Network security isn’t all fun and games: An analysis of information transmitted while playing Team Fortress 2
Document Type
Conference Proceeding
Publisher
Security Research Centre, School of Computer and Security Science, Edith Cowan University
Place of Publication
Perth, Western Australia
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Information Science / Centre for Security Research
RAS ID
5876
Abstract
In the world of online gaming, information is exchanged as a matter of course. What information is exchanged behind the scenes is something that is not obvious to the casual user. People who play these games trust that the applications they are using are securely written and in this case, communicate securely. This paper looks at the traffic that is transmitted by the game Team Fortress 2 and incidentally the supporting authentication traffic of the Steam network. It was discovered through packet analysis that there is quite a lot of information which should be kept private being broadcast in the clear. Information discovered as a result of traffic capture and analysis included users IDs, and of greater concern, the remote console password. While this information may seem trivial, discovery of such information may lead to compromise of the game server, leaving it open to be controlled by someone with malicious intent.
DOI
10.4225/75/57b5656cb8773
Access Rights
free_to_read
Comments
Proceedings of the 6th Australian Information Security Management Conference, Edith Cowan University, Perth, Western Australia, 1st to 3rd December 2006. Available here.