Vapula

Do you have some info about the RSA key used (modulus size, public key) and how it is used ? If the key size is small enough, it could be brute-forced (see distributed.net efforts... and now, we habe more powerful computers + CUDA) Also, even strong crypto can be defeated if used in a wrong way... If we have a packet with only a few bytes crypted (and useful), we could aswell bruteforce a crypted value which, when decrypted leads to the desired value for these bytes... which could ask much less work than reversing the key.

Is it still possible to use parameters similar to the ./configure one to - specify ETC and DATA dir - Enable/isable console and Remote access - Choose DB support ...

Basically, the authenticator is a timed token generator. You've a token sequence X1, X2, ..., Xi where Xi=f(Xi-1). The authenticator is nothing but a simple microcontroller with a timer set to 30 seconds, an interrupt on the button and a screen. On each timer interrupt, it updates its internal value. When you push the button, it power up the display and keeps active for some time. The rest of the time, it's in "sleep" mode which allows to lower it's power consuption. Blizzard-side, when you've an authenticator, the server saves the time stamp and the Xi for that time stamp. when you log in, it computes f(f(f(...f(X)))), saves it with the new time stamp and check the value you've entered. Well, it keeps Xi-1 and also compute Xi+1 and test for the three values. Without knowing the actual function, it'd be impossible to implement the official authenticator. But the authenticator mecanism can be implemented with a custom made authenticator... We could have our own algorithm and mangos-authenticator programs for Windows, Linux, MacOS/X, Android and iPhone/... We may even design a small authenticator system with a cheap PIC or AVR microcontroller, a quartz (for precise timing), 2 capacitors, a transistor (to control the power of the LCD display) and an LCD display. Add a press button, a battery and you're done. mangos-authenticator would also require a web-side administration which should allow to add an authenticator, remove it and emergency-remove (battery down for example, with a confirmation by E-Mail).

I think that make install should either make a backup of the previous files (realmd.conf.old for example) before overwritting it, install the new file as .new (realmd.conf.new) or, even better, grab old config values and put them in the new config file. The first two options are the easiest to add, the tird one would be the best one but the most difficult.

Well, Sourceforge is on the process of moving its servers... So, the statistic server is down and it looks like they have some problem with their traffic-checking system. From tickets I've seen, it looks like they blocked some IP because they generated too much trafic... Maybe their stats were incorrect or maybe some parts of the projects are too big... When I checked size on disk of my whole SVN dir (mangos + scriptdev+...), it reached 1Gb... Maybe doing updates/diff/checkouts/... only on the trunk may help... Best you can do is open a support ticket on the sourceforge server... The most people will open tickets, the more chance they'll notice there is something wrong in their IP-blocking system... (BTW, I also got blocked...)