Well, i think TeamSpeak must take a closer look to security in the future. The last exploit with avatars and now this - just annoying - and there are a couple more out there.
We are migrating towards a new forum system located at community.teamspeak.com, as such this forum will become read-only on January 29, 2020
-= TeamSpeak Lover =-
Well, i think TeamSpeak must take a closer look to security in the future. The last exploit with avatars and now this - just annoying - and there are a couple more out there.
-= TeamSpeak Addict =-
I agree, I think there should be security audits.Originally Posted by FireEmerald
But still, why release a tool for people to exploit this?
-= TeamSpeak Addict =-
Hypocrisy, self-delusion, there're choices Patrick
Personally I'm rather puzzled by the motivation.
Either they hate the software, then it doesn't make sense to put such energy into it.
Or they don't, then it isn't rational to not act constructively in a white hat manner.
I'm guessing the theory that makes sense the most would be desire of attention, if that's one's kind of thing.
In that case one could come up with the idea that this monetarization would in fact be mostly a wall of protection to calm oneself down into a sorta greyish area and you know, the immense costs of hosting a forum to discuss stuff like piracy for educational purposes... is apparently enough for folks to make peace with their actions.
Giving devs a notice, apparently early-ish, is nice - I'll give 'em that (and it sure helps to perceive oneself in a more fortunate light, doesn't it).
But I'm not buying into this whole structure becoming morally justifiable just by that.
Then again, the world tends to demonstrate it's not overcome by desire for conforming to my standards, so whatever *shrug*.
Sure, TS needs to become more secure (although I would argue if a provoced crash is a security issue in the harder sense), but as it stands the same is true for my bank's app, Windows, OSX, Linux, the NASA network.. It's true for pretty much everything, today's norm. I'm not saying it's a justification to laying back, which I doubt is being done. Rather that I guess the reasonable expectation in today's world is stuff to be fixed in a responsibly fast manner, not that there never ever is anything to be found in the first place, as desirable as this would be.
-= TeamSpeak Fanatic =-
It will upgrade to 24 by itself then.
-= TeamSpeak Fanatic =-
The crash is not provoked. From what I heard, this program existed before 3.0.12 was released and did not crash these (and still doesn't). So it's a newly introduced server bug. After they found it, they reported it and asked TeamSpeak to fix it until Feb 5 or they will release the tool. TeamSpeak didn't fix the bug, so they released the tool.
If they didn't release the tool, there would be a chance that TeamSpeak will never fix a serious issue in their software. So if a company tries to rely primarily on "security by obscurity", I think it's a valid reason to release such tool that takes away the obscurity and shows everyone that something is wrong.
-= TeamSpeak Addict =-
Ah I see, originally they didn't say that they had notified TeamSpeak prior to the release of it. It kinda makes sense now, I guess TeamSpeak is a bit stubborn sometimes.
-= TeamSpeak Addict =-
I dunno, numma_cway, releasing stuff to public is commonly used as a last resort if critical stuff doesn't get fixed in a reasonable amount of time under consideration of severity and active abuse.
It'd go against that business model to give too much of a heads-up, as it'd potentially deny the ability to show sth. off to that "VIP" crowd for a couple of days. Bad "press" for TS is "good" press for such an entity.
I'll continue to refrain from handing out that saint's halo.
-= TeamSpeak User =-
totally agree because this,
"Keeep Server Down Every X seconds!"
...Security Research sure...
-= TeamSpeak User =-
If you for some reason don't have the option to downgrade your server again. Then here is a little list of known IP there are used to crash servers.
Last edited by dante696; February 8th, 2016 at 08:22 AM. Reason: ips removed
-= TeamSpeak Addict =-
It would be futile to even attempt to block these IPs, they will have lots of VPNs etc which is what's most infuriating about this. I've gone to the effort of downgrading because I've already been targeted multiple times.
Last edited by dante696; February 8th, 2016 at 08:22 AM.
-= TeamSpeak User =-
my geoip & vpn script did block these kidz easy- so they used their real ips, lol..
2016-02-06 02:38:41.275364|INFO |VirtualServerBase|5 |client connected 'Eva Braun'(id:24280) from 82.82.188.203:58171
2016-02-06 03:12:43.334163|INFO |VirtualServerBase|5 |client connected '☠☂*»».८Րคઽע੮૦คς੮૯Ր.««*ൠ™✔'(id:24281) from 91.4.63.1:60729
2016-02-06 03:15:41.204336|INFO |VirtualServerBase|5 |client connected 'ANONYMOUS'(id:24282) from 37.24.143.108:23242
2016-02-06 03:16:26.714939|INFO |VirtualServerBase|5 |client connected 'DrJhzeCpzh5k0h3'(id:24283) from 91.4.63.1:50698
very smart
-= TeamSpeak Addict =-
Hello Guys
Someone exploited my hosting and error appear after this crashed my all instances:
2016-02-07 18:21:34.090094|CRITICAL|ServerParser | |Assertion "rID == REASON_NONE || rID == REASON_CLIENTDISCONNECT" failed at ../../../../s/deps/teamspeak_server_lib/src/ts_server/serverparser.cpp:962;
every time.
-= TeamSpeak User =-
Just got attacked. Glad i did a backup right before updating. Rolled back to old version.
-= TeamSpeak User =-
There is a tool in a forum to bring down the server
Closed and will be discussed here
http://forum.teamspeak.com/threads/1...-0-12-released
When sending me private messages: Please make sure to include reference link to your forum thread or post.
TeamSpeak FAQ || What should i report, when i open a client thread?
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
