Already looked at patch-o-matic. I "may" write a case-insensitive string match module.
As for modifying the q3ded and it not pissing off pure or PB, that's bad, really bad. With the right knowledge a programmer/server admin could code some unfair advantages in for his team. If their server is used for a match... I see a problem.
Advertisement
q3a server vulnerability
#13
Posted 18 February 2005 - 08:27 PM
Its not the q3ded to path with the fix, its the quake3.x86 where Luigi Auriemma advice to change Offset 0005a95c from 01 to 03 with the fix/patcher. Doesn't work (still vulnerable) for me (with urt), maybe someone else have more luck with this.
Anyway think the way with the iptables is the better one, unless there is a working official patch.
And no deletion/concealment is not the right way, aslong you not working for a well known software company ;>
Anyway think the way with the iptables is the better one, unless there is a working official patch.
And no deletion/concealment is not the right way, aslong you not working for a well known software company ;>
#15
Posted 18 February 2005 - 09:24 PM
Quote
Its not the q3ded to path with the fix, its the quake3.x86 where Luigi Auriemma advice to change Offset 0005a95c from 01 to 03 with the fix/patcher. Doesn't work (still vulnerable) for me (with urt), maybe someone else have more luck with this.
Anyway think the way with the iptables is the better one, unless there is a working official patch.
And no deletion/concealment is not the right way, aslong you not working for a well known software company ;>
Anyway think the way with the iptables is the better one, unless there is a working official patch.
And no deletion/concealment is not the right way, aslong you not working for a well known software company ;>
Yeah, it doesnt fix it in every case. However, quake3.x86 is the linux client, q3ded is the linux server. Patching quake3.x86 will not do any good at all.
Advertisement
#18
Posted 18 February 2005 - 09:43 PM
Quote
Already looked at patch-o-matic. I "may" write a case-insensitive string match module.
As for modifying the q3ded and it not pissing off pure or PB, that's bad, really bad. With the right knowledge a programmer/server admin could code some unfair advantages in for his team. If their server is used for a match... I see a problem.
As for modifying the q3ded and it not pissing off pure or PB, that's bad, really bad. With the right knowledge a programmer/server admin could code some unfair advantages in for his team. If their server is used for a match... I see a problem.
I do agree somewhat w/ you here.. Just wait for the q3 source code to be released... Course, by then we'll probably be moving on to etut.
#20
Posted 18 February 2005 - 09:52 PM
Windows server admins were screwed from the beginning, I'm mean really, they're using Windows. But on a serious not, this is where a pass through server would be perfect.
Clients connect to the passthrough. The passthrough filters data if neccessary, then passes it to the Quake 3 server. Basically, it's like a NAT, having to keep track of what's what and who's.
Clients connect to the passthrough. The passthrough filters data if neccessary, then passes it to the Quake 3 server. Basically, it's like a NAT, having to keep track of what's what and who's.