Raised This Month: $12 Target: $400
 3% 

sv_logsecret


Post New Thread Reply   
 
Thread Tools Display Modes
Author Message
joshtrav
Senior Member
Join Date: Sep 2009
Old 04-14-2011 , 23:09   sv_logsecret
Reply With Quote #1

Code:
Added a new server convar "sv_logsecret" which emits a new S2A_LOGSTRING2 UDP packet to any UDP log targets with the secret value pre-pended
Anyone know what this is all about? I read it and my head tilted...
__________________

joshtrav is offline
HnyBear
Member
Join Date: Dec 2004
Location: Miami, FL
Old 04-15-2011 , 07:08   Re: sv_logsecret
Reply With Quote #2

No one knows... that's why it's secret. shhhhhh
__________________
To be the best, you must lose your mind.
HnyBear is offline
Send a message via AIM to HnyBear
einwad
Member
Join Date: Mar 2011
Location: Romania (Brazil)
Old 04-15-2011 , 07:13   Re: sv_logsecret
Reply With Quote #3

Extra info:

"sv_logsecret" = "0"
- If set then include this secret when doing UDP logging (will use 0x53 as packet type, not usual 0x52)
einwad is offline
Send a message via Skype™ to einwad
TnTSCS
AlliedModders Donor
Join Date: Oct 2010
Location: Undisclosed...
Old 04-15-2011 , 11:38   Re: sv_logsecret
Reply With Quote #4

Quote:
Originally Posted by einwad View Post
Extra info:

"sv_logsecret" = "0"
- If set then include this secret when doing UDP logging (will use 0x53 as packet type, not usual 0x52)
I'm still lost - LoL
TnTSCS is offline
Invader Amoto
Member
Join Date: May 2009
Old 04-15-2011 , 15:16   Re: sv_logsecret
Reply With Quote #5

It has to do with remote console logging. You can set up the server to send logs to a remote server. log_address and similar commands if I remember correctly. This just changes the packet type?

Anyway, I'm not sure how this is useful at all.

Last edited by Invader Amoto; 04-15-2011 at 15:19.
Invader Amoto is offline
joshtrav
Senior Member
Join Date: Sep 2009
Old 04-17-2011 , 12:42   Re: sv_logsecret
Reply With Quote #6

Yea, I was assuming things like HLStats, HLSW, and simple queries for forum status scripts would break should I set it.

I am very unimpressed with the amount of information they have included on it.
__________________

joshtrav is offline
evogamescafe
New Member
Join Date: Apr 2011
Old 04-19-2011 , 23:22   Re: sv_logsecret
Reply With Quote #7

Quote:
It has to do with remote console logging. You can set up the server to send logs to a remote server. log_address and similar commands if I remember correctly. This just changes the packet type?

Anyway, I'm not sure how this is useful at all
Basically, the server sends the logs in the same x52 packet type, and apparently some people have been able to more or less connect to a server and sniff out their logs based on that information. Well with this new command a server that (for some reason) keeps logs of things that are "sensitive" can now mask the packet type to any type they desire, so that someone trying to sniff the data would be unable to find it, because it would be like looking for a needle in a stack of needles when trying to find what the packet type was.
evogamescafe is offline
psychonic

BAFFLED
Join Date: May 2008
Old 04-19-2011 , 23:41   Re: sv_logsecret
Reply With Quote #8

Quote:
Originally Posted by evogamescafe View Post
Basically, the server sends the logs in the same x52 packet type, and apparently some people have been able to more or less connect to a server and sniff out their logs based on that information. Well with this new command a server that (for some reason) keeps logs of things that are "sensitive" can now mask the packet type to any type they desire, so that someone trying to sniff the data would be unable to find it, because it would be like looking for a needle in a stack of needles when trying to find what the packet type was.
Actually, I think you have it backwards.

I believe it's to solve the issue that you can generate and send fake logs with a forged source ip address (as it's just udp).

By adding your own custom "secret" to the log packets, you know which ones genuinely came from your own game servers as no one else would (read as: should) know the secret you set.
psychonic is offline
TnTSCS
AlliedModders Donor
Join Date: Oct 2010
Location: Undisclosed...
Old 04-21-2011 , 11:53   Re: sv_logsecret
Reply With Quote #9

Quote:
Originally Posted by joshtrav View Post
Yea, I was assuming things like HLStats, HLSW, and simple queries for forum status scripts would break should I set it.

I am very unimpressed with the amount of information they have included on it.
I think this is the case. gameMe offers a secure logging which enables sv_logsecret and once enabled, hlsw cannot connect to receive logs.

Am I doing something wrong or maybe missing something, but is anyone able to receive logs via HLSW once sv_logsecret has been set to > 0?

I'll be posting this on HLSW as well, just thought I'd post here too.
TnTSCS is offline
psychonic

BAFFLED
Join Date: May 2008
Old 04-21-2011 , 11:56   Re: sv_logsecret
Reply With Quote #10

Quote:
Originally Posted by TnTSCS View Post
I think this is the case. gameMe offers a secure logging which enables sv_logsecret and once enabled, hlsw cannot connect to receive logs.

Am I doing something wrong or maybe missing something, but is anyone able to receive logs via HLSW once sv_logsecret has been set to > 0?

I'll be posting this on HLSW as well, just thought I'd post here too.
Enabling sv_logsecret will likely break log streaming for any software not updated to support it. The packets come across with a different id as well as having the secret added.
psychonic is offline
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 06:54.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode