just read the original advisory, valve acknowledged the problem but when they informed of the status of the patch they were just ignored. full disclosure of exploits is not bad, with opensource software where, with the proper amount of knowledge, you could have patched the hole yourself. But in this case its closed software where you are completely at the mercy of the creators of the software
----- Original Message ----- From: "James Couzens" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, July 30, 2003 2:21 PM Subject: Re: [hlds_linux] HLDS Expolits > Wait I have more to say on this subject. > > <rant>I think its shitty that there are all these sites that post so > publicly open notices of exploits, and often the code that goes along with > this. But then again, it seems that when software companies are informed > that there is a problem, they tend to ignore it when it comes to some > insignifcant "security" bug. So perhaps the "hackers" are right to release > it into the wild, so that we all get raped over this and bitch and complain > and then voila said expoit is fixed! But does it really need to come to > that? Can't software companies be privately informed, and immedtiately put > forth a fix? Then problems like this would be few and far between. > > Perhaps its too late in the game to change the way things work here, but > meh, just my two cents.</rant> > > James > > ----- Original Message ----- > From: "Scott Pettit" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Wednesday, July 30, 2003 5:02 AM > Subject: RE: [hlds_linux] HLDS Expolits > > > > 3 Servers have been killed of mine now and as I type this another 2 have > > just been killed. > > > > Hurry :/ > > > > > > Cheers, > > > > Scott Pettit > > [EMAIL PROTECTED] > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of barjo > > Sent: Wednesday, 30 July 2003 11:52 p.m. > > To: [EMAIL PROTECTED] > > Subject: [hlds_linux] HLDS Expolits > > > > This is a multi-part message in MIME format. > > -- > > [ Picked text/plain from multipart/alternative ] > > >>>>>>>>>>>>>>>> > > Is there anyway to track down who is using this and ban them at the IP > > level > > server wide? I have seen multiple servers failing for no reason today > > (all > > publics) and I am pretty sure the bug code is the reason. I look in the > > HL > > logs but they just stop with no warning at crash. > > > > Im looking through server logs but I'm unsure what to look for. > > > > Thanks > > Jeremy > > > > ----------------------------- > > Hi all, > > > > I'm under fire since 14H now, 5H this night before to undestand what > > happen and how to stop it. (I have 60 servers, 50 down) > > If you want to find his ip, open a server, stay in console, use > > sv_password to protect your serv. Then when the ip will try to attak > > you, you will see something like : > > ip : password failed > > and several NET_QueuePacket: Invalid argument > > > > When u have ip, u can ban it on your serv... > > I found 2 ips attaking : > > 66.14.86.228:1107: password failed (this night) > > 168.215.143.34:1355: password failed (this day - it's 2:00 PM in france) > > > > i banned them, and all is great... But i'm scared he will find another > > ip :/ > > > > GL all > > > > Cedric A. > > -- > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, ple ase visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
