[8397] in bugtraq
Re: Quake problem?
daemon@ATHENA.MIT.EDU (Matt Watson)
Wed Nov 4 13:51:16 1998
Date: Tue, 3 Nov 1998 17:19:25 -0600
Reply-To: Matt Watson <sideshow@SATURN.TERAHERTZ.NET>
From: Matt Watson <sideshow@SATURN.TERAHERTZ.NET>
X-To: mj@SMACKDADDY.NET
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.BSI.3.95.981101123343.17600B-100000@www.mydesktop.com>
Well, i haven't played quake in a long time, but to my knowledge, quake
doesn't give away the ip addresses of everybody logged in, so yes its
still a bug, but since the server doesn't give away the address, its a
little difficult to accomplish since you'd have to know the ip address in
avdance..
-- Matt Watson
TeraHertz Communications Administrator
On Sun, 1 Nov 1998 mj@SMACKDADDY.NET wrote:
> I apoligize in advance if this seems unimportant or if anything resembling
> this was ever posted in the past. I looked through the archive and came
> across nothing.
>
> In playing with a friend of mine's code (dcd3 by Volatile) and combing
> through the bugtraq archives...i came across something that i found
> interesting. In May of this year, Ambrose Feinstein said...
> "actually, using the attack on yourself for the same set of servers would
> work too; if a netquake server gets a connection from an ip already
> connected, even on a different port, it drops both."
> Assuming this is correct, what stops anyone running a variation of unix to
> send a spoofed packet to the quake server of anyone they dont like and
> having the quake server drop both connections?
> This would cause that person pinging 300+ and getting wooped by the person
> from the edu pinging 130 to have full control over whether the person
> could play or not. Just a thought....Lemme know if anyone can produce
> this with some success.
>
> Mike
> mj@efnet
> MyDesktop Networks - http://www.mydesktop.com
>
