![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
I copy/pasted this from GameFAQs. I'm no networking expert, but it makes sense. Spread the word, people need to get rid of this game, quickly.
I was wondering why I had this problem.
I had a buddy of mine check it out. He has a little over a decade of internet security experience and 30 years programming experience(I'm serious.) He first started to see who was coming into the network, and who our network was talking to. It escalated most drastically.
You must read this. The livelyhood of your computer depends on it.(Long story short, what MAIET is doing is insane. I deleted GunZ from my computer. Unless they rewrite the netcode, GunZ shall never again populate my hard drive.)
"GUNZ ports
1. first it does DNS lookup on on game site.
2. then it probably goes to 222.111.150.81 port 80 (web site) for game news?
3. then it goes to 211.63.135.151 to check for ftp updates
4. then you try server 1 which is 222.111.150.82 on tcp port 6000, often busy, look for free serv
5. then you try server 2 which is 222.111.150.83 on tcp port 6000, try this one
6. then you try server 3 which is 222.111.150.84 on tcp port 6000, try this one
7. then you try server 4 which is 222.111.150.85 on tcp port 6000, try this one
8. then you keep trying and eventually server 2 responds and you setup a UDP conversation on the following
9. udp source port 7700 to dest on server 3 port 7777, udp type '53' (some sort of psuedo bind lookup?)
10. then more chatting with server on 6000
11. game starts, really chatty on 6000
12. Holy penetration, Batman. Gunz starts trying to connect straight into other players machines from udp port 7700 to random udp high ports on other players machine -- not the server. I assume other gamers are trying to connect into my machine on the same random high ports also. I could check my firewall logs but it should be pretty obvious.
13. Firewall doesn't allow that (and for good reason). As George Bush Sr used to say, "Not gonna happen. Wouldn't be prudent!"
14. Just checked my 'pf' firewall logs. Gunz requires you to allow any potential player to connect via UDP into from 7700 to random UDP high ports with udp types of 44, 11, 16, 36. Hmmm. Possibly some sort of RPC mechanism. Sheesh.
15. This means that if this program was *ever* hacked it could spread a virus or trojan at light speed to every user on the system. Since the game is not open source I have no idea what's running around in there. This is the worst network security implementation I've ever seen, bar none. It requires you to allow unlimited UDP stateless into your system. Bwahahah. Clueless.
16. Think how many have hacked / cheated the code in CounterStrike over the years. Imagine those as intruders or viruses on *your* system -- not the server.
17. This is *brain dead* security. Do not run it. I'm a fairly experienced gamer and I do Internet Security for a living. I wouldn't touch this game right now with a 10 foot cattle prod. I don't care if 20 millions Koreans and Buddha himself are playing it.
18. Run, don't walk away from this program until they understand client server programming."
I was wondering why I had this problem.
I had a buddy of mine check it out. He has a little over a decade of internet security experience and 30 years programming experience(I'm serious.) He first started to see who was coming into the network, and who our network was talking to. It escalated most drastically.
You must read this. The livelyhood of your computer depends on it.(Long story short, what MAIET is doing is insane. I deleted GunZ from my computer. Unless they rewrite the netcode, GunZ shall never again populate my hard drive.)
"GUNZ ports
1. first it does DNS lookup on on game site.
2. then it probably goes to 222.111.150.81 port 80 (web site) for game news?
3. then it goes to 211.63.135.151 to check for ftp updates
4. then you try server 1 which is 222.111.150.82 on tcp port 6000, often busy, look for free serv
5. then you try server 2 which is 222.111.150.83 on tcp port 6000, try this one
6. then you try server 3 which is 222.111.150.84 on tcp port 6000, try this one
7. then you try server 4 which is 222.111.150.85 on tcp port 6000, try this one
8. then you keep trying and eventually server 2 responds and you setup a UDP conversation on the following
9. udp source port 7700 to dest on server 3 port 7777, udp type '53' (some sort of psuedo bind lookup?)
10. then more chatting with server on 6000
11. game starts, really chatty on 6000
12. Holy penetration, Batman. Gunz starts trying to connect straight into other players machines from udp port 7700 to random udp high ports on other players machine -- not the server. I assume other gamers are trying to connect into my machine on the same random high ports also. I could check my firewall logs but it should be pretty obvious.
13. Firewall doesn't allow that (and for good reason). As George Bush Sr used to say, "Not gonna happen. Wouldn't be prudent!"
14. Just checked my 'pf' firewall logs. Gunz requires you to allow any potential player to connect via UDP into from 7700 to random UDP high ports with udp types of 44, 11, 16, 36. Hmmm. Possibly some sort of RPC mechanism. Sheesh.
15. This means that if this program was *ever* hacked it could spread a virus or trojan at light speed to every user on the system. Since the game is not open source I have no idea what's running around in there. This is the worst network security implementation I've ever seen, bar none. It requires you to allow unlimited UDP stateless into your system. Bwahahah. Clueless.
16. Think how many have hacked / cheated the code in CounterStrike over the years. Imagine those as intruders or viruses on *your* system -- not the server.
17. This is *brain dead* security. Do not run it. I'm a fairly experienced gamer and I do Internet Security for a living. I wouldn't touch this game right now with a 10 foot cattle prod. I don't care if 20 millions Koreans and Buddha himself are playing it.
18. Run, don't walk away from this program until they understand client server programming."