr...@lists.gentoo.org List-Id: Gentoo Linux mail gentoo-embedded.gentoo.org X-BeenThere: gentoo-embed...@lists.gentoo.org Reply-to: gentoo-embed...@lists.gentoo.org MIME-Version: 1.0 Received: by 10.150.233.18 with SMTP id f18mr5036626ybh.167.1272332625481; Mon, 26 Apr 2010 18:43:45 -0700 (PDT) Received: by 10.151.43.8 with HTTP; Mon, 26 Apr 2010 18:43:45 -0700 (PDT) In-Reply-To: r2v7b09df4c1004261819y2753fc37rd5dd45b9cb51c...@mail.gmail.com References: r2v7b09df4c1004261819y2753fc37rd5dd45b9cb51c...@mail.gmail.com Date: Tue, 27 Apr 2010 09:43:45 +0800 Message-ID: r2m7b09df4c1004261843ga55fa731md1edd52bd0690...@mail.gmail.com Subject: [gentoo-embedded] Re: can't emerge binary packges From: Dennis.Yxun dennis.y...@gmail.com To: gentoo-embed...@lists.gentoo.org Content-Type: multipart/alternative; boundary=000e0cd6d04e2d919104852e0603 X-pstn-neptune: 0/0/0.00/0 X-pstn-levels: (S:99.9/99.9 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 ) X-pstn-settings: 4 (1.5000:1.5000) s cv gt3 gt2 gt1 r p m c X-pstn-addresses: from dennis.y...@gmail.com [294/10] --000e0cd6d04e2d919104852e0603 Content-Type: text/plain; charset=UTF-8 On Tue, Apr 27, 2010 at 9:19 AM, Dennis.Yxun dennis.y...@gmail.com wrote: HI Folks: I have problem to merge binary packages into my cross env. Let me make it clear, I've setup cross develop evironment in my Desktop, say the path is /usr/armv7a-softfloat-linux-gnueabi. And I find x11-libs/cairo-1.8.8-r1 will fail when do cross compile, so I compile it natively on my ARM board, it pass successfullly, So I package it up, swith back to my cross environment, using emerge-armv7a-softfloat-linux-gnueabi -k cairo, strangly it refuse to merge the binary package but try to compile it directly. This problem not always happen, for some packages I compiled on my ARM board, do install successful on
Re: [hlds] CSS: Long disconnect messages crashing servers?
http://forums.alliedmods.net/showthread.php?p=1139769 http://forums.alliedmods.net/showthread.php?p=1139769 http://forums.alliedmods.net/showthread.php?p=841590 http://forums.alliedmods.net/showthread.php?p=841590 http://forums.alliedmods.net/forumdisplay.php?f=133 http://forums.alliedmods.net/forumdisplay.php?f=133No acknowledgement from Valve yet, as usual. Kyle On Mon, Apr 26, 2010 at 7:03 PM, AzuiSleet azuisl...@gmail.com wrote: This particular exploit is a buffer overflow in the event message where the client can specify a disconnect message, and the server will serialize an event containing that message. There is an issue with the function that serializes the game event that causes a buffer overflow in the net message, and so it has to potential to crash other clients or make them receive commands from another player relayed through the server. On Mon, Apr 26, 2010 at 7:57 PM, Matt Lyons mly...@internode.com.au wrote: Ok after a bit more googling its a hack: http://www.youtube.com/watch?v=xsC8GtSWuyU If you parse or stream your log files for monitoring you should probably add a watch/event for these long disconnect messages as they are using a 3rd party program to do so. ML. On 27/04/2010, at 11:16 AM, Matt Lyons wrote: Over the last few days I've had a couple of my servers experience weird behaviour, pausing, restarting or outright crashing. Notes: - Servers are using the beta update from a few days ago. - Servers are using latest version of SM/Meta Mod running kac and rcon_lock - rcon TCP port is blocked and rcon password is secure (32 digits of random letters/numbers) - No crash dump - Log file cuts out mid stream. - Nothing obvious in the log files except for disconnect messages like the following: L 04/26/2010 - 16:30:28: Player Name]1260STEAM_0:X:XXXTERRORIST disconnected (reason SS) (Player name and steam ID removed to protect the guilty.) When such a log entry appears there are lots of comments straight after of server weirdness. I was just in one of my servers then when it restarted after the above message. Anyone else seen this? -- Matt Lyons Content Administrator, games.on.net Email: m...@games.on.net Web: http://games.on.net In theory, there is no difference between theory and practice; In practice, there is. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] CSS: Long disconnect messages crashing servers?
KAC 1.2.1.0 should block the disconnect exploit without interfering with normal disconnects so you know why someone left otherwise. All the other fixes just replace the reason all the time with something else. Right now, I'm not really expecting any fix until it because pretty normal for people to go into unprotected servers and use the exploit to cause people to disconnect with VAC messages, pausing, and then the simple disconnect all. On Mon, Apr 26, 2010 at 10:06 PM, Kyle Sanderson kyle.l...@gmail.com wrote: http://forums.alliedmods.net/showthread.php?p=1139769 http://forums.alliedmods.net/showthread.php?p=1139769 http://forums.alliedmods.net/showthread.php?p=841590 http://forums.alliedmods.net/showthread.php?p=841590 http://forums.alliedmods.net/forumdisplay.php?f=133 http://forums.alliedmods.net/forumdisplay.php?f=133No acknowledgement from Valve yet, as usual. Kyle On Mon, Apr 26, 2010 at 7:03 PM, AzuiSleet azuisl...@gmail.com wrote: This particular exploit is a buffer overflow in the event message where the client can specify a disconnect message, and the server will serialize an event containing that message. There is an issue with the function that serializes the game event that causes a buffer overflow in the net message, and so it has to potential to crash other clients or make them receive commands from another player relayed through the server. On Mon, Apr 26, 2010 at 7:57 PM, Matt Lyons mly...@internode.com.au wrote: Ok after a bit more googling its a hack: http://www.youtube.com/watch?v=xsC8GtSWuyU If you parse or stream your log files for monitoring you should probably add a watch/event for these long disconnect messages as they are using a 3rd party program to do so. ML. On 27/04/2010, at 11:16 AM, Matt Lyons wrote: Over the last few days I've had a couple of my servers experience weird behaviour, pausing, restarting or outright crashing. Notes: - Servers are using the beta update from a few days ago. - Servers are using latest version of SM/Meta Mod running kac and rcon_lock - rcon TCP port is blocked and rcon password is secure (32 digits of random letters/numbers) - No crash dump - Log file cuts out mid stream. - Nothing obvious in the log files except for disconnect messages like the following: L 04/26/2010 - 16:30:28: Player Name]1260STEAM_0:X:XXXTERRORIST disconnected (reason SS) (Player name and steam ID removed to protect the guilty.) When such a log entry appears there are lots of comments straight after of server weirdness. I was just in one of my servers then when it restarted after the above message. Anyone else seen this? -- Matt Lyons Content Administrator, games.on.net Email: m...@games.on.net Web: http://games.on.net In theory, there is no difference between theory and practice; In practice, there is. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] CSS: Long disconnect messages crashing servers?
Watching that YouTube video he said he wrote a plugin for it (that he's now selling), yet another reason why client-side plugins should be blocked. - From: Kigen theki...@gmail.com Sent: Tuesday, April 27, 2010 11:25 AM To: Half-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com Subject: Re: [hlds] CSS: Long disconnect messages crashing servers? KAC 1.2.1.0 should block the disconnect exploit without interfering with normal disconnects so you know why someone left otherwise. All the other fixes just replace the reason all the time with something else. Right now, I'm not really expecting any fix until it because pretty normal for people to go into unprotected servers and use the exploit to cause people to disconnect with VAC messages, pausing, and then the simple disconnect all. On Mon, Apr 26, 2010 at 10:06 PM, Kyle Sanderson kyle.l...@gmail.com wrote: http://forums.alliedmods.net/showthread.php?p=1139769 http://forums.alliedmods.net/showthread.php?p=1139769 http://forums.alliedmods.net/showthread.php?p=841590 http://forums.alliedmods.net/showthread.php?p=841590 http://forums.alliedmods.net/forumdisplay.php?f=133 http://forums.alliedmods.net/forumdisplay.php?f=133No acknowledgement from Valve yet, as usual. Kyle On Mon, Apr 26, 2010 at 7:03 PM, AzuiSleet azuisl...@gmail.com wrote: This particular exploit is a buffer overflow in the event message where the client can specify a disconnect message, and the server will serialize an event containing that message. There is an issue with the function that serializes the game event that causes a buffer overflow in the net message, and so it has to potential to crash other clients or make them receive commands from another player relayed through the server. On Mon, Apr 26, 2010 at 7:57 PM, Matt Lyons mly...@internode.com.au wrote: Ok after a bit more googling its a hack: http://www.youtube.com/watch?v=xsC8GtSWuyU If you parse or stream your log files for monitoring you should probably add a watch/event for these long disconnect messages as they are using a 3rd party program to do so. ML. On 27/04/2010, at 11:16 AM, Matt Lyons wrote: Over the last few days I've had a couple of my servers experience weird behaviour, pausing, restarting or outright crashing. Notes: - Servers are using the beta update from a few days ago. - Servers are using latest version of SM/Meta Mod running kac and rcon_lock - rcon TCP port is blocked and rcon password is secure (32 digits of random letters/numbers) - No crash dump - Log file cuts out mid stream. - Nothing obvious in the log files except for disconnect messages like the following: L 04/26/2010 - 16:30:28: Player Name]1260STEAM_0:X:XXXTERRORIST disconnected (reason SS) (Player name and steam ID removed to protect the guilty.) When such a log entry appears there are lots of comments straight after of server weirdness. I was just in one of my servers then when it restarted after the above message. Anyone else seen this? -- Matt Lyons Content Administrator, games.on.net Email: m...@games.on.net Web: http://games.on.net In theory, there is no difference between theory and practice; In practice, there is. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] CSS: Long disconnect messages crashing servers?
On 27/04/2010, at 2:45 PM, dmex wrote: Watching that YouTube video he said he wrote a plugin for it (that he's now selling), yet another reason why client-side plugins should be blocked. Lets not start that up again. ;) I did read an older source update from 2009 that was supposed to fix the exploit. Its either regressed or didn't fully capture the problem. I've grabbed the latest kac and rolled it out, will see if that stops it. Course I wont know until someone tries it again. -- Matt Lyons Content Administrator, games.on.net Email: m...@games.on.net Web: http://games.on.net In theory, there is no difference between theory and practice; In practice, there is. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] CSS: Long disconnect messages crashing servers?
They all have to use LSS or some plugin they create. Its not that new. Again, is anything going to happen? Probably not. Unfortunately, many of my attempts to contact Valve employees to help them fix the massive amounts of exploits that the Source engine has fallen on deft ears. On Tue, Apr 27, 2010 at 12:15 AM, dmex dme...@gmail.com wrote: Watching that YouTube video he said he wrote a plugin for it (that he's now selling), yet another reason why client-side plugins should be blocked. - From: Kigen theki...@gmail.com Sent: Tuesday, April 27, 2010 11:25 AM To: Half-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com Subject: Re: [hlds] CSS: Long disconnect messages crashing servers? KAC 1.2.1.0 should block the disconnect exploit without interfering with normal disconnects so you know why someone left otherwise. All the other fixes just replace the reason all the time with something else. Right now, I'm not really expecting any fix until it because pretty normal for people to go into unprotected servers and use the exploit to cause people to disconnect with VAC messages, pausing, and then the simple disconnect all. On Mon, Apr 26, 2010 at 10:06 PM, Kyle Sanderson kyle.l...@gmail.com wrote: http://forums.alliedmods.net/showthread.php?p=1139769 http://forums.alliedmods.net/showthread.php?p=1139769 http://forums.alliedmods.net/showthread.php?p=841590 http://forums.alliedmods.net/showthread.php?p=841590 http://forums.alliedmods.net/forumdisplay.php?f=133 http://forums.alliedmods.net/forumdisplay.php?f=133No acknowledgement from Valve yet, as usual. Kyle On Mon, Apr 26, 2010 at 7:03 PM, AzuiSleet azuisl...@gmail.com wrote: This particular exploit is a buffer overflow in the event message where the client can specify a disconnect message, and the server will serialize an event containing that message. There is an issue with the function that serializes the game event that causes a buffer overflow in the net message, and so it has to potential to crash other clients or make them receive commands from another player relayed through the server. On Mon, Apr 26, 2010 at 7:57 PM, Matt Lyons mly...@internode.com.au wrote: Ok after a bit more googling its a hack: http://www.youtube.com/watch?v=xsC8GtSWuyU If you parse or stream your log files for monitoring you should probably add a watch/event for these long disconnect messages as they are using a 3rd party program to do so. ML. On 27/04/2010, at 11:16 AM, Matt Lyons wrote: Over the last few days I've had a couple of my servers experience weird behaviour, pausing, restarting or outright crashing. Notes: - Servers are using the beta update from a few days ago. - Servers are using latest version of SM/Meta Mod running kac and rcon_lock - rcon TCP port is blocked and rcon password is secure (32 digits of random letters/numbers) - No crash dump - Log file cuts out mid stream. - Nothing obvious in the log files except for disconnect messages like the following: L 04/26/2010 - 16:30:28: Player Name]1260STEAM_0:X:XXXTERRORIST disconnected (reason SS) (Player name and steam ID removed to protect the guilty.) When such a log entry appears there are lots of comments straight after of server weirdness. I was just in one of my servers then when it restarted after the above message. Anyone else seen this? -- Matt Lyons Content Administrator, games.on.net Email: m...@games.on.net Web: http://games.on.net In theory, there is no difference between theory and practice; In practice, there is. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please
