[IMPORTANT] A new HLDS engine exploit !!! - Page 7

guven5 · *Last edited by guven5; 08-09-2012 at 17:52.*

Server cvar "max_queries_sec" = "***PROTECTED***"
Server cvar "max_queries_window" = "***PROTECTED***"

you cvar commands may be can reduce replay but what is that "PROTECTED"

also how to disable "FF FF FF FF" with iptables

Quote:

Originally Posted by asherkin

If your server is updated and you aren't using dproto, the issue is already solved.

i have steam servers... also upto date, but still probem... smaller yes but somethings also depend attack parameters....

YamiKaitou · 08-09-2012 , 17:49 Re: [IMPORTANT] A new HLDS engine exploit !!!

Update your server and you will not have to worry about this exploit.

FiFiX · 08-09-2012 , 18:47 Re: [IMPORTANT] A new HLDS engine exploit !!!

Stable or beta?

asherkin · 08-09-2012 , 18:52

Quote:

Originally Posted by FiFiX

Stable or beta?

Stable, but it was an optional update.

Also, for people that still don't understand this, you can't do anything as the target of an attack - the fixes are for people who's servers are being used to source them.

Zephyrus · 08-09-2012 , 18:58 Re: [IMPORTANT] A new HLDS engine exploit !!!

limiting number of max queries isnt a good protection either as the attacker can simply delist your server by exceeding that number

FiFiX · 08-10-2012 , 01:18 Re: [IMPORTANT] A new HLDS engine exploit !!!

Quote:

Originally Posted by asherkin

Stable, but it was an optional update.

Also, for people that still don't understand this, you can't do anything as the target of an attack - the fixes are for people who's servers are being used to source them.

And how to do that 'optional' update? Just -autoupdate?

Also, how can I now, which version of stable and which of beta is the newest? And is there any changelog for hlds?(linux)

Powerlord · *Last edited by Powerlord; 08-10-2012 at 15:33.*

Quote:

Originally Posted by FiFiX

And how to do that 'optional' update? Just -autoupdate?

Manually run hldsupdatetool (or ./steam on Linux) with the usual arguments (-command update -game cstrike -dir whatever)

Note: I used cstrike as an example, but cstrike likely needs the -hlbeta argument...

Quote:

Originally Posted by FiFiX

Also, how can I now, which version of stable and which of beta is the newest? And is there any changelog for hlds?(linux)

cstrike is the only game with an hlbeta currently going on. For all other games, use stable... it's newer.

FiFiX · 08-11-2012 , 01:10 Re: [IMPORTANT] A new HLDS engine exploit !!!

Quote:

Originally Posted by Powerlord

cstrike is the only game with an hlbeta currently going on. For all other games, use stable... it's newer.

Is it going to change someday?
Thats better for me to use beta or stable for cstrike?

mabaclu · 08-11-2012 , 15:49 Re: [IMPORTANT] A new HLDS engine exploit !!!

Use beta, otherwise people may crash your server.

farenheitcx · 08-11-2012 , 22:29 Re: [IMPORTANT] A new HLDS engine exploit !!!

I check with

Code:

./steam -command update -game cstrike -dir . -beta hlbeta

But nothing happend, the message i received is "HLDS installation up to date"
Now I have the version "5758" for hlds server. Is that the latest version with the fix for this kind of attack?.