Protecting your server!
Due to the recent number of "hacked" or otherwise abused servers, we're working on getting all the information needed to protect your server in one place. You can view it all here
Please note, if you have any new exploits that you have found, you can PM me or one of the other moderators and we can help report it to valve. Please do not post exploit code anywhere on the forums/wiki. |
Re: Protecting your server!
Is this geared towards public servers? Or do passworded match servers (No mods & PUGs) need these too?
|
Re: Protecting your server!
Both kinds of servers need them.
|
Re: Protecting your server!
Well done, we needed something like this 1 place for securing game Valve doesnt care about.
|
Re: Protecting your server!
|
Re: Protecting your server!
We fell victim to an exploit, not going to say what, about 3-4 weeks ago. No matter how SECURE of a $P455W0RD# you use it can be BYPASSED, not HACKED. Doing some homework and hunting. Here is what we found to work much better than anything for Protecting your server(s).
Kigen's Anit-Cheat Requires SourceMOD (Highly recommended even for VAC enabled servers because they are not 100% protected from 'script' hackers). Requirements are: For Extra Protection: With these plug-ins and addons, your servers will be more than better off protected. ServSecurity PREVENTS changes to key files like Client.txt files, server.cfg, etc. without proper access (password). If changes are made to these files without proper access, the server kicks and bans the player and the file is reverted back. That is, IF they can get by KAC first. So far no one has been able to do so. But better to be SAFE then SORRY. Hope this helps! NOTE: Version may change after this posting, but versions stated in this writing are current at the time of entry. Krillin |
Re: Protecting your server!
You don't really need anything in EventScripts to protect your server. If your Mani admin is being hacked, well, that's all the more reason to remove it and pick something more secure eh? Everything that's needed is in devicenull's original post.
|
Re: Protecting your server!
...can be change server to read different named configuration files than default server.cfg ??
Maybe better if change path ...cfg/abc_123/x_server_qwerty.cfg And not add that rcon_password any cfg file, just only in launch parameters... And can be change default autoexec.cfg to different name or add in sub-folder:) |
Re: Protecting your server!
Quote:
MAP is NOT being hacked. I am not going to explain the exploit. It was only used to give themselves admin. ServSecurity requires EventScripts to run. If you followed the links you would know this. I noted this in the above posting to avoid confusion as to why EventScript is required. But as I stated, KAC won't let these cheaters / hackers get that far. I have read that the combo I stated above works effortlessly without all the clutter stated. I only used the rcon_locker from the 'here' link so admins cannot change the rcon password, I hope (but they are unable to writecfg without the ServSecurity password). But I do not give my admins rcon access. I made my post because this is what works without reading every detail of how and why. All that other post is doing is being an enabler of "how-to" exploit. Be warned, they will find a workaround in a matter of time, but KAC is a step ahead of the game. But ServSecurity is just an added extra measure. No harm in overprotecting your servers in the event of failure. But it is the Admins choice of using ServSecurity with its requirement or not. That is why KAC is separated but that requires SourceMOD. Quote:
Krillin |
Re: Protecting your server!
They have maybe exploit Mani Admin command ma_rcon (not srcds own rcon command)to get rcon password change....
But I try avoid posting in here thread more post. |
All times are GMT -4. The time now is 01:31. |
Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.