Re: [hlds] Its the law!

[Steven Crothers]

Not to re-open this, but if you run your own machine, you can IPTable the
TCP gameport to certain IP's to limit RCON.

On Tue, Nov 17, 2009 at 1:12 PM, Ronny Schedel i...@ronny-schedel.dewrote:

 Strange, because TF2 isn't even 7 years old.


 - Original Message -
 From: Charles Mabbott cmabb...@verizon.net
 To: 'Half-Life dedicated Win32 server mailing list'
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 7:05 PM
 Subject: Re: [hlds] Its the law!


 Short answer, yes it does.


 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
 Sent: Tuesday, November 17, 2009 12:17 PM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 But does is it work today with a fully patched server?

 Google it and theres almost the same exploit from 7 years ago?

 Ronny Schedel wrote:
  But didn't they fix this file download bug some months ago?
 
 
  - Original Message -
  From: Spencer 'voogru' MacDonald voo...@voogru.com
  To: 'Half-Life dedicated Win32 server mailing list'
  hlds@list.valvesoftware.com
  Sent: Tuesday, November 17, 2009 4:14 PM
  Subject: Re: [hlds] Its the law!
 
 
  Here is a possible patch for the new found exploit. It hasn't been fully
  tested yet though since I am only speculating on how this exploit is
 being
  performed.
 
  This plug-in will output a log event every time someone requests a file
  from
  the server, whether it be a spray logo file or your server.cfg.
 
  http://forums.alliedmods.net/showthread.php?p=992047
 
  -Original Message-
  From: hlds-boun...@list.valvesoftware.com
  [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
  Sent: Tuesday, November 17, 2009 2:06 AM
  To: Half-Life dedicated Win32 server mailing list
  Subject: Re: [hlds] Its the law!
 
  Under which conditions?
 
 
  - Original Message -
  From: 1nsane 1nsane...@gmail.com
  To: Half-Life dedicated Win32 server mailing list
  hlds@list.valvesoftware.com
  Sent: Tuesday, November 17, 2009 12:31 AM
  Subject: Re: [hlds] Its the law!
 
 
  Under certain conditions It is possible to download files from the
 server.
  Server.cfg being a good one.
 
  Also the reverse is true.
 
  On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:
 
 
  It's just cracking rcon password, then they set it to private and change
  the name.
  So just having rcon locker and a nice password fixes it.
 
 
 
  From: i...@ronny-schedel.de
  To: hlds@list.valvesoftware.com
  Date: Mon, 16 Nov 2009 23:32:24 +0100
  Subject: Re: [hlds] Its the law!
 
  The big question is: how is it done? Let's hope there is backdoor in
 the
  fake player app and not a bug in the server code.
 
 
  http://img692.imageshack.us/img692/4728/71956486.jpg
  I lay money on Lotusclan getting there comeuppance!
 
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
 
  please visit:
 
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
  _
  Windows Live: Make it easier for your friends to see what you're up to
 on
  Facebook.
  http://go.microsoft.com/?linkid=9691816
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 

 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives

Re: [hlds] Its the law!

[Ronny Schedel]

How does it prevent the remote file download of the server.cfg?

 Not to re-open this, but if you run your own machine, you can IPTable the
 TCP gameport to certain IP's to limit RCON.

 On Tue, Nov 17, 2009 at 1:12 PM, Ronny Schedel 
 i...@ronny-schedel.dewrote:

 Strange, because TF2 isn't even 7 years old.


 - Original Message -
 From: Charles Mabbott cmabb...@verizon.net
 To: 'Half-Life dedicated Win32 server mailing list'
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 7:05 PM
 Subject: Re: [hlds] Its the law!


 Short answer, yes it does.


 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
 Sent: Tuesday, November 17, 2009 12:17 PM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 But does is it work today with a fully patched server?

 Google it and theres almost the same exploit from 7 years ago?

 Ronny Schedel wrote:
  But didn't they fix this file download bug some months ago?
 
 
  - Original Message -
  From: Spencer 'voogru' MacDonald voo...@voogru.com
  To: 'Half-Life dedicated Win32 server mailing list'
  hlds@list.valvesoftware.com
  Sent: Tuesday, November 17, 2009 4:14 PM
  Subject: Re: [hlds] Its the law!
 
 
  Here is a possible patch for the new found exploit. It hasn't been 
  fully
  tested yet though since I am only speculating on how this exploit is
 being
  performed.
 
  This plug-in will output a log event every time someone requests a file
  from
  the server, whether it be a spray logo file or your server.cfg.
 
  http://forums.alliedmods.net/showthread.php?p=992047
 
  -Original Message-
  From: hlds-boun...@list.valvesoftware.com
  [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
  Sent: Tuesday, November 17, 2009 2:06 AM
  To: Half-Life dedicated Win32 server mailing list
  Subject: Re: [hlds] Its the law!
 
  Under which conditions?
 
 
  - Original Message -
  From: 1nsane 1nsane...@gmail.com
  To: Half-Life dedicated Win32 server mailing list
  hlds@list.valvesoftware.com
  Sent: Tuesday, November 17, 2009 12:31 AM
  Subject: Re: [hlds] Its the law!
 
 
  Under certain conditions It is possible to download files from the
 server.
  Server.cfg being a good one.
 
  Also the reverse is true.
 
  On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:
 
 
  It's just cracking rcon password, then they set it to private and 
  change
  the name.
  So just having rcon locker and a nice password fixes it.
 
 
 
  From: i...@ronny-schedel.de
  To: hlds@list.valvesoftware.com
  Date: Mon, 16 Nov 2009 23:32:24 +0100
  Subject: Re: [hlds] Its the law!
 
  The big question is: how is it done? Let's hope there is backdoor in
 the
  fake player app and not a bug in the server code.
 
 
  http://img692.imageshack.us/img692/4728/71956486.jpg
  I lay money on Lotusclan getting there comeuppance!
 
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list 
  archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list 
  archives,
 
  please visit:
 
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
  _
  Windows Live: Make it easier for your friends to see what you're up to
 on
  Facebook.
  http://go.microsoft.com/?linkid=9691816
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 

 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Spencer 'voogru' MacDonald]

Here is a possible patch for the new found exploit. It hasn't been fully
tested yet though since I am only speculating on how this exploit is being
performed.

This plug-in will output a log event every time someone requests a file from
the server, whether it be a spray logo file or your server.cfg.

http://forums.alliedmods.net/showthread.php?p=992047

-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
Sent: Tuesday, November 17, 2009 2:06 AM
To: Half-Life dedicated Win32 server mailing list
Subject: Re: [hlds] Its the law!

Under which conditions?


- Original Message - 
From: 1nsane 1nsane...@gmail.com
To: Half-Life dedicated Win32 server mailing list 
hlds@list.valvesoftware.com
Sent: Tuesday, November 17, 2009 12:31 AM
Subject: Re: [hlds] Its the law!


Under certain conditions It is possible to download files from the server.
Server.cfg being a good one.

Also the reverse is true.

On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:


 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.


  From: i...@ronny-schedel.de
  To: hlds@list.valvesoftware.com
  Date: Mon, 16 Nov 2009 23:32:24 +0100
  Subject: Re: [hlds] Its the law!
 
  The big question is: how is it done? Let's hope there is backdoor in the
  fake player app and not a bug in the server code.
 
   http://img692.imageshack.us/img692/4728/71956486.jpg
   I lay money on Lotusclan getting there comeuppance!
  
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you’re up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Ronny Schedel]

But didn't they fix this file download bug some months ago?


- Original Message - 
From: Spencer 'voogru' MacDonald voo...@voogru.com
To: 'Half-Life dedicated Win32 server mailing list' 
hlds@list.valvesoftware.com
Sent: Tuesday, November 17, 2009 4:14 PM
Subject: Re: [hlds] Its the law!


Here is a possible patch for the new found exploit. It hasn't been fully
tested yet though since I am only speculating on how this exploit is being
performed.

This plug-in will output a log event every time someone requests a file from
the server, whether it be a spray logo file or your server.cfg.

http://forums.alliedmods.net/showthread.php?p=992047

-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
Sent: Tuesday, November 17, 2009 2:06 AM
To: Half-Life dedicated Win32 server mailing list
Subject: Re: [hlds] Its the law!

Under which conditions?


- Original Message - 
From: 1nsane 1nsane...@gmail.com
To: Half-Life dedicated Win32 server mailing list
hlds@list.valvesoftware.com
Sent: Tuesday, November 17, 2009 12:31 AM
Subject: Re: [hlds] Its the law!


Under certain conditions It is possible to download files from the server.
Server.cfg being a good one.

Also the reverse is true.

On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:


 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.


  From: i...@ronny-schedel.de
  To: hlds@list.valvesoftware.com
  Date: Mon, 16 Nov 2009 23:32:24 +0100
  Subject: Re: [hlds] Its the law!
 
  The big question is: how is it done? Let's hope there is backdoor in the
  fake player app and not a bug in the server code.
 
   http://img692.imageshack.us/img692/4728/71956486.jpg
   I lay money on Lotusclan getting there comeuppance!
  
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you're up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[[??R] The-/iller]

It seems they probably hit a bunch of servers but only picked on runs 
running fakeclients, 4/5 of our tf2 servers had the cfgs downloaded 3 of 
those had the fakeclients plugin and of which only 1 was hit, all had 
the same rcons too.

Violent Crimes wrote:
 My server has that file in it. But the thing is I do not run Fake 
 Clients nor have I ever.

 Octo wrote:
   
 On Mon, Nov 16, 2009 at 09:35:14PM -0800, SmOoThEm wrote:
   
 
 The spaces were in the file name, that is an exact copy and paste of the
 file name. And to reply about admins trying to get their servers started
 if you have been doing this for as long as I have you find it gets really
 old populating servers every day for years on end, especially when you have
 20+.
 
   
 Oh I know, I have had between 2 and 10 servers since tf2 beta (currently
 8) but I still don't think that having a bunch of servers makes it ok to
 trick users or try to gain an advantage by faking information about your
 servers.  Since people do cheat the system, that forces all the honest
 server operators to have to choose between also being dishonest or having
 to work even harder to get their servers going.  This is the same garbage
 excuse that people spewed when they lied about their server tags - and
 it stunk then and it stinks now.  I'll keep hoping that some day there
 is a blacklist, and then you can really experience empty servers. 

 I like having players on my server as much as the next admin, but unless
 you're doing some sort of a money grab by selling admin or have found a 
 way to convert server popularity into something useful IRL I honestly
 don't understand why there is such a drive to race to the bottom.

 -octo
  
   
 
 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Octo
 Sent: Monday, November 16, 2009 9:14 PM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 On Mon, Nov 16, 2009 at 07:44:58PM -0800, SmOoThEm wrote:
 
   
 These people downloaded everyone's server configs, and my rcon password
   
 
 was
 
   
 unhackable due to the complexity of it. Only one of my servers were
 affected. If you look in your cfg folder and you see a server.cfg.
   
 
 .ztmp
 
   
 then you have been hacked too. I have a feeling there is a major exploit
   
 
 in
 
   
 the wild that will soon hit more than fakeclient servers.
   
 
 Are those spaces or a tab trailing the .cfg?
  
 
   
 And for the record we run fake clients for one reason, so our server shows
 up on the list when you refresh. By default empty servers will not show up
 in the master list, no one will ever see the empty server to populate it.
   
 
 We
 
   
 only have 1 client running because we know how much the community hates
 them.
   
 
 So why not lobby for that setting to be changed, or maybe sit on your server
 like other admins do trying to get them going?  As an admin who does take
 the
 time to try to get his servers going and rewards users who take the time to
 make the servers visible I'm glad to see that your community believes that
 the
 best way of achieving the same result is dishonesty.  

 -octo

 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives, 
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds
 
   
 ___
 To unsubscribe, edit your list preferences, or view the list archives, 
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds
 


 No virus found in this incoming message.
 Checked by AVG - www.avg.com 
 Version: 9.0.707 / Virus Database: 270.14.68/2507 - Release Date: 11/16/09 
 14:53:00

   
 


 ___
 To unsubscribe, edit your list preferences, or view the list archives, please 
 visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

   

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[[??R] The-/iller]

Google it and theres almost the same exploit from 7 years ago?

Ronny Schedel wrote:
 But didn't they fix this file download bug some months ago?


 - Original Message - 
 From: Spencer 'voogru' MacDonald voo...@voogru.com
 To: 'Half-Life dedicated Win32 server mailing list' 
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 4:14 PM
 Subject: Re: [hlds] Its the law!


 Here is a possible patch for the new found exploit. It hasn't been fully
 tested yet though since I am only speculating on how this exploit is being
 performed.

 This plug-in will output a log event every time someone requests a file from
 the server, whether it be a spray logo file or your server.cfg.

 http://forums.alliedmods.net/showthread.php?p=992047

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
 Sent: Tuesday, November 17, 2009 2:06 AM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 Under which conditions?


 - Original Message - 
 From: 1nsane 1nsane...@gmail.com
 To: Half-Life dedicated Win32 server mailing list
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 12:31 AM
 Subject: Re: [hlds] Its the law!


 Under certain conditions It is possible to download files from the server.
 Server.cfg being a good one.

 Also the reverse is true.

 On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:

   
 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.


 
 From: i...@ronny-schedel.de
 To: hlds@list.valvesoftware.com
 Date: Mon, 16 Nov 2009 23:32:24 +0100
 Subject: Re: [hlds] Its the law!

 The big question is: how is it done? Let's hope there is backdoor in the
 fake player app and not a bug in the server code.

   
 http://img692.imageshack.us/img692/4728/71956486.jpg
 I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

 
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
   
 please visit:
 
 http://list.valvesoftware.com/mailman/listinfo/hlds
   
 _
 Windows Live: Make it easier for your friends to see what you're up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

 
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives, 
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives, please 
 visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

   

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Ronny Schedel]

But does is it work today with a fully patched server?

Google it and theres almost the same exploit from 7 years ago?

Ronny Schedel wrote:
 But didn't they fix this file download bug some months ago?


 - Original Message - 
 From: Spencer 'voogru' MacDonald voo...@voogru.com
 To: 'Half-Life dedicated Win32 server mailing list'
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 4:14 PM
 Subject: Re: [hlds] Its the law!


 Here is a possible patch for the new found exploit. It hasn't been fully
 tested yet though since I am only speculating on how this exploit is being
 performed.

 This plug-in will output a log event every time someone requests a file 
 from
 the server, whether it be a spray logo file or your server.cfg.

 http://forums.alliedmods.net/showthread.php?p=992047

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
 Sent: Tuesday, November 17, 2009 2:06 AM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 Under which conditions?


 - Original Message - 
 From: 1nsane 1nsane...@gmail.com
 To: Half-Life dedicated Win32 server mailing list
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 12:31 AM
 Subject: Re: [hlds] Its the law!


 Under certain conditions It is possible to download files from the server.
 Server.cfg being a good one.

 Also the reverse is true.

 On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:


 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.



 From: i...@ronny-schedel.de
 To: hlds@list.valvesoftware.com
 Date: Mon, 16 Nov 2009 23:32:24 +0100
 Subject: Re: [hlds] Its the law!

 The big question is: how is it done? Let's hope there is backdoor in the
 fake player app and not a bug in the server code.


 http://img692.imageshack.us/img692/4728/71956486.jpg
 I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,

 please visit:

 http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you're up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives, 
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds



___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Charles Mabbott]

Short answer, yes it does.


-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
Sent: Tuesday, November 17, 2009 12:17 PM
To: Half-Life dedicated Win32 server mailing list
Subject: Re: [hlds] Its the law!

But does is it work today with a fully patched server?

Google it and theres almost the same exploit from 7 years ago?

Ronny Schedel wrote:
 But didn't they fix this file download bug some months ago?


 - Original Message - 
 From: Spencer 'voogru' MacDonald voo...@voogru.com
 To: 'Half-Life dedicated Win32 server mailing list'
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 4:14 PM
 Subject: Re: [hlds] Its the law!


 Here is a possible patch for the new found exploit. It hasn't been fully
 tested yet though since I am only speculating on how this exploit is being
 performed.

 This plug-in will output a log event every time someone requests a file 
 from
 the server, whether it be a spray logo file or your server.cfg.

 http://forums.alliedmods.net/showthread.php?p=992047

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
 Sent: Tuesday, November 17, 2009 2:06 AM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 Under which conditions?


 - Original Message - 
 From: 1nsane 1nsane...@gmail.com
 To: Half-Life dedicated Win32 server mailing list
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 12:31 AM
 Subject: Re: [hlds] Its the law!


 Under certain conditions It is possible to download files from the server.
 Server.cfg being a good one.

 Also the reverse is true.

 On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:


 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.



 From: i...@ronny-schedel.de
 To: hlds@list.valvesoftware.com
 Date: Mon, 16 Nov 2009 23:32:24 +0100
 Subject: Re: [hlds] Its the law!

 The big question is: how is it done? Let's hope there is backdoor in the
 fake player app and not a bug in the server code.


 http://img692.imageshack.us/img692/4728/71956486.jpg
 I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,

 please visit:

 http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you're up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives, 
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds



___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Spencer 'voogru' MacDonald]

Welcome to 2003.

http://www.mail-archive.com/hlds_li...@list.valvesoftware.com/msg23299.html



-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Charles Mabbott
Sent: Tuesday, November 17, 2009 1:05 PM
To: 'Half-Life dedicated Win32 server mailing list'
Subject: Re: [hlds] Its the law!

Short answer, yes it does.


-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
Sent: Tuesday, November 17, 2009 12:17 PM
To: Half-Life dedicated Win32 server mailing list
Subject: Re: [hlds] Its the law!

But does is it work today with a fully patched server?

Google it and theres almost the same exploit from 7 years ago?

Ronny Schedel wrote:
 But didn't they fix this file download bug some months ago?


 - Original Message - 
 From: Spencer 'voogru' MacDonald voo...@voogru.com
 To: 'Half-Life dedicated Win32 server mailing list'
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 4:14 PM
 Subject: Re: [hlds] Its the law!


 Here is a possible patch for the new found exploit. It hasn't been fully
 tested yet though since I am only speculating on how this exploit is being
 performed.

 This plug-in will output a log event every time someone requests a file 
 from
 the server, whether it be a spray logo file or your server.cfg.

 http://forums.alliedmods.net/showthread.php?p=992047

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
 Sent: Tuesday, November 17, 2009 2:06 AM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 Under which conditions?


 - Original Message - 
 From: 1nsane 1nsane...@gmail.com
 To: Half-Life dedicated Win32 server mailing list
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 12:31 AM
 Subject: Re: [hlds] Its the law!


 Under certain conditions It is possible to download files from the server.
 Server.cfg being a good one.

 Also the reverse is true.

 On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:


 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.



 From: i...@ronny-schedel.de
 To: hlds@list.valvesoftware.com
 Date: Mon, 16 Nov 2009 23:32:24 +0100
 Subject: Re: [hlds] Its the law!

 The big question is: how is it done? Let's hope there is backdoor in the
 fake player app and not a bug in the server code.


 http://img692.imageshack.us/img692/4728/71956486.jpg
 I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,

 please visit:

 http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you're up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives, 
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds



___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman

Re: [hlds] Its the law!

[Ronny Schedel]

Strange, because TF2 isn't even 7 years old.


- Original Message - 
From: Charles Mabbott cmabb...@verizon.net
To: 'Half-Life dedicated Win32 server mailing list' 
hlds@list.valvesoftware.com
Sent: Tuesday, November 17, 2009 7:05 PM
Subject: Re: [hlds] Its the law!


Short answer, yes it does.


-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
Sent: Tuesday, November 17, 2009 12:17 PM
To: Half-Life dedicated Win32 server mailing list
Subject: Re: [hlds] Its the law!

But does is it work today with a fully patched server?

Google it and theres almost the same exploit from 7 years ago?

Ronny Schedel wrote:
 But didn't they fix this file download bug some months ago?


 - Original Message - 
 From: Spencer 'voogru' MacDonald voo...@voogru.com
 To: 'Half-Life dedicated Win32 server mailing list'
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 4:14 PM
 Subject: Re: [hlds] Its the law!


 Here is a possible patch for the new found exploit. It hasn't been fully
 tested yet though since I am only speculating on how this exploit is being
 performed.

 This plug-in will output a log event every time someone requests a file
 from
 the server, whether it be a spray logo file or your server.cfg.

 http://forums.alliedmods.net/showthread.php?p=992047

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Ronny Schedel
 Sent: Tuesday, November 17, 2009 2:06 AM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 Under which conditions?


 - Original Message - 
 From: 1nsane 1nsane...@gmail.com
 To: Half-Life dedicated Win32 server mailing list
 hlds@list.valvesoftware.com
 Sent: Tuesday, November 17, 2009 12:31 AM
 Subject: Re: [hlds] Its the law!


 Under certain conditions It is possible to download files from the server.
 Server.cfg being a good one.

 Also the reverse is true.

 On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:


 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.



 From: i...@ronny-schedel.de
 To: hlds@list.valvesoftware.com
 Date: Mon, 16 Nov 2009 23:32:24 +0100
 Subject: Re: [hlds] Its the law!

 The big question is: how is it done? Let's hope there is backdoor in the
 fake player app and not a bug in the server code.


 http://img692.imageshack.us/img692/4728/71956486.jpg
 I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,

 please visit:

 http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you're up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds



___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

[hlds] Its the law!

[Richard Green]

http://img692.imageshack.us/img692/4728/71956486.jpg 
 I lay money on Lotusclan getting there comeuppance!



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Tony Paloma]

There is a spuf thread about this:
http://forums.steampowered.com/forums/showthread.php?t=1027833

Why don't we keep the discussion there so that the relative amount of idiocy
here can remain low.

-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Richard Green
Sent: Monday, November 16, 2009 1:48 PM
To: 'Half-Life dedicated Win32 server mailing list'
Subject: [hlds] Its the law!

http://img692.imageshack.us/img692/4728/71956486.jpg 
 I lay money on Lotusclan getting there comeuppance!



___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Justin]

Haha, i told you fakeclients was worse than cracking a server..

On Mon, Nov 16, 2009 at 4:50 PM, Tony Paloma drunkenf...@hotmail.comwrote:

 There is a spuf thread about this:
 http://forums.steampowered.com/forums/showthread.php?t=1027833

 Why don't we keep the discussion there so that the relative amount of
 idiocy
 here can remain low.

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Richard Green
 Sent: Monday, November 16, 2009 1:48 PM
 To: 'Half-Life dedicated Win32 server mailing list'
 Subject: [hlds] Its the law!

 http://img692.imageshack.us/img692/4728/71956486.jpg
  I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[1nsane]

Oh cool, downloading server.cfg.

On Mon, Nov 16, 2009 at 4:50 PM, Tony Paloma drunkenf...@hotmail.comwrote:

 There is a spuf thread about this:
 http://forums.steampowered.com/forums/showthread.php?t=1027833

 Why don't we keep the discussion there so that the relative amount of
 idiocy
 here can remain low.

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Richard Green
 Sent: Monday, November 16, 2009 1:48 PM
 To: 'Half-Life dedicated Win32 server mailing list'
 Subject: [hlds] Its the law!

 http://img692.imageshack.us/img692/4728/71956486.jpg
  I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Ronny Schedel]

The big question is: how is it done? Let's hope there is backdoor in the 
fake player app and not a bug in the server code.

 http://img692.imageshack.us/img692/4728/71956486.jpg
 I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list archives, 
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds
 


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[JäKë T]

It's just cracking rcon password, then they set it to private and change the 
name.
So just having rcon locker and a nice password fixes it.


 From: i...@ronny-schedel.de
 To: hlds@list.valvesoftware.com
 Date: Mon, 16 Nov 2009 23:32:24 +0100
 Subject: Re: [hlds] Its the law!
 
 The big question is: how is it done? Let's hope there is backdoor in the 
 fake player app and not a bug in the server code.
 
  http://img692.imageshack.us/img692/4728/71956486.jpg
  I lay money on Lotusclan getting there comeuppance!
 
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives, 
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
  
 
 
 ___
 To unsubscribe, edit your list preferences, or view the list archives, please 
 visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds
  
_
Windows Live: Make it easier for your friends to see what you’re up to on 
Facebook.
http://go.microsoft.com/?linkid=9691816
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Joel R.]

I thought you get auto-banned after like 3 missed rcon password attempts. I
remember this happening to me on my own server and it would last for hours!

On Mon, Nov 16, 2009 at 4:37 PM, JäKë T can_kic...@hotmail.com wrote:


 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.


  From: i...@ronny-schedel.de
  To: hlds@list.valvesoftware.com
  Date: Mon, 16 Nov 2009 23:32:24 +0100
  Subject: Re: [hlds] Its the law!
 
  The big question is: how is it done? Let's hope there is backdoor in the
  fake player app and not a bug in the server code.
 
   http://img692.imageshack.us/img692/4728/71956486.jpg
   I lay money on Lotusclan getting there comeuppance!
  
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you’re up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[1nsane]

Under certain conditions It is possible to download files from the server.
Server.cfg being a good one.

Also the reverse is true.

On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:


 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.


  From: i...@ronny-schedel.de
  To: hlds@list.valvesoftware.com
  Date: Mon, 16 Nov 2009 23:32:24 +0100
  Subject: Re: [hlds] Its the law!
 
  The big question is: how is it done? Let's hope there is backdoor in the
  fake player app and not a bug in the server code.
 
   http://img692.imageshack.us/img692/4728/71956486.jpg
   I lay money on Lotusclan getting there comeuppance!
  
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you’re up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Alex]

They got what was coming to them. Good for him :)

1nsane wrote:
 Under certain conditions It is possible to download files from the server.
 Server.cfg being a good one.

 Also the reverse is true.

 On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:

   
 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.


 
 From: i...@ronny-schedel.de
 To: hlds@list.valvesoftware.com
 Date: Mon, 16 Nov 2009 23:32:24 +0100
 Subject: Re: [hlds] Its the law!

 The big question is: how is it done? Let's hope there is backdoor in the
 fake player app and not a bug in the server code.

   
 http://img692.imageshack.us/img692/4728/71956486.jpg
 I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

 
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
   
 please visit:
 
 http://list.valvesoftware.com/mailman/listinfo/hlds
   
 _
 Windows Live: Make it easier for your friends to see what you’re up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

 
 ___
 To unsubscribe, edit your list preferences, or view the list archives, please 
 visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds




 __ Information from ESET Smart Security, version of virus signature 
 database 4613 (20091116) __

 The message was checked by ESET Smart Security.

 http://www.eset.com


   



__ Information from ESET Smart Security, version of virus signature 
database 4613 (20091116) __

The message was checked by ESET Smart Security.

http://www.eset.com



___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Craig McLure]

Maybe, but I'm pretty sure that's illegal in most countries :/

2009/11/17 Alex chewy_s...@hotmail.com

 They got what was coming to them. Good for him :)

 1nsane wrote:
  Under certain conditions It is possible to download files from the
 server.
  Server.cfg being a good one.
 
  Also the reverse is true.
 
  On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:
 
 
  It's just cracking rcon password, then they set it to private and change
  the name.
  So just having rcon locker and a nice password fixes it.
 
 
 
  From: i...@ronny-schedel.de
  To: hlds@list.valvesoftware.com
  Date: Mon, 16 Nov 2009 23:32:24 +0100
  Subject: Re: [hlds] Its the law!
 
  The big question is: how is it done? Let's hope there is backdoor in
 the
  fake player app and not a bug in the server code.
 
 
  http://img692.imageshack.us/img692/4728/71956486.jpg
  I lay money on Lotusclan getting there comeuppance!
 
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
 
  please visit:
 
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
  _
  Windows Live: Make it easier for your friends to see what you’re up to
 on
  Facebook.
  http://go.microsoft.com/?linkid=9691816
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
 
 
  __ Information from ESET Smart Security, version of virus
 signature database 4613 (20091116) __
 
  The message was checked by ESET Smart Security.
 
  http://www.eset.com
 
 
 



 __ Information from ESET Smart Security, version of virus signature
 database 4613 (20091116) __

 The message was checked by ESET Smart Security.

 http://www.eset.com



 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds




-- 
/**
*Craig FrostyCoolSlug McLure
* ChatSpike- http://www.chatspike.net
* InspIRCd - http://www.inspircd.org
**/
___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Shizzle Nizzle]

ip filtering your rcon port.. does the job and keeps all the rcon exploits
away. for those on windows just use emsa port blocker

On Mon, Nov 16, 2009 at 6:31 PM, Craig McLure cr...@chatspike.net wrote:

 Maybe, but I'm pretty sure that's illegal in most countries :/

 2009/11/17 Alex chewy_s...@hotmail.com

  They got what was coming to them. Good for him :)
 
  1nsane wrote:
   Under certain conditions It is possible to download files from the
  server.
   Server.cfg being a good one.
  
   Also the reverse is true.
  
   On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com
 wrote:
  
  
   It's just cracking rcon password, then they set it to private and
 change
   the name.
   So just having rcon locker and a nice password fixes it.
  
  
  
   From: i...@ronny-schedel.de
   To: hlds@list.valvesoftware.com
   Date: Mon, 16 Nov 2009 23:32:24 +0100
   Subject: Re: [hlds] Its the law!
  
   The big question is: how is it done? Let's hope there is backdoor in
  the
   fake player app and not a bug in the server code.
  
  
   http://img692.imageshack.us/img692/4728/71956486.jpg
   I lay money on Lotusclan getting there comeuppance!
  
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list
 archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list
 archives,
  
   please visit:
  
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
   _
   Windows Live: Make it easier for your friends to see what you’re up to
  on
   Facebook.
   http://go.microsoft.com/?linkid=9691816
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  
  
  
   __ Information from ESET Smart Security, version of virus
  signature database 4613 (20091116) __
  
   The message was checked by ESET Smart Security.
  
   http://www.eset.com
  
  
  
 
 
 
  __ Information from ESET Smart Security, version of virus
 signature
  database 4613 (20091116) __
 
  The message was checked by ESET Smart Security.
 
  http://www.eset.com
 
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 



 --
 /**
 *Craig FrostyCoolSlug McLure
 * ChatSpike- http://www.chatspike.net
 * InspIRCd - http://www.inspircd.org
 **/
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Tony Paloma]

Or IPSec rules.

-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Shizzle Nizzle
Sent: Monday, November 16, 2009 4:51 PM
To: Half-Life dedicated Win32 server mailing list
Subject: Re: [hlds] Its the law!

ip filtering your rcon port.. does the job and keeps all the rcon exploits
away. for those on windows just use emsa port blocker

On Mon, Nov 16, 2009 at 6:31 PM, Craig McLure cr...@chatspike.net wrote:

 Maybe, but I'm pretty sure that's illegal in most countries :/

 2009/11/17 Alex chewy_s...@hotmail.com

  They got what was coming to them. Good for him :)
 
  1nsane wrote:
   Under certain conditions It is possible to download files from the
  server.
   Server.cfg being a good one.
  
   Also the reverse is true.
  
   On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com
 wrote:
  
  
   It's just cracking rcon password, then they set it to private and
 change
   the name.
   So just having rcon locker and a nice password fixes it.
  
  
  
   From: i...@ronny-schedel.de
   To: hlds@list.valvesoftware.com
   Date: Mon, 16 Nov 2009 23:32:24 +0100
   Subject: Re: [hlds] Its the law!
  
   The big question is: how is it done? Let's hope there is backdoor in
  the
   fake player app and not a bug in the server code.
  
  
   http://img692.imageshack.us/img692/4728/71956486.jpg
   I lay money on Lotusclan getting there comeuppance!
  
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list
 archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list
 archives,
  
   please visit:
  
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
   _
   Windows Live: Make it easier for your friends to see what you’re up
to
  on
   Facebook.
   http://go.microsoft.com/?linkid=9691816
   ___
   To unsubscribe, edit your list preferences, or view the list
archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  
  
  
   __ Information from ESET Smart Security, version of virus
  signature database 4613 (20091116) __
  
   The message was checked by ESET Smart Security.
  
   http://www.eset.com
  
  
  
 
 
 
  __ Information from ESET Smart Security, version of virus
 signature
  database 4613 (20091116) __
 
  The message was checked by ESET Smart Security.
 
  http://www.eset.com
 
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 



 --
 /**
 *Craig FrostyCoolSlug McLure
 * ChatSpike- http://www.chatspike.net
 * InspIRCd - http://www.inspircd.org
 **/
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[1nsane]

Or even Windows Advanced Firewall, which would allow one to control which
computers can access what.

On Mon, Nov 16, 2009 at 8:10 PM, Tony Paloma drunkenf...@hotmail.comwrote:

 Or IPSec rules.

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Shizzle Nizzle
 Sent: Monday, November 16, 2009 4:51 PM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 ip filtering your rcon port.. does the job and keeps all the rcon exploits
 away. for those on windows just use emsa port blocker

 On Mon, Nov 16, 2009 at 6:31 PM, Craig McLure cr...@chatspike.net wrote:

  Maybe, but I'm pretty sure that's illegal in most countries :/
 
  2009/11/17 Alex chewy_s...@hotmail.com
 
   They got what was coming to them. Good for him :)
  
   1nsane wrote:
Under certain conditions It is possible to download files from the
   server.
Server.cfg being a good one.
   
Also the reverse is true.
   
On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com
  wrote:
   
   
It's just cracking rcon password, then they set it to private and
  change
the name.
So just having rcon locker and a nice password fixes it.
   
   
   
From: i...@ronny-schedel.de
To: hlds@list.valvesoftware.com
Date: Mon, 16 Nov 2009 23:32:24 +0100
Subject: Re: [hlds] Its the law!
   
The big question is: how is it done? Let's hope there is backdoor
 in
   the
fake player app and not a bug in the server code.
   
   
http://img692.imageshack.us/img692/4728/71956486.jpg
I lay money on Lotusclan getting there comeuppance!
   
   
   
___
To unsubscribe, edit your list preferences, or view the list
  archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
   
   
___
To unsubscribe, edit your list preferences, or view the list
  archives,
   
please visit:
   
http://list.valvesoftware.com/mailman/listinfo/hlds
   
_
Windows Live: Make it easier for your friends to see what you’re up
 to
   on
Facebook.
http://go.microsoft.com/?linkid=9691816
___
To unsubscribe, edit your list preferences, or view the list
 archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
   
   
___
To unsubscribe, edit your list preferences, or view the list
 archives,
   please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
   
   
   
   
__ Information from ESET Smart Security, version of virus
   signature database 4613 (20091116) __
   
The message was checked by ESET Smart Security.
   
http://www.eset.com
   
   
   
  
  
  
   __ Information from ESET Smart Security, version of virus
  signature
   database 4613 (20091116) __
  
   The message was checked by ESET Smart Security.
  
   http://www.eset.com
  
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
 
 
 
  --
  /**
  *Craig FrostyCoolSlug McLure
  * ChatSpike- http://www.chatspike.net
  * InspIRCd - http://www.inspircd.org
  **/
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Tony Paloma]

Which uses IPSec to enforce its rules.

-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of 1nsane
Sent: Monday, November 16, 2009 5:16 PM
To: Half-Life dedicated Win32 server mailing list
Subject: Re: [hlds] Its the law!

Or even Windows Advanced Firewall, which would allow one to control which
computers can access what.

On Mon, Nov 16, 2009 at 8:10 PM, Tony Paloma drunkenf...@hotmail.comwrote:

 Or IPSec rules.

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Shizzle Nizzle
 Sent: Monday, November 16, 2009 4:51 PM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 ip filtering your rcon port.. does the job and keeps all the rcon exploits
 away. for those on windows just use emsa port blocker

 On Mon, Nov 16, 2009 at 6:31 PM, Craig McLure cr...@chatspike.net wrote:

  Maybe, but I'm pretty sure that's illegal in most countries :/
 
  2009/11/17 Alex chewy_s...@hotmail.com
 
   They got what was coming to them. Good for him :)
  
   1nsane wrote:
Under certain conditions It is possible to download files from the
   server.
Server.cfg being a good one.
   
Also the reverse is true.
   
On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com
  wrote:
   
   
It's just cracking rcon password, then they set it to private and
  change
the name.
So just having rcon locker and a nice password fixes it.
   
   
   
From: i...@ronny-schedel.de
To: hlds@list.valvesoftware.com
Date: Mon, 16 Nov 2009 23:32:24 +0100
Subject: Re: [hlds] Its the law!
   
The big question is: how is it done? Let's hope there is backdoor
 in
   the
fake player app and not a bug in the server code.
   
   
http://img692.imageshack.us/img692/4728/71956486.jpg
I lay money on Lotusclan getting there comeuppance!
   
   
   
___
To unsubscribe, edit your list preferences, or view the list
  archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
   
   
___
To unsubscribe, edit your list preferences, or view the list
  archives,
   
please visit:
   
http://list.valvesoftware.com/mailman/listinfo/hlds
   
_
Windows Live: Make it easier for your friends to see what you’re up
 to
   on
Facebook.
http://go.microsoft.com/?linkid=9691816
___
To unsubscribe, edit your list preferences, or view the list
 archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
   
   
___
To unsubscribe, edit your list preferences, or view the list
 archives,
   please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
   
   
   
   
__ Information from ESET Smart Security, version of virus
   signature database 4613 (20091116) __
   
The message was checked by ESET Smart Security.
   
http://www.eset.com
   
   
   
  
  
  
   __ Information from ESET Smart Security, version of virus
  signature
   database 4613 (20091116) __
  
   The message was checked by ESET Smart Security.
  
   http://www.eset.com
  
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
 
 
 
  --
  /**
  *Craig FrostyCoolSlug McLure
  * ChatSpike- http://www.chatspike.net
  * InspIRCd - http://www.inspircd.org
  **/
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Steven Crothers]

Tony,

IPSec is not a firewall you have been mislead.

On Mon, Nov 16, 2009 at 8:20 PM, Tony Paloma drunkenf...@hotmail.comwrote:

 Which uses IPSec to enforce its rules.

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of 1nsane
 Sent: Monday, November 16, 2009 5:16 PM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 Or even Windows Advanced Firewall, which would allow one to control which
 computers can access what.

 On Mon, Nov 16, 2009 at 8:10 PM, Tony Paloma drunkenf...@hotmail.com
 wrote:

  Or IPSec rules.
 
  -Original Message-
  From: hlds-boun...@list.valvesoftware.com
  [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Shizzle Nizzle
  Sent: Monday, November 16, 2009 4:51 PM
  To: Half-Life dedicated Win32 server mailing list
  Subject: Re: [hlds] Its the law!
 
  ip filtering your rcon port.. does the job and keeps all the rcon
 exploits
  away. for those on windows just use emsa port blocker
 
  On Mon, Nov 16, 2009 at 6:31 PM, Craig McLure cr...@chatspike.net
 wrote:
 
   Maybe, but I'm pretty sure that's illegal in most countries :/
  
   2009/11/17 Alex chewy_s...@hotmail.com
  
They got what was coming to them. Good for him :)
   
1nsane wrote:
 Under certain conditions It is possible to download files from the
server.
 Server.cfg being a good one.

 Also the reverse is true.

 On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com
   wrote:


 It's just cracking rcon password, then they set it to private and
   change
 the name.
 So just having rcon locker and a nice password fixes it.



 From: i...@ronny-schedel.de
 To: hlds@list.valvesoftware.com
 Date: Mon, 16 Nov 2009 23:32:24 +0100
 Subject: Re: [hlds] Its the law!

 The big question is: how is it done? Let's hope there is backdoor
  in
the
 fake player app and not a bug in the server code.


 http://img692.imageshack.us/img692/4728/71956486.jpg
 I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list
   archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list
   archives,

 please visit:

 http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you’re
 up
  to
on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list
  archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list
  archives,
please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds




 __ Information from ESET Smart Security, version of virus
signature database 4613 (20091116) __

 The message was checked by ESET Smart Security.

 http://www.eset.com



   
   
   
__ Information from ESET Smart Security, version of virus
   signature
database 4613 (20091116) __
   
The message was checked by ESET Smart Security.
   
http://www.eset.com
   
   
   
___
To unsubscribe, edit your list preferences, or view the list
 archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
   
  
  
  
   --
   /**
   *Craig FrostyCoolSlug McLure
   * ChatSpike- http://www.chatspike.net
   * InspIRCd - http://www.inspircd.org
   **/
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Tony Paloma]

I know this, but IPSec _policies_ can be used as such.

-Original Message-
From: hlds-boun...@list.valvesoftware.com 
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Steven Crothers
Sent: Monday, November 16, 2009 6:07 PM
To: Half-Life dedicated Win32 server mailing list
Subject: Re: [hlds] Its the law!

Tony,

IPSec is not a firewall you have been mislead.

On Mon, Nov 16, 2009 at 8:20 PM, Tony Paloma drunkenf...@hotmail.comwrote:

 Which uses IPSec to enforce its rules.

 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of 1nsane
 Sent: Monday, November 16, 2009 5:16 PM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 Or even Windows Advanced Firewall, which would allow one to control which
 computers can access what.

 On Mon, Nov 16, 2009 at 8:10 PM, Tony Paloma drunkenf...@hotmail.com
 wrote:

  Or IPSec rules.
 
  -Original Message-
  From: hlds-boun...@list.valvesoftware.com
  [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Shizzle Nizzle
  Sent: Monday, November 16, 2009 4:51 PM
  To: Half-Life dedicated Win32 server mailing list
  Subject: Re: [hlds] Its the law!
 
  ip filtering your rcon port.. does the job and keeps all the rcon
 exploits
  away. for those on windows just use emsa port blocker
 
  On Mon, Nov 16, 2009 at 6:31 PM, Craig McLure cr...@chatspike.net
 wrote:
 
   Maybe, but I'm pretty sure that's illegal in most countries :/
  
   2009/11/17 Alex chewy_s...@hotmail.com
  
They got what was coming to them. Good for him :)
   
1nsane wrote:
 Under certain conditions It is possible to download files from the
server.
 Server.cfg being a good one.

 Also the reverse is true.

 On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com
   wrote:


 It's just cracking rcon password, then they set it to private and
   change
 the name.
 So just having rcon locker and a nice password fixes it.



 From: i...@ronny-schedel.de
 To: hlds@list.valvesoftware.com
 Date: Mon, 16 Nov 2009 23:32:24 +0100
 Subject: Re: [hlds] Its the law!

 The big question is: how is it done? Let's hope there is backdoor
  in
the
 fake player app and not a bug in the server code.


 http://img692.imageshack.us/img692/4728/71956486.jpg
 I lay money on Lotusclan getting there comeuppance!



 ___
 To unsubscribe, edit your list preferences, or view the list
   archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list
   archives,

 please visit:

 http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you’re
 up
  to
on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list
  archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list
  archives,
please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds




 __ Information from ESET Smart Security, version of virus
signature database 4613 (20091116) __

 The message was checked by ESET Smart Security.

 http://www.eset.com



   
   
   
__ Information from ESET Smart Security, version of virus
   signature
database 4613 (20091116) __
   
The message was checked by ESET Smart Security.
   
http://www.eset.com
   
   
   
___
To unsubscribe, edit your list preferences, or view the list
 archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
   
  
  
  
   --
   /**
   *Craig FrostyCoolSlug McLure
   * ChatSpike- http://www.chatspike.net
   * InspIRCd - http://www.inspircd.org
   **/
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
  ___
  To unsubscribe, edit your list

Re: [hlds] Its the law!

[SmOoThEm]

These people downloaded everyone's server configs, and my rcon password was
unhackable due to the complexity of it. Only one of my servers were
affected. If you look in your cfg folder and you see a server.cfg.   .ztmp
then you have been hacked too. I have a feeling there is a major exploit in
the wild that will soon hit more than fakeclient servers.

And for the record we run fake clients for one reason, so our server shows
up on the list when you refresh. By default empty servers will not show up
in the master list, no one will ever see the empty server to populate it. We
only have 1 client running because we know how much the community hates
them.

The worst part is I found this post from 2003, seems like the same kind of
exploit 7 years later? Thanks valve.
http://www.mail-archive.com/hlds_li...@list.valvesoftware.com/msg22649.html

Anyone have any ideas as to how this was performed so we all can get it
fixed before it's too late?

-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Tony Paloma
Sent: Monday, November 16, 2009 5:11 PM
To: 'Half-Life dedicated Win32 server mailing list'
Subject: Re: [hlds] Its the law!

Or IPSec rules.

-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Shizzle Nizzle
Sent: Monday, November 16, 2009 4:51 PM
To: Half-Life dedicated Win32 server mailing list
Subject: Re: [hlds] Its the law!

ip filtering your rcon port.. does the job and keeps all the rcon exploits
away. for those on windows just use emsa port blocker

On Mon, Nov 16, 2009 at 6:31 PM, Craig McLure cr...@chatspike.net wrote:

 Maybe, but I'm pretty sure that's illegal in most countries :/

 2009/11/17 Alex chewy_s...@hotmail.com

  They got what was coming to them. Good for him :)
 
  1nsane wrote:
   Under certain conditions It is possible to download files from the
  server.
   Server.cfg being a good one.
  
   Also the reverse is true.
  
   On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com
 wrote:
  
  
   It's just cracking rcon password, then they set it to private and
 change
   the name.
   So just having rcon locker and a nice password fixes it.
  
  
  
   From: i...@ronny-schedel.de
   To: hlds@list.valvesoftware.com
   Date: Mon, 16 Nov 2009 23:32:24 +0100
   Subject: Re: [hlds] Its the law!
  
   The big question is: how is it done? Let's hope there is backdoor in
  the
   fake player app and not a bug in the server code.
  
  
   http://img692.imageshack.us/img692/4728/71956486.jpg
   I lay money on Lotusclan getting there comeuppance!
  
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list
 archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list
 archives,
  
   please visit:
  
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
   _
   Windows Live: Make it easier for your friends to see what you’re up
to
  on
   Facebook.
   http://go.microsoft.com/?linkid=9691816
   ___
   To unsubscribe, edit your list preferences, or view the list
archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
  
  
  
   __ Information from ESET Smart Security, version of virus
  signature database 4613 (20091116) __
  
   The message was checked by ESET Smart Security.
  
   http://www.eset.com
  
  
  
 
 
 
  __ Information from ESET Smart Security, version of virus
 signature
  database 4613 (20091116) __
 
  The message was checked by ESET Smart Security.
 
  http://www.eset.com
 
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
  please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds
 



 --
 /**
 *Craig FrostyCoolSlug McLure
 * ChatSpike- http://www.chatspike.net
 * InspIRCd - http://www.inspircd.org
 **/
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences

Re: [hlds] Its the law!

[Octo]

On Mon, Nov 16, 2009 at 07:44:58PM -0800, SmOoThEm wrote:
 These people downloaded everyone's server configs, and my rcon password was
 unhackable due to the complexity of it. Only one of my servers were
 affected. If you look in your cfg folder and you see a server.cfg.   .ztmp
 then you have been hacked too. I have a feeling there is a major exploit in
 the wild that will soon hit more than fakeclient servers.

Are those spaces or a tab trailing the .cfg?
 
 And for the record we run fake clients for one reason, so our server shows
 up on the list when you refresh. By default empty servers will not show up
 in the master list, no one will ever see the empty server to populate it. We
 only have 1 client running because we know how much the community hates
 them.

So why not lobby for that setting to be changed, or maybe sit on your server
like other admins do trying to get them going?  As an admin who does take the
time to try to get his servers going and rewards users who take the time to
make the servers visible I'm glad to see that your community believes that the
best way of achieving the same result is dishonesty.  

-octo

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[SmOoThEm]

The spaces were in the file name, that is an exact copy and paste of the
file name. And to reply about admins trying to get their servers started
if you have been doing this for as long as I have you find it gets really
old populating servers every day for years on end, especially when you have
20+.

-Original Message-
From: hlds-boun...@list.valvesoftware.com
[mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Octo
Sent: Monday, November 16, 2009 9:14 PM
To: Half-Life dedicated Win32 server mailing list
Subject: Re: [hlds] Its the law!

On Mon, Nov 16, 2009 at 07:44:58PM -0800, SmOoThEm wrote:
 These people downloaded everyone's server configs, and my rcon password
was
 unhackable due to the complexity of it. Only one of my servers were
 affected. If you look in your cfg folder and you see a server.cfg.
.ztmp
 then you have been hacked too. I have a feeling there is a major exploit
in
 the wild that will soon hit more than fakeclient servers.

Are those spaces or a tab trailing the .cfg?
 
 And for the record we run fake clients for one reason, so our server shows
 up on the list when you refresh. By default empty servers will not show up
 in the master list, no one will ever see the empty server to populate it.
We
 only have 1 client running because we know how much the community hates
 them.

So why not lobby for that setting to be changed, or maybe sit on your server
like other admins do trying to get them going?  As an admin who does take
the
time to try to get his servers going and rewards users who take the time to
make the servers visible I'm glad to see that your community believes that
the
best way of achieving the same result is dishonesty.  

-octo

___
To unsubscribe, edit your list preferences, or view the list archives,
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Octo]

On Mon, Nov 16, 2009 at 09:35:14PM -0800, SmOoThEm wrote:
 The spaces were in the file name, that is an exact copy and paste of the
 file name. And to reply about admins trying to get their servers started
 if you have been doing this for as long as I have you find it gets really
 old populating servers every day for years on end, especially when you have
 20+.

Oh I know, I have had between 2 and 10 servers since tf2 beta (currently
8) but I still don't think that having a bunch of servers makes it ok to
trick users or try to gain an advantage by faking information about your
servers.  Since people do cheat the system, that forces all the honest
server operators to have to choose between also being dishonest or having
to work even harder to get their servers going.  This is the same garbage
excuse that people spewed when they lied about their server tags - and
it stunk then and it stinks now.  I'll keep hoping that some day there
is a blacklist, and then you can really experience empty servers. 

I like having players on my server as much as the next admin, but unless
you're doing some sort of a money grab by selling admin or have found a 
way to convert server popularity into something useful IRL I honestly
don't understand why there is such a drive to race to the bottom.

-octo
 
 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Octo
 Sent: Monday, November 16, 2009 9:14 PM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!
 
 On Mon, Nov 16, 2009 at 07:44:58PM -0800, SmOoThEm wrote:
  These people downloaded everyone's server configs, and my rcon password
 was
  unhackable due to the complexity of it. Only one of my servers were
  affected. If you look in your cfg folder and you see a server.cfg.
 .ztmp
  then you have been hacked too. I have a feeling there is a major exploit
 in
  the wild that will soon hit more than fakeclient servers.
 
 Are those spaces or a tab trailing the .cfg?
  
  And for the record we run fake clients for one reason, so our server shows
  up on the list when you refresh. By default empty servers will not show up
  in the master list, no one will ever see the empty server to populate it.
 We
  only have 1 client running because we know how much the community hates
  them.
 
 So why not lobby for that setting to be changed, or maybe sit on your server
 like other admins do trying to get them going?  As an admin who does take
 the
 time to try to get his servers going and rewards users who take the time to
 make the servers visible I'm glad to see that your community believes that
 the
 best way of achieving the same result is dishonesty.  
 
 -octo
 
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds
 
 
 ___
 To unsubscribe, edit your list preferences, or view the list archives, please 
 visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Violent Crimes]

My server has that file in it. But the thing is I do not run Fake 
Clients nor have I ever.

Octo wrote:
 On Mon, Nov 16, 2009 at 09:35:14PM -0800, SmOoThEm wrote:
   
 The spaces were in the file name, that is an exact copy and paste of the
 file name. And to reply about admins trying to get their servers started
 if you have been doing this for as long as I have you find it gets really
 old populating servers every day for years on end, especially when you have
 20+.
 

 Oh I know, I have had between 2 and 10 servers since tf2 beta (currently
 8) but I still don't think that having a bunch of servers makes it ok to
 trick users or try to gain an advantage by faking information about your
 servers.  Since people do cheat the system, that forces all the honest
 server operators to have to choose between also being dishonest or having
 to work even harder to get their servers going.  This is the same garbage
 excuse that people spewed when they lied about their server tags - and
 it stunk then and it stinks now.  I'll keep hoping that some day there
 is a blacklist, and then you can really experience empty servers. 

 I like having players on my server as much as the next admin, but unless
 you're doing some sort of a money grab by selling admin or have found a 
 way to convert server popularity into something useful IRL I honestly
 don't understand why there is such a drive to race to the bottom.

 -octo
  
   
 -Original Message-
 From: hlds-boun...@list.valvesoftware.com
 [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Octo
 Sent: Monday, November 16, 2009 9:14 PM
 To: Half-Life dedicated Win32 server mailing list
 Subject: Re: [hlds] Its the law!

 On Mon, Nov 16, 2009 at 07:44:58PM -0800, SmOoThEm wrote:
 
 These people downloaded everyone's server configs, and my rcon password
   
 was
 
 unhackable due to the complexity of it. Only one of my servers were
 affected. If you look in your cfg folder and you see a server.cfg.
   
 .ztmp
 
 then you have been hacked too. I have a feeling there is a major exploit
   
 in
 
 the wild that will soon hit more than fakeclient servers.
   
 Are those spaces or a tab trailing the .cfg?
  
 
 And for the record we run fake clients for one reason, so our server shows
 up on the list when you refresh. By default empty servers will not show up
 in the master list, no one will ever see the empty server to populate it.
   
 We
 
 only have 1 client running because we know how much the community hates
 them.
   
 So why not lobby for that setting to be changed, or maybe sit on your server
 like other admins do trying to get them going?  As an admin who does take
 the
 time to try to get his servers going and rewards users who take the time to
 make the servers visible I'm glad to see that your community believes that
 the
 best way of achieving the same result is dishonesty.  

 -octo

 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds


 ___
 To unsubscribe, edit your list preferences, or view the list archives, 
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds
 

 ___
 To unsubscribe, edit your list preferences, or view the list archives, please 
 visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds
 


 No virus found in this incoming message.
 Checked by AVG - www.avg.com 
 Version: 9.0.707 / Virus Database: 270.14.68/2507 - Release Date: 11/16/09 
 14:53:00

   


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds

Re: [hlds] Its the law!

[Ronny Schedel]

Under which conditions?


- Original Message - 
From: 1nsane 1nsane...@gmail.com
To: Half-Life dedicated Win32 server mailing list 
hlds@list.valvesoftware.com
Sent: Tuesday, November 17, 2009 12:31 AM
Subject: Re: [hlds] Its the law!


Under certain conditions It is possible to download files from the server.
Server.cfg being a good one.

Also the reverse is true.

On Mon, Nov 16, 2009 at 5:37 PM, JäKë T can_kic...@hotmail.com wrote:


 It's just cracking rcon password, then they set it to private and change
 the name.
 So just having rcon locker and a nice password fixes it.


  From: i...@ronny-schedel.de
  To: hlds@list.valvesoftware.com
  Date: Mon, 16 Nov 2009 23:32:24 +0100
  Subject: Re: [hlds] Its the law!
 
  The big question is: how is it done? Let's hope there is backdoor in the
  fake player app and not a bug in the server code.
 
   http://img692.imageshack.us/img692/4728/71956486.jpg
   I lay money on Lotusclan getting there comeuppance!
  
  
  
   ___
   To unsubscribe, edit your list preferences, or view the list archives,
   please visit:
   http://list.valvesoftware.com/mailman/listinfo/hlds
  
 
 
  ___
  To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
  http://list.valvesoftware.com/mailman/listinfo/hlds

 _
 Windows Live: Make it easier for your friends to see what you’re up to on
 Facebook.
 http://go.microsoft.com/?linkid=9691816
 ___
 To unsubscribe, edit your list preferences, or view the list archives,
 please visit:
 http://list.valvesoftware.com/mailman/listinfo/hlds

___
To unsubscribe, edit your list preferences, or view the list archives, 
please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds


___
To unsubscribe, edit your list preferences, or view the list archives, please 
visit:
http://list.valvesoftware.com/mailman/listinfo/hlds