Kigen said:

Oh goodie. Let me figure out how to reform the packet to include the Sent by stuff.

Also, Samson, do you want me to make it spit out something into the logs when someone does this? Like a warning or something?

No. There's no reason to log it. I think that tagging attempted deception will be enough to deter it for malicious reasons. If it's not that's why the system has other more aggressive means of blocking people.

Ooo, aggressive blocking.

So just the Sent by added to the text field. Also, is where I'm stealing the "from" from valid not to be altered?

Also, is where I'm stealing the "from" from valid not to be altered?

I have no idea what you just asked here....

Meaning malformed so that it looks like it came from a different mud. I know there is no true way to validate which player on the mud it came from since that is handled by the mud. But is there a check before hand to validate which mud it came from.

If the @mud part does not match the name the connection comes from, it should get dropped automatically by the system already as part of the packet forgery protection. So we don't need to worry about that.

What about user@fakemud~x@realmud (assuming ~x is the imc color code for black) :d

*sigh* What would we do without Kiasyn?
On the one hand, it really is a valid point since it is something someone could come up with to get around the new coding, especially after reading this thread to see how it's being addressed. On the other hand, there are only a handful of folks that would think to do something like that, and Kia is one of them.

Yes, and it's that sort of thing I was getting at when I said client side filtering isn't going to stop a damn thing in the end. Server side filtering is the only real way to "solve" this problem. So I think concentrating efforts there should be the way to go.

I thought that's what you and Kigen were working on at this point, the client side fix he did earlier was just meant to be a stop gap in the meantime, no?

It's been pretty much all Kigen as I've been spending time on other things while he irons out the server fix. But yes. Stopgap measure. And it's only effective if implemented anyway. It won't fix the display for you if Kiasyn forges a packet from his unfixed mud

Wait, it won't fix the display if he forges it from his unfixed mud? I thought that was exactly what it was supposed to counter.. well, no, I suppose it's meant to counter socials without variables rather than forged packets, but then we're anxiously waiting on Kigen's server side implimentation for that.

I'm the only one working on this.

I think that's what Samson told me a couple of posts ago. *shrug*

Need to make sure you remembered.

I did.

Threadjacking!!!

Yeah. So I lied. This patch file lets you get a chanwho response back from your own mud. Using no packets. Up to you to figure out how to use the patch file

Does it qualify as threadjacking when the owner/moderator borrows the thread?
Thanks, Samson! I'm sure we'll get it figured out.

Hoping I can hijack this thread then too. While trying to enable connection to IMC from my mud, I get the following output in my log file:

Sun Dec 17 10:06:59 2006 :: IMC: Loading IMC2 network data...
Sun Dec 17 10:06:59 2006 :: IMC: IMC2 network data loaded.
Sun Dec 17 10:06:59 2006 :: IMC: IMC2 Network Initializing...
Sun Dec 17 10:06:59 2006 :: IMC: Connecting to server.
Sun Dec 17 10:06:59 2006 :: IMC: Loading channels...
Sun Dec 17 10:06:59 2006 :: IMC: Loading ban list...
Sun Dec 17 10:06:59 2006 :: IMC: Loading ucache data...
Sun Dec 17 10:07:00 2006 :: IMC: imc_read_socket: Descriptor error on #5: Operation now in progress
Sun Dec 17 10:07:00 2006 :: IMC: Shutting down network.
Sun Dec 17 10:07:00 2006 :: IMC: Connection to server was lost. Reconnecting in approximately 20 seconds.

The bold print is the error received. A google search showed a thread by Samson in 2005 that pointed to an issue with server00. I'm not sure if this is the issue, but likely somewhere on my end.

Any ideas?


Chetu


ps: I should add that I have changed my logfile both manually and in the MUD a few times to no avail. Right now the MD5 and sha256 variables are commented out