[Any] Paranoia IP Tracker
 

Description:

Logs players IP addresses to two database tables.

Why?

Maybe you've had an issue with a skiddie attacking your servers and want to track their IP to a steamid. Maybe you've wanted to ban a troublemaker, but they just create new accounts.

Whatever your reason is, this plugin is intended for proactive security/logging, although you could also use it to see where your players are playing from if you were inclined.

The plugin creates and logs to two tables:

• Paranoia_IPTracker:
  Holds the player's steamid, last used name, a timestamp of their last connect, and the player's last 10 unique IP addresses.
• Paranoia_IPTrackerLogs:
  Stores a row for every connection with the steamid, name, IP and timestamp for that connection.
  Note: this table is only used if sm_paranoia_ip_verbose is set to 1.

Commands:

• None

Cvars:

• sm_paranoia_ip_version
  • Plugin Version
• sm_paranoia_ip_verbose
  • Set to 1 and the plugin will also log to Paranoia_IPTrackerLogs.

Install Instructions:

1. Place ParanoiaIPTracker.smx into your addons/sourcemod/plugins/ folder.
2. Update your databases.cfg file with an entry for "paranoiaip".

Notes:

• If the plugin loses connection to the database server, it will log to the logs/paranoia_ip.log file as a backup solution.
• This plugin does NOT support SQLite.

Version History:

• V1.0.0
  
  • Initial Release
• V1.0.1
  
  • Forgot to escape names.

Total downloads as prior to last edit: 20

Re: [Any] Paranoia IP Tracker
 

Reserved

Re: [Any] Paranoia IP Tracker
 

haha, brilliant :P

**installing**

Re: [Any] Paranoia IP Tracker
 

Looks great!:avast:

Can this be put into several servers?

Re: [Any] Paranoia IP Tracker
 

Yep

Re: [Any] Paranoia IP Tracker
 

It was installed before i finished reading the description......

Re: [Any] Paranoia IP Tracker
 

nice plugin. thx.

Re: [Any] Paranoia IP Tracker
 

nice :)

Will put this to use

Re: [Any] Paranoia IP Tracker
 

Nice plugin :)

You can change the date in Paranoia_IPTrackerLogs / ConnectTime ?
In this table I see date for example 1330774025.


Sorry for my english
Regards

Re: [Any] Paranoia IP Tracker
 

should look something like a database?
"paranoiaip"
{
"driver" "sqlite"
"database" "paranoiaip"
}

or

"paranoiaip"
{
"driver" "sqlite"
"host" "localhost"
"database" "paranoiaip"
"user" "root"
"pass" ""
//"timeout" "0"
//"port" "0"
}

Re: [Any] Paranoia IP Tracker
 

PiwneBractwo:
Change it?

monomizer:
Using SQLite isn't going to work.

Re: [Any] Paranoia IP Tracker
 

I don't know how to change it. DarthNinja you can change this? Or, write how I can do it.

Sorry for my english
Regards

Re: [Any] Paranoia IP Tracker
 

I don't know what you mean by "change it".
What do you want to change it to?

Re: [Any] Paranoia IP Tracker
 

Installed....sounds sweet :)

Re: [Any] Paranoia IP Tracker
 

That update query pushing a new ip into the list is nice. I didn't think of that :)

Re: [Any] Paranoia IP Tracker
 

Yeah, I should probably check the new IP against all the 10 stored IPs, not just the first one though.

Re: [Any] Paranoia IP Tracker
 

That's a UNIX timestamp. Convert it here -> http://www.unixtimestamp.com

Paste the number into the Timestamp box and hit Convert.

Re: [Any] Paranoia IP Tracker
 

Unix time stamp is the number of seconds since Jan 01 1970 :)

In case anyone was wondering - like I was

Re: [Any] Paranoia IP Tracker
 

I am having trouble adding the required line to configs/database.cfg to make this plugin work.
Could you please paste it here D=
Ive added a entry for paranoiaip but the plugin still fails to load

MySQL Error for "INSERT INTO..."
 

I tried "sm_paranoia_ip_verbose 1;" in this plugin and it work fine for log at "paranoia_iptrackerlogs". But this plugin cant work for "paranoia_iptracker" because this msg from my MySQL(v5.5.22):
I looked at this plugin's script and see that "IP1"~"IP10" defined as "NOT NULL" in creating table...
How did you setup the database or table so get this SQL script "INSERT INTO..." work?

P.s. Sorry first for my bad English and bad SQL.



Plus:

Because my MySQL don't do "UPDATE" for "NOT NULL" and when "IP1" is "NULL" (i have no idea why can't "WHERE `IP1` != '%s'" be satisfied with "IP1 := NULL".).
So I modified part of plugin's script @[SQL_CreateTables()]:
And now this plugin work fine. thanks for DarthNinja's work.

Re: [Any] Paranoia IP Tracker
 

nvm :)

Re: [Any] Paranoia IP Tracker
 

I am having the same problem as others before, I can`t get the databases.cfg entry right, can you tell me how it should look like? please?
what to use instead of sqlite?

Re: [Any] Paranoia IP Tracker
 

Warning: Using this plugin will keep you from dropping the database later on if you choose to no longer use it. This is because it writes an UTF-8 Unicode English text file named "ips" in /var/lib/mysql/paranoiaip.

What I had to do to successfully drop the database was login via root and manually remove the "ips" file from /var/lib/mysql/paranoiaip then I was able to drop the database at the mysql command line.

Re: [Any] Paranoia IP Tracker
 

Your database server wrote that file, not this plugin.

Re: [Any] Paranoia IP Tracker
 

I fail to see the idea behind this plugin.

DDoS (Distributed denial of service) attacks come from more than 1 IP, and 99% of the time, the attacker isn't part of the botnet. Also, this would only ban him from the server, making him more incline to attack your server.

Now, if this was used in conjunction with IPTables (Linux), then it would be good.

Re: [Any] Paranoia IP Tracker
 

1) This is just an IP Tracker and doesn't do anything it doesn't say on the box.

2) Yes, DDoS's would come from multiple IPs, but we're talking about a single IP here, e.g. DoS.

Re: [Any] Paranoia IP Tracker
 

A DoS wouldn't take down a server, the only effective DoS is slowloris, and that's for websites running apache; sure, you can count some lag exploits as a DoS, but if you can block AS2/ASA command and other various lag exploits, then there's no need to track IPs.

Re: [Any] Paranoia IP Tracker
 

Excuse me? I'm sure there are plenty of vulnerabilities in SRCDS that people can take advantage of to bring down the server. Remember listdeaths?

Re: [Any] Paranoia IP Tracker
 

I personally don't count lag exploits as "DoS's" or "DDoS's", considering they're not. They're exploits, and there's plenty of plugins to stop it, and logging IPaddresses won't help it. Anything can be used for evil, hell, I can write a DoS script in SourcePAWN.

My point to all of this is, is that DoS's won't ever stop, nor will they take down a server, and this plugin, although good, won't stop it. Lag exploits/exploits in general can, and will, however.

Re: [Any] Paranoia IP Tracker
 

The listdeaths exploit did in fact crash the server.

Lag exploits are denying service, so they're DoS attacks.

Sure, you can write a DoS script in SourcePawn. Good luck uploading that to a server you want to attack though.

This plugin exists to log IP addresses. Nothing more, nothing less. If you don't think it's useful, don't use it.

Re: [Any] Paranoia IP Tracker
 

The intent of this plugin is to store a list of IP addresses associated with a SteamID.

This is useful if your webserver is attacked by a single client (I have had DoS attacks, and people trying to brute force admin logins for my forums), or if your srcds installs are attacked via various methods.

It is also useful for seeing if more then one player plays from the same IP (ban evading), or if one account connects from a lot of IPs (dynamic IP address). This is especially useful for trade servers where someone might connect several accounts in order to run a scam.

If you don't think collecting data that you might need at some point is a good idea, then I really have nothing else to say to you.

Re: [Any] Paranoia IP Tracker
 

The Listdeaths exploit was patched a long, long time ago. And DoS attacks such as ASA/AS2 spamming can be easily prevented by writing your own plugin for it.

And why would I need to upload it to a server I want to attack? If I had access to the server via FTP then I can just drop a rootkit on it, or furthermore root the entire box. What I was referring to, is using the Sockets extension in conjunction with a timer set to repeat to repeatedly open and close a connection to the server. This is in fact the definition of a DoS attack, is it not? Hell, I can take it a step further and have it send an incomplete header to an server running an apache or otherwise affected service effectively utilizing the SlowLoris DoS attack method.

SourcePawn can be used for evil, just as any other language.

In my opinion, this isn't THAT useful. While you've stated some good points, and I myself may incorporate this plugin when and if I get a TF2 server, it's nulled by the fact that you can install 3rd party software that does this job, and much, much more. Take IPTables for an example; used by someone who knows how to use it, it's more effective than any firewall, and can mitigate attacks quite effectively.

If you're having trouble with downtime on your site, then I suggest CloudFlare; and with the bruteforcing, you can easily stop this by applying a maximum retry value.

Re: [Any] Paranoia IP Tracker
 

Actually, less than a month ago. The first time, it was just "hidden".

I wouldn't personally use this plugin. However, there are those that will, and they are who this is for. You may think there is a better way, but people have their preferences.

Re: [Any] Paranoia IP Tracker
 

What does it matter, I think he listed the DoS thing as a single use case. You use it for what you find it useful for, jeez.

If you don't see a use for it, don't download it.

Re: [Any] Paranoia IP Tracker
 

Excellent plugin. Thanks, DarthNinja.

Re: [Any] Paranoia IP Tracker
 

:3

Re: [Any] Paranoia IP Tracker
 

from what i read this has nothing to do with dos or DDoS attacks or any form of attacks it merely saves IPs along with steam ids
SO
what should my database.cfg look like

i did it like this is it correct ?




OK i used this in database.cfg and it worked

ok its loaded and i presume working but where does it store the IP list >????

I look and see paranoiaip.sq3 but it has nothing in it


"pass" "do i need my password for my server here ?"

///////////////////////////////EDIT/////////////////////////////////////////////////////////
i get this in console if it helps ?

[Any] Paranoia IP Tracker
 

It doesn't support SQLite.

Re: [Any] Paranoia IP Tracker
 

ok thanks so what should i write in database.cfg ?

i guess this ?
doesnt work either I give up

Re: [Any] Paranoia IP Tracker
 

Any change of a web page to interface with this being added?