Raised This Month: $ Target: $400
 0% 

Rcon protector


Post New Thread Reply   
 
Thread Tools Display Modes
Ingram
Veteran Member
Join Date: May 2004
Old 08-21-2004 , 18:43  
Reply With Quote #21

why dont u make a plugin that looks at the ip of everyone connecting and make sure he doesn't connect
Ingram is offline
Twilight Suzuka
bad
Join Date: Jul 2004
Location: CS lab
Old 08-21-2004 , 20:02  
Reply With Quote #22

You know that IP's change right?

Theres a way to hook RCON commands too, but its slightly harder then most think.

Also, AMX/AM/AMXX admins can be hacked, along with RCON. Its just a small matter.
__________________
Twilight Suzuka is offline
Send a message via AIM to Twilight Suzuka Send a message via MSN to Twilight Suzuka
Ingram
Veteran Member
Join Date: May 2004
Old 08-22-2004 , 14:45  
Reply With Quote #23

Quote:
Originally Posted by Twilight Suzuka
You know that IP's change right?

Theres a way to hook RCON commands too, but its slightly harder then most think.
if they are dynamic, but 2 only gave 2 ips, so i assumed he always had the same ip=static.

also i already suggested that and devicenull said no
Ingram is offline
Twilight Suzuka
bad
Join Date: Jul 2004
Location: CS lab
Old 08-22-2004 , 14:47  
Reply With Quote #24

Quote:
Originally Posted by JJkiller
Quote:
Originally Posted by Twilight Suzuka
You know that IP's change right?

Theres a way to hook RCON commands too, but its slightly harder then most think.
if they are dynamic, but 2 only gave 2 ips, so i assumed he always had the same ip=static.

also i already suggested that and devicenull said no
Ah I see, staticy.
But I was refering tot he person below me, what with the plugin making.
__________________
Twilight Suzuka is offline
Send a message via AIM to Twilight Suzuka Send a message via MSN to Twilight Suzuka
slmclarengt
Veteran Member
Join Date: Jul 2004
Location: The Cookie Jar... or Pul
Old 09-06-2004 , 14:16  
Reply With Quote #25

To me a server administrator, it looks as if you should put the "rcon_password 'password'" Line back in your server.cfg - By removing that line, you are enabling full access to your rcon password. This exists because if the server sees there is no rcon password set it will just wait until someone (even a normal player) enters an rcon password from their local machine. So my advice is add "rcon_password pass" back to your server.cfg If they are still hacking your server, post again and I will see what I could do.
slmclarengt is offline
Talibankiller
Junior Member
Join Date: Jul 2004
Old 09-06-2004 , 15:19   Rcon
Reply With Quote #26

Ok will do. Is it ok to have it in the command startup and server.cfg?
Ty
Talibankiller is offline
Send a message via AIM to Talibankiller
-=STN=- MaGe
Veteran Member
Join Date: Apr 2004
Location: Asault World
Old 09-06-2004 , 18:51  
Reply With Quote #27

hey guys, lately about 20 guys have been banned and 10 of them are server admins with immunity, so it cant be amxx, i think some one hacked my rcon pw, nobody could guess ours, only i have and know the rcon pw, also no one has acces to our server fttp or control pannel, seems odd lately
__________________



-=STN=- MaGe is offline
Send a message via Yahoo to -=STN=- MaGe
genesis
Senior Member
Join Date: Oct 2004
Location: CALIFORNIA, USA
Old 10-08-2004 , 14:48  
Reply With Quote #28

if you are a good amx coder it is quite easy to ban admins with immunity by writing custom plugin (tested quite throughly)... I would suggest making sure your miscstats.amx is the default amx file ... My theory is he somehow gained access to your hard drive and uploaded a "trojan amx plugin" giving himself plenty of access. One thing to understand is that logging, immunity respect, amoung other things are all left to the amx coder.
genesis is offline
CorDorMick
Junior Member
Join Date: Sep 2004
Location: Edmonton AB Canada
Old 10-09-2004 , 00:03   Re: Rcon protector
Reply With Quote #29

Quote:
Originally Posted by Talibankiller
Can some please make me a plugin, that will not allow rcon hacks to take control of my server. I have a problem with these kids that have a rcon hack, they can get my rcon pw and ruining my server?

lo I too had same problems took about 1 weeks but we got it to work was so simple .

if you have their steam ip make them a users them give them a bigpassword they would never guess.


then put "STEAM_ID" "bigpasstheywouldneverguess" "z" "ca"

z=user
c=steam
a=needs right pass

do not give them any other keys or letters like
bcdefghijklmnopqrstu

; Account flags:
; a - disconnect player on invalid password
; b - clan tag
; c - this is steamid
; d - this is ip
; e - password is not checked (only name/ip/steamid needed)

they will log on and try and try then go away

this has works so good I can not belive it.
__________________
CorDorMick is offline
Send a message via AIM to CorDorMick
PaintLancer
Junior Member
Join Date: Apr 2004
Location: New York
Old 10-18-2004 , 11:37  
Reply With Quote #30

you guys do know that rcon passwords can be sniffed kinda easily right?

if your using something like hlsw with rcon and someone knows your ip and the servers ip someone can tap into the messages between you and the server and the rcon is sent in plain text so its not hard to recognize
__________________
-69.31.7.96:27015
My Plugins
PaintLancer is offline
Send a message via AIM to PaintLancer Send a message via MSN to PaintLancer Send a message via Yahoo to PaintLancer
Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 04:30.


Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Theme made by Freecode