This is a particularly low level debugging of what causes the RCON crash. This debug was done on Counter-Strike: Source on a Windows 2003 Server box.
It appears on line 0x201F7DA4 in engine.dll that the crash occurs because DS:[ESI] points to a non-existent place.
This is the ASM code for 0x201F7DA4:
Code:
201F7DA4 F3:A5 REP MOVS DWORD PTR ES:[EDI],DWORD PTR DS>
The crash seems to occur because SRCDS is kicking the player who just triggered the RCON protection out of the server when it IP bans someone. But because the RCON connection (which is now getting spammed with bad attempts) is associated to the client it tries to retrieve information from the client entity even though it is no longer there (educated guess) since the client has been removed from the server one way or another. Currently, it seems the only viable way to prevent this crash is to prevent the engine from removing the client while the attack is happening.
I feel that this may be some sort of string related function but I'm unsure as I'm not that experienced with ASM to make a accurate assessment.
My guess is that it is the oh so nice message letting you know someone is attempting bad passwords on the RCON.
I'm currently attempting ways to ban the client and keep the server alive but so far I've kind of hit a dead end as the server always seems to crash once you remove the client regardless of how it was done.