[Freeciv-Dev] Re: new connect dialog (ver 4) (PR#1911)

[Christian Knoke <chrisk@xxxxxxxx>]

On Mon, Jan 20, 2003 at 03:04:27PM +0100, Reinier Post wrote:
> On Sun, Jan 19, 2003 at 07:59:39AM -0800, ChrisK@xxxxxxxx via RT wrote:
> > On Sun, Jan 19, 2003 at 07:11:12AM -0800, Andreas Kemnade via RT wrote:
> > > 
> > > > Why isn't it sufficient to bind the server only to the loopback 
> > > > interface,
> > > > e.g. with the recently posted freeciv-bindip-patch?
> > > > 
> > > Unix is a multi user operating system. Another user on the same machine 
> > > can get
> > > the hack accesslevel even when the server is only binded to the loopback
> > > interface.
> > 
> > Oh yes. But the common gamer will be the only user of the machine.
> 
> Please.
> 
> > BTW does the loopback bind work on windows, too?
> > 
> > The possibility of connects to a civserver listening on 0.0.0.0 is still
> > a risk IMHO. With Mike's approach there is the possibility of a DoS attack, 
> > probably (not tested).
> 
> Mmm, does it introduce new possibilities of DoS attacks?

No, just the usual ones :-(

It should be possible to remote login into a civserver, guess a player's
name, and stop/crash the server by sending illegal packets. See

http://rt.freeciv.org/Ticket/Display.html?id=1225
http://rt.freeciv.org/Ticket/Display.html?id=1247

IMHO the user *must* have control whether the outside world can login into
his running civserver, or not. Currently, she is not even informed that
there is a risk at all. And with Mike's patch this is even harder to notice,
because no "server" thing is started explicitly anymore.

Christian

-- 
Christian Knoke     * * *      http://www.enter.de/~c.knoke/
* * * * * * * * *  Ceterum censeo Microsoft esse dividendum.