Had a new player logon and whisper me. They said that they were a new player and then quickly proceeded to tell me that he/she was a bug tracker and that they could crash the clients. Before I could screen shot it for proof, my client crashed. They got my attention to say the least. I relogged and proceeded to chat with them. They didn't seem want to cause trouble and seemed friendly, but still it's a little hair raising knowing (or not knowing) what the other person is capable of.
I asked if they knew what the fix was for it and they gave me this:
The conversation went on for about 30 mins, and they were attempting to show me other bugs.Code:ChatFakeMessagePreventing = 1 ChatStrictLinkChecking.Severity = 2 ChatStrictLinkChecking.Kick = 1 or 0 ChatFakeMessagePreventing = 1 ChatStrictLinkChecking.Severity = 2 ChatStrictLinkChecking.Kick = 1 or 0 ChatStrictLinkChecking.Severity = 3. from 2 to 3 and reboot server
-One which they would spam a "hidden" whisper to a player causing them to lag, then crash (maybe similar to a ddos?)
-Another which they would create a ticket and crash the server.
Neither of these two seemed to work though, so not sure if they are legit bugs or not. There were no logs in warden, so I assume it was all done via the text box.
Now for my questions, will the above changes within the config files prevent the first bug from happening again or just making things worse? Are the 2nd and 3rd bugs legit bugs? What can I do to beef up the security within the server?
Thank you all.