Pages: [1]
  Print  
Author Topic: "No or bad challenge for your address": what the heck?!  (Read 20788 times)
cheb
Lesser Nub


Cakes 3
Posts: 127



WWW
« on: July 03, 2010, 12:51:46 PM »

"No or bad challenge for your address" -- I receive this message far too often for my tastes.
Mostly when I try to enter the 4Fishes CTF server.

I'd like to know what the hell is that "challenge" and why is it bad Sad

P.S. I have a static IP4 (217.70.20.10) that didn't change for at least two years, so no one else uses it.
Logged

Imma lazy dreamer. I achieved nothing.
WingedPanther
Member


Cakes 4
Posts: 190



« Reply #1 on: July 03, 2010, 01:46:55 PM »

I don't know either.  I get it when I try to join Digichalk from home, but not from work.
Logged

Programming is a branch of mathematics.
Cacatoes
Banned for leasing own account
Posts a lot
*

Cakes 73
Posts: 1427


also banned for baiting another to violate rules


« Reply #2 on: July 04, 2010, 10:43:50 AM »

Got this error a few times too, may be a problem due to a server setting but hard to know which one.
Logged

Todo: Walk the cat.
Falkland
Member


Cakes 6
Posts: 590


« Reply #3 on: July 04, 2010, 12:20:13 PM »

"No or bad challenge for your address" -- I receive this message far too often for my tastes.
Mostly when I try to enter the 4Fishes CTF server.

I'd like to know what the hell is that "challenge" and why is it bad Sad


A challenge is a special packet sent by the server to the client to establish a crypted data channel between clients and server.

The binaries used for OA085 ( both client and server ) contain a fix for an exploit that allows a valid challenge to be reused. The fix prevents this situation by assuring that every challenge is different for every client that tries to connect to a server and so making it unique for every client.

The problem that you had could be probably caused when you try to connect to a server using the oa081 binary ( which doesn't have this fix) with the new oa085 client and/or viceversa.

Another thing that could explain the invalidation of the challenge is that your UDP packets are not routed directly between your client and the server but they pass through a NAT/proxy/net node that operates IP address and or port substitution.

Something like this :

- your client sends a request
- it passes through a NAT/proxy/net node that operates IP address and/or port substitution ( not forwarding packets )
- the server generates the challenge with the address and the port of the NAT/proxy/net node as above
- the server sends back the challenge but the response doesn't pass through the same proxy/nat/net node
- the challenge is invalid for your client.
Logged
WingedPanther
Member


Cakes 4
Posts: 190



« Reply #4 on: July 21, 2010, 08:19:21 PM »

I suspect it my NAT, but I'm not sure what forwarding I need to set Sad

Additional info: I'm getting something like this in the console:
Resolving 207.Huh.??.Huh:29650 error resolving  207.Huh.??.Huh:29650
when I try to connect to Digichalk.
Logged

Programming is a branch of mathematics.
Pages: [1]
  Print  
 
Jump to: