> check out http://www.planetquake.com/arena/rconfix/ for a patch to the > existing known rcon password of "tms" with a random one, which contains > a ", making the newly found backdoor unusable. However, the best way to > fix this problem is still to filter id's subdomain(192.246.40.*) at your > router. > > -dizzy Neither randomizing the password nor putting a double-quote in it will prevent the rcon commmand from being accepted. Just use '\042'. Random passwords can be exhaustively searched. That'll just take a bit more time. Using '\000' in the password seems to confound Quake's ability to check it. Garph
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:52:29 PDT