Re: Fix for Quake Servers

From: Garph (garphat_private)
Date: Wed May 06 1998 - 01:13:20 PDT

Next message: VaX#n8: "improved synflood protection & detection"

Previous message: David Dawes: "Re: TOG and xterm problem"
Maybe in reply to: dizzy: "Fix for Quake Servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> check out http://www.planetquake.com/arena/rconfix/ for a patch to the
> existing known rcon password of "tms" with a random one, which contains
> a ", making the newly found backdoor unusable.  However, the best way to
> fix this problem is still to filter id's subdomain(192.246.40.*) at your
> router.
>
> -dizzy

Neither randomizing the password nor putting a double-quote in it will
prevent the rcon commmand from being accepted.  Just use '\042'.  Random
passwords can be exhaustively searched.  That'll just take a bit more
time.  Using '\000' in the password seems to confound Quake's ability to
check it.

Garph

Next message: VaX#n8: "improved synflood protection & detection"
Previous message: David Dawes: "Re: TOG and xterm problem"
Maybe in reply to: dizzy: "Fix for Quake Servers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:52:29 PDT