Raised This Month: $51 Target: $400
 12% 

ServerSecure (Files only) - Server protection against the Upload / Download exploit.


Post New Thread Reply   
AlliedModders Forum Index > SourceMod > Extensions
Page 20 of 22 « First 101819 20 2122
 
Thread Tools Display Modes
friagram
Veteran Member
friagram's Avatar
Join Date: Sep 2012
Location: Silicon Valley
Old 04-30-2013 , 22:08   Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
Reply With Quote #191
Quote:
Originally Posted by DontWannaName View Post
From my understanding this shouldnt be needed anymore with the new file system enhancements in place.

The only class of file that typically are sent from clients to gameservers are user sprays. They go in the dod/download/user_custom directory. They are no longer stored in a flat directory structure, so the OS filesystem won’t get stressed out so quickly if you have a lot of visitors and accumulate a lot of sprays.

https://support.steampowered.com/kb_...2519-IGXC-8453

Does the engine actually only allow files to be sent to the download directory now, and does it restrict them to sprays?
__________________
Profile - Plugins
Add me on steam if you are seeking sp/map/model commissions.
friagram is offline
pubhero
Veteran Member
Join Date: Aug 2012
Location: Central Europe
Old 05-05-2013 , 15:36   Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
Reply With Quote #192
This protection protect something now or not on the CSS servers?
pubhero is offline
RavensBro
Veteran Member
RavensBro's Avatar
Join Date: Sep 2009
Location: Wisonsin USA
Old 05-12-2013 , 12:33   Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
Reply With Quote #193
L 05/13/2013 - 02:18:28: [SERVSEC] Sigscan for IsValidFileForTransfer failed - Disabling detour to prevent crashes
L 05/13/2013 - 02:18:28: [SM] Unable to load extension "serversecure_files.ext": Couldn't find IsValidFileForTransfer function!
RavensBro is offline
Powerlord
AlliedModders Donor
Powerlord's Avatar
Join Date: Jun 2008
Location: Seduce Me!
Old 05-12-2013 , 18:31   Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
Reply With Quote #194
Quote:
Originally Posted by RavensBro View Post
L 05/13/2013 - 02:18:28: [SERVSEC] Sigscan for IsValidFileForTransfer failed - Disabling detour to prevent crashes
L 05/13/2013 - 02:18:28: [SM] Unable to load extension "serversecure_files.ext": Couldn't find IsValidFileForTransfer function!
Doesn't work as of the SteamPipe update anyway:

Quote:
Originally Posted by asherkin View Post
I know the engine will at least now allow everything in the new content folder to be downloaded, it's part of the reason it was renamed away from addons - as it would have allowed clients to just download any server plugin's content. I'll take a look into it when I get a chance.
and in direct response about running this on SteamPipe:
Quote:
Originally Posted by asherkin View Post
You can't at the moment, there is a new filtering function in this update.
__________________
Not currently working on SourceMod plugin development.
Last edited by Powerlord; 05-12-2013 at 18:32.
Powerlord is offline
nightrider
SourceMod Donor
Join Date: Dec 2008
Old 05-20-2013 , 01:39   Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
Reply With Quote #195
Question?
So if serversecure is not currently working with Steampipe
or is not required because of the updates from Valve.
Would re-installing D-FENS be worthwhile?
__________________
[SIGPIC][/SIGPIC] the pantless
I am the Night Rider!, I'm a fuel-injected suicide machine.
I am a rocker! I am a roller!, I am an out-of-controller!
nightrider is offline
AeroAcrobat
AlliedModders Donor
AeroAcrobat's Avatar
Join Date: Apr 2011
Location: lives in a circus
Old 06-01-2013 , 19:44   Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
Reply With Quote #196
I've read this post: https://forums.alliedmods.net/showpo...&postcount=194

Just wanted to make sure that we can safely remove server secure now ?

TF2
sm exts list:
Code:
Server Secure - Files Only (1.0.0): The finest defence
my logs look like this:
Code:
L 06/02/2013 - 00:52:46: [SERVSEC] Blocking download: user_custom/c1/c12cc55b.dat
L 06/02/2013 - 00:53:11: [SERVSEC] Blocking download: user_custom/92/92b65e48.dat
L 06/02/2013 - 00:53:18: [SERVSEC] Blocking download: user_custom/92/92b65e48.dat
L 06/02/2013 - 00:53:18: [SERVSEC] Blocking download: user_custom/c1/c12cc55b.dat
L 06/02/2013 - 00:53:27: [SERVSEC] Blocking download: user_custom/92/92b65e48.dat
L 06/02/2013 - 00:53:30: [SERVSEC] Blocking download: user_custom/c1/c12cc55b.dat
L 06/02/2013 - 00:56:30: [SERVSEC] Blocking download: user_custom/9f/9fd62414.dat
__________________
AeroAcrobat is offline
Powerlord
AlliedModders Donor
Powerlord's Avatar
Join Date: Jun 2008
Location: Seduce Me!
Old 06-01-2013 , 20:17   Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
Reply With Quote #197
Quote:
Originally Posted by AeroAcrobat View Post
I've read this post: https://forums.alliedmods.net/showpo...&postcount=194

Just wanted to make sure that we can safely remove server secure now ?

TF2
sm exts list:
Code:
Server Secure - Files Only (1.0.0): The finest defence
my logs look like this:
Code:
L 06/02/2013 - 00:52:46: [SERVSEC] Blocking download: user_custom/c1/c12cc55b.dat
L 06/02/2013 - 00:53:11: [SERVSEC] Blocking download: user_custom/92/92b65e48.dat
L 06/02/2013 - 00:53:18: [SERVSEC] Blocking download: user_custom/92/92b65e48.dat
L 06/02/2013 - 00:53:18: [SERVSEC] Blocking download: user_custom/c1/c12cc55b.dat
L 06/02/2013 - 00:53:27: [SERVSEC] Blocking download: user_custom/92/92b65e48.dat
L 06/02/2013 - 00:53:30: [SERVSEC] Blocking download: user_custom/c1/c12cc55b.dat
L 06/02/2013 - 00:56:30: [SERVSEC] Blocking download: user_custom/9f/9fd62414.dat
It's blocking the transmission of user sprays to other users there. Or at least I think it is.
__________________
Not currently working on SourceMod plugin development.
Last edited by Powerlord; 06-01-2013 at 20:18.
Powerlord is offline
asherkin
SourceMod Developer
asherkin's Avatar
Join Date: Aug 2009
Location: OnGameFrame()
Old 06-01-2013 , 21:32   Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
Reply With Quote #198
You should remove it as it's broken, the exploit it fixes is probably not fixed though, someone else is welcome to post updated gamedata in the mean time.
__________________
asherkin is offline
violentcrimes
Senior Member
violentcrimes's Avatar
Join Date: Nov 2006
Old 08-24-2013 , 02:18   Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
Reply With Quote #199
Has anyone updated this?
__________________
violentcrimes is offline
Zephyrus
Cool Pig B)
Join Date: Jun 2010
Location: Hungary
Old 08-25-2013 , 17:43   Re: ServerSecure (Files only) - Server protection against the Upload / Download explo
Reply With Quote #200
Quote:
Originally Posted by asherkin View Post
You should remove it as it's broken, the exploit it fixes is probably not fixed though, someone else is welcome to post updated gamedata in the mean time.
ive made a poc for the exploit to try this, you can upload anything you want but they will all end up in the custom folder so it doesnt affect anything
__________________
Taking private C++/PHP/SourcePawn requests, PM me.
Zephyrus is offline
Reply
AlliedModders Forum Index > SourceMod > Extensions
Page 20 of 22 « First 101819 20 2122

« Previous Thread | Next Thread »


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -4. The time now is 16:37.

DMCA - Archive - Top

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode