Complete.Org: Mailing Lists: Archives: freeciv-dev: January 2003:
[Freeciv-Dev] Re: new connect dialog (ver 4) (PR#1911) 		Home

[Freeciv-Dev] Re: new connect dialog (ver 4) (PR#1911)

[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
To: kaufman@xxxxxxxxxxxxxxxxxxxxxx
Cc: freeciv-dev@xxxxxxxxxxx
Subject: [Freeciv-Dev] Re: new connect dialog (ver 4) (PR#1911)
From: "ChrisK@xxxxxxxx via RT" <rt@xxxxxxxxxxxxxx>
Date: Sun, 19 Jan 2003 11:52:02 -0800
Reply-to: rt@xxxxxxxxxxxxxx 
On Sun, Jan 19, 2003 at 09:00:32AM -0800, Mike Kaufman via RT wrote:
> On Sun, Jan 19, 2003 at 07:59:39AM -0800, ChrisK@xxxxxxxx via RT wrote:
> > 
> > The possibility of connects to a civserver listening on 0.0.0.0 is still
> > a risk IMHO. With Mike's approach there is the possibility of a DoS attack, 
> > probably (not tested).
> 
> hmm. could you outline the method one might go about it? I don't see how
> the patched server is more vulnerable than the stock server...

No, it isn't. But I wanted to throw the question about security
for long. As far as I know about Linux distributions they come
with no packet filtering set up, so civserver is open to everyone.

Christian

-- 
Christian Knoke     * * *      http://www.enter.de/~c.knoke/
* * * * * * * * *  Ceterum censeo Microsoft esse dividendum.
[Prev in Thread] Current Thread [Next in Thread]