Deliberately Crashing Servers

[VaeVictis]

I don't think making server code resistant to attack is stupid at all. You have to remember that Q2 was designed as a single player game first, multiplayer second and the philosophy of the net at the time was "everybody plays by the rules". Then the Morris worm came out and all hell broke loose.

you do realize the worm made by robert morris was out a full decade ahead of q2 right?

[QwazyWabbit]

I don't think making server code resistant to attack is stupid at all. You have to remember that Q2 was designed as a single player game first, multiplayer second and the philosophy of the net at the time was "everybody plays by the rules". Then the Morris worm came out and all hell broke loose.

you do realize the worm made by robert morris was out a full decade ahead of q2 right?

Less than a decade actually... more like 6 years or so, late '88 to late 96. But the lesson was not learned was it?

[|iR|Focalor]

Unless he took the time to create a bind that would drop 1000+ ammo packs all at once, that's not the method he was using. Cajmere said he never saw any ammo packs dropped before it crashed.

It's pretty stupid that anyone should HAVE to make changes to the server to prevent this from happening again when it would be a hell of a lot quicker and simpler to keep the assholes doing it off the server with a ban until they agree to stop doing obnoxious shit. Play by the rules or play somewhere else.

I don't think making server code resistant to attack is stupid at all. You have to remember that Q2 was designed as a single player game first, multiplayer second and the philosophy of the net at the time was "everybody plays by the rules". Then the Morris worm came out and all hell broke loose. Original Q2 was riddled with vulnerabilities, hence all the admin tricks and add-ons to plug the holes.

One of the most annoying shortcuts taken by the Q2 developers IMHO, is the good old crash-the-app-because-something-bad-happened. This is exactly what you saw with the coop server. This is fine if you're developing but it sucks when you're an admin. Fortunately, quadz has Wallfly and server monitor/reset automation in place but from the degree of upset caused by all the complainers in this thread I'd say making the servers resistant to the exploit would be a better solution.

The patch would appear to be minimal and it's already written so why not take advantage of it if it exists. We only need to prove it works.

You just love to fucking argue with me lately, don't you? Your little "solution" may work, but it's still a stupid one in my opinion. Some guy pisses on your shoes and you're worried about doing what you can to make your shoes piss-proof, meanwhile some guys pissing on my shoes and I'm kicking him in the dick until he's pissing blood and can't walk. I bet you my shoe pisser won't make the mistake of pissing on my boots again. And I didn't even have to waste the time and money it'd take to go shopping for a new pair of piss-proof shoes like you did.

[QwazyWabbit]

Unless he took the time to create a bind that would drop 1000+ ammo packs all at once, that's not the method he was using. Cajmere said he never saw any ammo packs dropped before it crashed.

It's pretty stupid that anyone should HAVE to make changes to the server to prevent this from happening again when it would be a hell of a lot quicker and simpler to keep the assholes doing it off the server with a ban until they agree to stop doing obnoxious shit. Play by the rules or play somewhere else.

I don't think making server code resistant to attack is stupid at all. You have to remember that Q2 was designed as a single player game first, multiplayer second and the philosophy of the net at the time was "everybody plays by the rules". Then the Morris worm came out and all hell broke loose. Original Q2 was riddled with vulnerabilities, hence all the admin tricks and add-ons to plug the holes.

One of the most annoying shortcuts taken by the Q2 developers IMHO, is the good old crash-the-app-because-something-bad-happened. This is exactly what you saw with the coop server. This is fine if you're developing but it sucks when you're an admin. Fortunately, quadz has Wallfly and server monitor/reset automation in place but from the degree of upset caused by all the complainers in this thread I'd say making the servers resistant to the exploit would be a better solution.

The patch would appear to be minimal and it's already written so why not take advantage of it if it exists. We only need to prove it works.

You just love to fucking argue with me lately, don't you? Your little "solution" may work, but it's still a stupid one in my opinion. Some guy pisses on your shoes and you're worried about doing what you can to make your shoes piss-proof, meanwhile some guys pissing on my shoes and I'm kicking him in the dick until he's pissing blood and can't walk. I bet you my shoe pisser won't make the mistake of pissing on my boots again. And I didn't even have to waste the time and money it'd take to go shopping for a new pair of piss-proof shoes like you did.

I don't love to fucking argue with you at all. I find your point of view very entertaining. Keep it up. Since you are so free with your opinions I am equally free with mine. The fact our opinions differ is what makes the world interesting. If you think that's an argument it's only your juvenile underdeveloped mind and that angry with the world because your old man beat you when you was little attitude. I was only interested in the topic because it showed a weakness in the game code.

Go, be angry. Give it your best shot. Piss on krenZ and have your little game. Me, I'd rather make the game better for small minded people who have no other talent than to be drama queens on forums.

P.S. You only think I'm arguing with you. It's all in your mind.

[|iR|Focalor]

Who's angry? Wasn't angry at all. Didn't think I expressed any anger in that post. Apparently you are though, saying dumb shit like "juvenille underdeveloped mind", "your old man beat you when you was little". If just saying that you love to argue me about everything recently is enough to trip your self-defense trigger like that, then you got some mighty thin skin there.

In case your fucking eyes missed it, I never brought this topic up on the forums. Krenz did. I chimed in to set the record straight about what he was up to when he began telling his bullshit fact-free story about what happened. I could care less about a grudge match with that little fudge packer. He's still holding on to some dumb shit that happened probably 4 years ago at Monsterkill and thinks it's fun to try to troll me whenever he can. Don't give the tiniest piece of shit in the world about which one of us is better at a retarded archaic video game that no one else in the world gives a damn about anymore. Done had this short little discussion with him in IRC, which you missed. He stops doing dumb shit and starts treating people with more respect, I'll start acting more respectful towards him.

Apparently YOU wanna be a drama queen about this shit and get all defensive over one comment that wasn't necessarily meant to be a personal attack. Fine by me. If that's the way you wanna play it, fuck you too, bro. Would it make you feel better if I'd apologize. Fine. I'm so sorry for saying you like to argue with me about everything recently.

[yahoo]

someday when i grow up , I wanna be like Big Brotha Foc

[VaeVictis]

I don't think making server code resistant to attack is stupid at all. You have to remember that Q2 was designed as a single player game first, multiplayer second and the philosophy of the net at the time was "everybody plays by the rules". Then the Morris worm came out and all hell broke loose.

you do realize the worm made by robert morris was out a full decade ahead of q2 right?

Less than a decade actually... more like 6 years or so, late '88 to late 96. But the lesson was not learned was it?

q1 was out in 96, q2 came out tail end of 97 so... yeah less than a decade, but close enough to round up, only a few months off

[quadz]

From a developer point of view, all else aside, it's almost always worthwhile to investigate issues in the code where one isn't precisely sure why or how a particular error condition is being triggered.  Often one may discover unexpected code paths by which the error could have been triggered, which could have led to the error occurring under even more ordinary circumstances.

In other words, we already know the co-op mod is more flaky than we'd like, and it's quite possible that in tracking this down and fixing it, we'd eliminate some percentage of co-op's general flaky crashes.  (But even if not, walling off an avenue for a DoS attack is good policy.)

[|iR|Focalor]

Well what I was trying to convey with my statements (which I guess I didn't do in plain enough english, I apologize, and I'll do it now) is that it's unfortunate that some people (krenz in this case) can't just follow the god damn rules, stop being an asshole, and not cause any problems in the first place. Fixing shit is fine, but no one would be wasting time fixing shit at all if assholes could mind their manners and not break shit that doesn't belong to them. Just saying... if it were me... I wouldn't waste time screwing with code that works just fine for everyone else only because one person wants be an asshole. I'd just deal with the asshole himself. To me, one asshole shouldn't earn the right to consume my time fixing shit that I don't wanna fix. Enter IP, ban asshole, quick fix, go do something else.

[QwazyWabbit]

Foc, I understand your point completely and I agree that assholes need to pay the price for being assholes and krenZ deserves his ban and I wouldn't waste any more time on him either.

I was only replying to you in the same tone and method that you replied to me. All is cool.
 

But my intent was to plug a hole that exists in ancient code that might be easily fixed with a simple copy-paste of a block of code and a quick recompile of the game DLL and publication of that code for the greater good of the mod community. The total time to do that is less than I have wasted in this thread. The solution might even be as simple as increasing maxentities since the limit is artificial and the default was geared to a 1997 server. The code I have uses a "freed entity" list to speed up G_Spawn and a larger default value for maxentities. LOX uses a lot of entities and it doesn't crash and I haven't seen this exploit used on it so I would have liked to see if it can be crashed this way. The coop code is ancient original 3.21 mod code most likely.

The result would be less time dealing with future assholes who might choose to use the same exploit to crash a server. If I was more ambitious I'd write a detection program that would auto-ban anyone who acted like krenZ but as you say, enter IP, ban the asshole, quick fix.

[Whirlingdervish]

this has been informative to say the least

[ex]

I say plug the holes AND globalban the fags.  More work, but seems to work well to tackle both issues simultaneously. 

[X'tyfe]

A+ Topic, will recommend.