<html>
I've just received acknowledgement from EA that they are now aware of
this problem and are looking into it. here is their response:<br><br>
<SNIP><br>
Hi Kim,<br><br>
Many thanks for your email, I have passed this on to our teams and am
awaiting a response from them, I should have some more infomation at some
point tomorrow. <br><br>
I'll keep you informed.<br><br>
Best Regards,<br><br>
Matt<br>
EA Support Centre, UK and Eire<br>
<font color="#0000FF"><u><a href="http://www.uk.ea.com/" eudora="autourl">www.uk.ea.com<br>
</a><a href="http://www.ie.ea.com/" eudora="autourl">www.ie.ea.com</a><br>
</u></font></SNIP><br><br>
<br>
At 09:19 10/08/2004 +0100, you wrote:<br>
<blockquote type=cite class=cite cite>I think ryan mentioned this before
and said that it would be very difficult to do due to the way that cd-key
authentication works.<br>
<br>
i.e. a person has to connect to validate a key.<br><br>
I could be way off but i seem to recall that.<br>
<br>
Richard.<br><br>
<b><i>The Guvnor <guvnor@evildictators.com></i></b> wrote:
<dl>
<dd>Ive found out how people do this, and so far, there is nothing that
can
<dd>stop this.<br><br>
<dd>Ryan, I will email you the dos program they used to do this so you
can look
<dd>at how to patch the current binaries against this.<br><br>
<dd>ps. please make it 64bit compatible.<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<dd>Kim<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<br><br>
<dd>++++++++++++++++++++++++++++++++++++++++++
<dd>Hi ryan et all,<br><br>
<dd>im a little confused as to how the latest mohaa binaries fix the
buffer
<dd>overflow problem. Players are still able to occupy the server slots
with
<dd>fake names using the same ip all in the same minute. Look at the
below:<br><br>
<dd>8th aug 04
<dd>21:18:14 Iamafake/81.156.111.91 has logged on to play
<dd>21:18:14 fakeplayer/81.156.111.91 has logged on to play
<dd>21:20:40 Iamafake/81.156.111.91 has logged on to play
<dd>21:20:40 fakeplayer/81.156.111.91 has logged on to play
<dd>21:20:41 cantseeme/81.156.111.91 has logged on to play<br><br>
<dd>9th aug 04
<dd>16:01:47 Iamafake/81.156.165.154 has logged on to play
<dd>16:01:48 fakeplayer/81.156.165.154 has logged on to play
<dd>16:01:48 cantseeme/81.156.165.154 has logged on to play
<dd>16:01:49 dontkickme/81.156.165.154 has logged on to play
<dd>16:01:49 Iamhere/81.156.165.154 has logged on to play
<dd>16:01:49 wearealot/81.156.165.154 has logged on to play
<dd>16:01:50 kickme/81.156.165.154 has logged on to play
<dd>16:01:57 fake/81.156.165.154 has logged on to play
<dd>16:01:57 whoamI/81.156.165.154 has logged on to play
<dd>16:01:58 whatamI/81.156.165.154 has logged on to play
<dd>16:01:59 whatImustdo/81.156.165.154 has logged on to play
<dd>16:02:00 Ihate/81.156.165.154 has logged on to play
<dd>16:02:00 whoIhate/81.156.165.154 has logged on to play
<dd>16:02:01 whatIhate/81.156.165.154 has logged on to play
<dd>16:02:01 whyIhate/81.156.165.154 has logged on to play
<dd>16:03:54 isthisaPoC/81.156.165.154 has logged on to play<br><br>
<dd>Is the latest binaries supposed to be able to 'stop' the problem or
just
<dd>'limit it' somehow? Whatever it is, the latest binaries dont seem to
be
<dd>stopping the problem, some servers have only have 12 players maximum
and it
<dd>takes just one goofball to take it out. The posted CI logs above are
for a
<dd>server that has the latest mohaa linux binaries.<br><br>
<br><br>
<dd>Kim<br><br>
<br><br>
</dl>This message has been processed by
<a href="http://www.firetrust.com/products/benign/">Firetrust Benign</a>.
</blockquote></html>