[cod] SecurityFocus

[Robert Mount]

I'd much rather have folks like Luigi disclosing these issues than
not.  It's called full disclosure.  It forces the hand of the vendors
to patch their software.  While i don't think this is the forum for a
debate on full disclosure, i would much rather know why these servers
are crashing than have mysterious crashes that i cannot explain.  At
least this way you wont chase your tail for hours looking for problems
in your setup.

Luigi's been at this for a while, i'm certain he at least made an
attempt to contact the vendors.  I know he's been in touch with Ryan
directly, or so he told me in our email exchange.

Regards,
--Rob


On Wed, 16 Feb 2005 19:14:05 +0000, Ian mu <mu.llamas at gmail.com> wrote:
> So how come so many people have patched servers that people are
> crashing? Just because it "says" its patched and successful does not
> mean its so. Most people say it doesnt work, some people say it works
> for some servers theyve done, not others. In other words, no one has a
> clue. Read the forums out there and you'll see.
> 
> The idiot part is posting an exploit and subsequently enabling
> numpties to 100% DOS a game as happened last night when every single
> server for a game (not talking just one ISP or one server, and I don't
> even admin a server for that, so no skin off my nose, talking every
> single server out there as is easily done when you can get ip:ports
> from master server lists) was taken down for a game. There's scripts
> out there now that have just modified a bit and hammering servers.
> 
> He's an idiot plain and simple. Its like writing a virus prevention
> program then distributing the virus to people, the problem wasn't bad
> until he posted it (the problem has been known about for > 2 years
> which goes to show, so yes you can criticize sloppy game coding, but
> he's just made it a whole lot worse).
> 
> Tell me a GSP IP/Range who have all their servers patched ;).
>