AlliedModders

AlliedModders (https://forums.alliedmods.net/index.php)
-   HL1 Servers (HLDS) (https://forums.alliedmods.net/forumdisplay.php?f=131)
-   -   HLDS Amplification Attacks (https://forums.alliedmods.net/showthread.php?t=319368)

DJEarthQuake 10-27-2019 16:25
HLDS Amplification Attacks
 
Document explaining some findings.
http://grehack.org/files/2013/talks/...rs-grehack.pdf

Thoughts?

^SmileY 11-01-2019 13:06
Re: HLDS Amplification Attacks
 
2013?

DJEarthQuake 11-03-2019 07:36
Re: HLDS Amplification Attacks
 
That was when this was written. For those who do have the time to read all that PDF it suggests there is a bug clear back from Quake that was congential and will never go away because the game is 20 years old and Source was already being worked on as a replacement. It does not have this issue. For those cracker types out there I do have a fail2ban regex just waiting as well as an e-mail to the ISP. Cider block blacklisting and blackholing.

Show me the post that Valve/Steam acknowledges and fixed this? Didn't they just fix clients from using sv_cheats although the server has it set to 0 without privileged access?

Fixed sv_cheats being settable by players in a multiplayer game (sv_cheats is now controlled by the server)

Solokiller 11-11-2019 06:35
Re: HLDS Amplification Attacks
 
Report exploits on Valve's HackerOne: https://hackerone.com/valve

DJEarthQuake 11-11-2019 06:59
Re: HLDS Amplification Attacks
 
Steam did not act on this informaton.

Quote:
"Valve didn’t worry too much (hey Valve,
giving feedback doesn’t hurt...)"
Quote:
Spanish cert INTECO handled almost
everything (thanks guys, you rock!)


All times are GMT -4. The time now is 17:02.

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.