AlliedModders

AlliedModders (https://forums.alliedmods.net/index.php)
-   Source Servers (SRCDS) (https://forums.alliedmods.net/forumdisplay.php?f=130)
-   -   Protecting your server! (https://forums.alliedmods.net/showthread.php?t=119214)

devicenull 02-18-2010 21:01

Protecting your server!
 
Due to the recent number of "hacked" or otherwise abused servers, we're working on getting all the information needed to protect your server in one place. You can view it all here

Please note, if you have any new exploits that you have found, you can PM me or one of the other moderators and we can help report it to valve. Please do not post exploit code anywhere on the forums/wiki.

P4rD0nM3 02-18-2010 21:56

Re: Protecting your server!
 
Is this geared towards public servers? Or do passworded match servers (No mods & PUGs) need these too?

devicenull 02-19-2010 00:26

Re: Protecting your server!
 
Both kinds of servers need them.

shustas 02-26-2010 16:27

Re: Protecting your server!
 
Well done, we needed something like this 1 place for securing game Valve doesnt care about.

Phatman 05-04-2010 20:44

Re: Protecting your server!
 
http://warcraft-source.com/board/ind...ic,9676.0.html

Krillin 06-03-2010 15:07

Re: Protecting your server!
 
We fell victim to an exploit, not going to say what, about 3-4 weeks ago. No matter how SECURE of a $P455W0RD# you use it can be BYPASSED, not HACKED. Doing some homework and hunting. Here is what we found to work much better than anything for Protecting your server(s).

Kigen's Anit-Cheat Requires SourceMOD (Highly recommended even for VAC enabled servers because they are not 100% protected from 'script' hackers).

Requirements are:
Code:

MetaMOD Source 1.8.1 (Required for SourceMOD)
SourceMOD 1.3.2 (Required for Kigen AC)

For Extra Protection:
Code:

ServSecurity (Requires EventScripts 2.x and NativeTools)
EventScripts 2.0
NativeTools V2.x

With these plug-ins and addons, your servers will be more than better off protected. ServSecurity PREVENTS changes to key files like Client.txt files, server.cfg, etc. without proper access (password). If changes are made to these files without proper access, the server kicks and bans the player and the file is reverted back. That is, IF they can get by KAC first. So far no one has been able to do so. But better to be SAFE then SORRY.

Hope this helps!

NOTE: Version may change after this posting, but versions stated in this writing are current at the time of entry.

Krillin

thetwistedpanda 06-03-2010 15:31

Re: Protecting your server!
 
You don't really need anything in EventScripts to protect your server. If your Mani admin is being hacked, well, that's all the more reason to remove it and pick something more secure eh? Everything that's needed is in devicenull's original post.

Bacardi 06-03-2010 15:34

Re: Protecting your server!
 
...can be change server to read different named configuration files than default server.cfg ??
Maybe better if change path
...cfg/abc_123/x_server_qwerty.cfg

And not add that rcon_password any cfg file, just only in launch parameters...

And can be change default autoexec.cfg to different name or add in sub-folder:)

Krillin 06-03-2010 17:39

Re: Protecting your server!
 
Quote:

Originally Posted by thetwistedpanda (Post 1199040)
You don't really need anything in EventScripts to protect your server. If your Mani admin is being hacked, well, that's all the more reason to remove it and pick something more secure eh? Everything that's needed is in devicenull's original post.

It's overrated and overstated.

MAP is NOT being hacked. I am not going to explain the exploit. It was only used to give themselves admin. ServSecurity requires EventScripts to run. If you followed the links you would know this. I noted this in the above posting to avoid confusion as to why EventScript is required. But as I stated, KAC won't let these cheaters / hackers get that far. I have read that the combo I stated above works effortlessly without all the clutter stated. I only used the rcon_locker from the 'here' link so admins cannot change the rcon password, I hope (but they are unable to writecfg without the ServSecurity password). But I do not give my admins rcon access.

I made my post because this is what works without reading every detail of how and why. All that other post is doing is being an enabler of "how-to" exploit. Be warned, they will find a workaround in a matter of time, but KAC is a step ahead of the game. But ServSecurity is just an added extra measure. No harm in overprotecting your servers in the event of failure. But it is the Admins choice of using ServSecurity with its requirement or not. That is why KAC is separated but that requires SourceMOD.

Quote:

Originally Posted by Bacardi (Post 1199047)
...can be change server to read different named configuration files than default server.cfg ??
Maybe better if change path
...cfg/abc_123/x_server_qwerty.cfg

And not add that rcon_password any cfg file, just only in launch parameters...

And can be change default autoexec.cfg to different name or add in sub-folder:)

Nice idea, but this was not the problem. The problem was the exploit allowed them to change the rcon_password no matter what it was set for. Then using rcon command gave themselves FULL 100% ACCESS to Mani Admin Plug-in. ServSecurity will not allow key files like server.cfg, client.txt (Admin list for MAP) without unlocking with a password set within ServSecurity.cfg.

Krillin

Bacardi 06-04-2010 09:06

Re: Protecting your server!
 
They have maybe exploit Mani Admin command ma_rcon (not srcds own rcon command)to get rcon password change....

But I try avoid posting in here thread more post.


All times are GMT -4. The time now is 14:30.

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.