Server Update for <unknown> type spam messages
Posted: Thu Dec 21, 2006 12:53 am
Sometime this afternoon an individual began using a script to connect to large groups of servers with the express intent of spreading annoying and vulgar messages ( spam ) in a vain attempt to ruin the game for as many people as he could.
He is exploiting a bug in bzfs that accepts a chat message before a full connection is finished. This happens before any ban or other security blocking code.
We have fixed the bug in bzfs in our SNV branch for 2.0.x. We highly recommend that all server owners upgrade to the current version of bzfs via the SVNsystem. Instructions on how to access SVN are on the http://my.bzflag.org/w/BZFlag_SVN page.
The fix will kick anyone who sends a message that is unexpected. This should not affect normal clients, bzadmin, or stat sites at all.
We know exactly who has done this, and no there is no real way to ban them. They are heavily using proxy servers(the TOR network ) and dynamic IP addresses. So please don't comment on that aspect.
Thank you.
He is exploiting a bug in bzfs that accepts a chat message before a full connection is finished. This happens before any ban or other security blocking code.
We have fixed the bug in bzfs in our SNV branch for 2.0.x. We highly recommend that all server owners upgrade to the current version of bzfs via the SVNsystem. Instructions on how to access SVN are on the http://my.bzflag.org/w/BZFlag_SVN page.
The fix will kick anyone who sends a message that is unexpected. This should not affect normal clients, bzadmin, or stat sites at all.
We know exactly who has done this, and no there is no real way to ban them. They are heavily using proxy servers(the TOR network ) and dynamic IP addresses. So please don't comment on that aspect.
Thank you.