hedgewars server - don't say hi

3 replies [Last post]
jose1711
User offline. Last seen 4 years 15 weeks ago. Offline
Joined: 2008-06-20
Posts: 80

hello,

could you please add an option to disable server greeting?

Connected to hedgsrvr.
Escape character is '^]'.
CONNECTED
Hedgewars server http://www.hedgewars.org/

in case there's a vulnerability found in the server it can make your host a bit easier to detect and attack.

joe

Star and Moon
Star and Moon's picture
User offline. Last seen 3 weeks 6 days ago. Offline
Joined: 2010-04-03
Posts: 720

I was also thinking about the hello, it seems to be the same voice, so I was thinking is that there should be an option to change it (Yours only) with one of the voice packs, such as Robot or British, or disable it (everyone's hello, so you can't hear it.)

jose1711
User offline. Last seen 4 years 15 weeks ago. Offline
Joined: 2008-06-20
Posts: 80

wowowow, wait a sec. i'm not talking about any sounds, merely about the message that a server sends when a client connects to it (see the telnet output in the first post)

nemo
nemo's picture
User offline. Last seen 24 weeks 3 days ago. Offline
Joined: 2009-01-28
Posts: 1861

If you're running the server you probably are building it?

Just edit that line in the source :-p

processAction (clID, serverInfo, clients, rooms) (AddClient client) = do
let updatedClients = insert (clientUID client) client clients
infoM "Clients" (show (clientUID client) ++ ": New client. Time: " ++ show (connectTime client))
writeChan (sendChan client) ["CONNECTED", "Hedgewars server http://www.hedgewars.org/"]

I think you have many higher profile targets for vulnerabilities though, IMO.

Compared to the other services which have millions of installs, there are probably only a few dozen hedgewars servers in the world. Maybe less.

And if you're really this worried, why are you not running the server in a restricted account, possibly even in a restricted VM or chroot? Simply altering the connect message wouldn't matter that much, if someone suspected a server. They could just try other protocol messages. Wouldn't take any longer than pattern matching that string.

--
Oh, what the heck. 1PLXzL1CBUD1kdEWqMrwNUfGrGiirV1WpH <= tip a hedgewars dev

User login

Copyright © 2004-2024 Hedgewars Project. All rights reserved. [ contact ]