Re: [OFF-TOPIC] Damn connector!

From: Price Hall (phall@DUFUS.CC.WESTGA.EDU)
Date: 03/17/98


On Tue, 17 Mar 1998, Jesper Andersen wrote:

> I have a little problem. I have someone who tries to connect over and over
> again. Spamming our log with "Losing descriptor without char." messages. I
> tried banning, but it only changed the message *doh*.


This is a problem with the ban code - it happens AFTER getting a username
and password.  You could modify the code so that only one login from a
single IP can happen at once, I guess.  Or add a new type of ban that
checks earlier.  The bad thing is, this is real easy to exploit, with
tinyfugue for example:

/repeat -0 1000 /world xxx.xxx.xxx.xxx xxxx

Then, people can send simultaneous commands to each of those logins.  Not
good at all :)

-maxx


     +------------------------------------------------------------+
     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     | http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
     +------------------------------------------------------------+



This archive was generated by hypermail 2b30 : 12/15/00 PST