Hey!
Can anyone explain what was happening to WormNET recently?

some guy with Mulgapol nick and a number after it, always growing
now he spams: I love you all
what the hell is that?

someone opened hosts very frequently, and all the prosnooper clients did lag out.

Yeah, this sort of thing is very easy to do if you know the wormnet password (which quite a few people do, and it isn't too hard to find out) and can write a simple script.

He appears to have been banned from the server.

The problem has been resolved, we'll look into increasing security to prevent this kind of thing happening again in the future.

Yeah, this sort of thing is very easy to do if you know the wormnet password.

knowing the password is just one little part of reverse engeneering the used protocoll, which you would want to fake.
at end reading the password, with wireshark or something, is propably the most trivial part of all.
maybe you will not need it at all to invoke host commands to wormnet.

We're talking about join/part floods here, that was the spambot in question.

And the host command was pretty well documented on the WKB, and you don't even need the password for that.

So, neither are hard.

i thought that host flood from 3days ago is the topic.
did someone notice it?

i thought that host flood from 3days ago is the topic.
did someone notice it?
Maybe that as well, dunno.

Maybe that as well, dunno.

so it causes that no one was able to host and every snooper client did crash. i think it was over half an hour long.

The game list flood was done by the same person as the join/quit flood. They've been blocked from WormNET for now.

They've been blocked from WormNET for now.

no hard feelings, but i doubt that he can be banned.

no hard feelings, but i doubt that he can be banned.
Well, since it's common knowledge that you can't ban a person from any Internet project that does not do real-life checks, I decided to be laconic. But just for you and other nitpickers alike, I'll elaborate: the IP address from which both attacks have been performed has been firewalled, and no attempts to circumvent the block have yet been made.

Well, since it's common knowledge that you can't ban a person from any Internet project that does not do real-life checks, I decided to be laconic. But just for you and other nitpickers alike, I'll elaborate: the IP address from which both attacks have been performed has been firewalled, and no attempts to circumvent the block have yet been made.

at first lol... nitpickers is not a good word in germany. dunno if moldovian use it for fun.. whatever

this guy had a german flag. just that you know.. german ips do change their owner every day, if you ban one the next guy with that ip may fall into your elefant-trap.

at first lol... nitpickers is not a good word in germany. dunno if moldovian use it for fun.. whatever

this guy had a german flag. just that you know.. german ips do change their owner every day, if you ban one the next guy with that ip may fall into your elefant-trap.
Well, let's ban the whole IP range of the culprits ISP then.
Collateral damage.

at first lol... nitpickers is not a good word in germany. dunno if moldovian use it for fun.. whatever
Nitpickers is an English word meaning something like "people who point out things that are petty or besides the point, or try to complicate things when they are clearly supposed to be simplified". Wiktionary can probably give a better definition, but meh.

getting stucked by this word would be pettifoggery, since i dont care so much about it. :o