Hi, protections by passed
Hi,
My server's protections got by passed by something I already had to deal with, but never found how to stop it. Here is my server protections : Write access managements Firewall on TCP 27015 Anti-upload metamod plugin Kigen A.C 1.1.9 Rcon Locker DaF All those protections got by passed by this exploit. Console was flooded with : CModelLoader::Map_IsValid: 'de_dust2' is not a valid BSP file CModelLoader::Map_IsValid: 'de_dust2' is not a valid BSP file (Happenned on 2 of my other servers in the same hour) Those error message are from a only D2 server running fine. All clients trying to connect was dropped by server. Simple fix was this command : changelevel de_dust2 and everything was working again. Server did not crash, and seems like that lags wasn't so big for user playing on the servers, but as soon as they retry, they get dropped too. The only things I can imagine to create this error and drop clients : 1) Flood with a connexion flood script, even trough ip ban (attackers connected 4 times in 20 minutes, because their ID was banned, and getting re-ip-banned every 5 minutes, that makes me think that they flooded connections while 20 minutes (and the goal of this script is to drop clients too)) 2) Find a way to exec the changelevel command, server was flooded even with no one connected on it. I tested it with a cfg file on my server, and it dropped me the same way. 3) Find a way to edit the next map name, adding charmap or some invisible characters so it's not reconized, and flood it. 4) Use hacked CS:S DLL. They did not use the easy way to by pass kigen anti-cheat & rcon locker lags protections (every version of KAC), because it wouldn't flood changelevel. Any idea on how they managed to do it ? |
Re: Hi, protections by passed
|
Re: Hi, protections by passed
Quote:
Sorry I didn't remember the name when I was writing the post so I worte it like that, but it's already installed + read only files & directories (only logs can be writed) And in DFENS logs no one tryed to upload illegal files, and even if it was the case they couldn't hit any maps or cfg files. |
Re: Hi, protections by passed
This exploit was discussed somewhere, and there were few fixes suggested .. Google?
Please post following: plugin_print meta list sm plugins list Also, do you have eventscripts or Mani or anything else? |
All times are GMT -4. The time now is 14:59. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.