Raised This Month: $9 Target: $400
 2% 

Protecting your server!


Post New Thread Reply   
 
Thread Tools Display Modes
Author Message
devicenull
Veteran Member
Join Date: Mar 2004
Location: CT
Old 02-18-2010 , 21:01   Protecting your server!
Reply With Quote #1

Due to the recent number of "hacked" or otherwise abused servers, we're working on getting all the information needed to protect your server in one place. You can view it all here

Please note, if you have any new exploits that you have found, you can PM me or one of the other moderators and we can help report it to valve. Please do not post exploit code anywhere on the forums/wiki.
__________________
Various bits of semi-useful code in a bunch of languages: http://code.devicenull.org/

Last edited by devicenull; 04-07-2010 at 20:52.
devicenull is offline
P4rD0nM3
Veteran Member
Join Date: Feb 2006
Old 02-18-2010 , 21:56   Re: Protecting your server!
Reply With Quote #2

Is this geared towards public servers? Or do passworded match servers (No mods & PUGs) need these too?

Last edited by P4rD0nM3; 02-19-2010 at 02:46.
P4rD0nM3 is offline
devicenull
Veteran Member
Join Date: Mar 2004
Location: CT
Old 02-19-2010 , 00:26   Re: Protecting your server!
Reply With Quote #3

Both kinds of servers need them.
__________________
Various bits of semi-useful code in a bunch of languages: http://code.devicenull.org/
devicenull is offline
shustas
SourceMod Donor
Join Date: May 2007
Location: London
Old 02-26-2010 , 16:27   Re: Protecting your server!
Reply With Quote #4

Well done, we needed something like this 1 place for securing game Valve doesnt care about.
__________________
shustas is offline
Phatman
New Member
Join Date: May 2010
Old 05-04-2010 , 20:44   Re: Protecting your server!
Reply With Quote #5

http://warcraft-source.com/board/ind...ic,9676.0.html
Phatman is offline
Krillin
Senior Member
Join Date: Jul 2004
Old 06-03-2010 , 15:07   Re: Protecting your server!
Reply With Quote #6

We fell victim to an exploit, not going to say what, about 3-4 weeks ago. No matter how SECURE of a $P455W0RD# you use it can be BYPASSED, not HACKED. Doing some homework and hunting. Here is what we found to work much better than anything for Protecting your server(s).

Kigen's Anit-Cheat Requires SourceMOD (Highly recommended even for VAC enabled servers because they are not 100% protected from 'script' hackers).

Requirements are:
Code:
MetaMOD Source 1.8.1 (Required for SourceMOD)
SourceMOD 1.3.2 (Required for Kigen AC)
For Extra Protection:
Code:
ServSecurity (Requires EventScripts 2.x and NativeTools)
EventScripts 2.0
NativeTools V2.x
With these plug-ins and addons, your servers will be more than better off protected. ServSecurity PREVENTS changes to key files like Client.txt files, server.cfg, etc. without proper access (password). If changes are made to these files without proper access, the server kicks and bans the player and the file is reverted back. That is, IF they can get by KAC first. So far no one has been able to do so. But better to be SAFE then SORRY.

Hope this helps!

NOTE: Version may change after this posting, but versions stated in this writing are current at the time of entry.

Krillin
__________________
Krillin's World Server(s) Operator


Last edited by Krillin; 06-03-2010 at 18:19. Reason: Noted Requirements for MODs
Krillin is offline
Send a message via Yahoo to Krillin
thetwistedpanda
Good Little Panda
Join Date: Sep 2008
Old 06-03-2010 , 15:31   Re: Protecting your server!
Reply With Quote #7

You don't really need anything in EventScripts to protect your server. If your Mani admin is being hacked, well, that's all the more reason to remove it and pick something more secure eh? Everything that's needed is in devicenull's original post.
__________________
thetwistedpanda is offline
Bacardi
Veteran Member
Join Date: Jan 2010
Location: mom's basement
Old 06-03-2010 , 15:34   Re: Protecting your server!
Reply With Quote #8

...can be change server to read different named configuration files than default server.cfg ??
Maybe better if change path
...cfg/abc_123/x_server_qwerty.cfg

And not add that rcon_password any cfg file, just only in launch parameters...

And can be change default autoexec.cfg to different name or add in sub-folder
Bacardi is online now
Krillin
Senior Member
Join Date: Jul 2004
Old 06-03-2010 , 17:39   Re: Protecting your server!
Reply With Quote #9

Quote:
Originally Posted by thetwistedpanda View Post
You don't really need anything in EventScripts to protect your server. If your Mani admin is being hacked, well, that's all the more reason to remove it and pick something more secure eh? Everything that's needed is in devicenull's original post.
It's overrated and overstated.

MAP is NOT being hacked. I am not going to explain the exploit. It was only used to give themselves admin. ServSecurity requires EventScripts to run. If you followed the links you would know this. I noted this in the above posting to avoid confusion as to why EventScript is required. But as I stated, KAC won't let these cheaters / hackers get that far. I have read that the combo I stated above works effortlessly without all the clutter stated. I only used the rcon_locker from the 'here' link so admins cannot change the rcon password, I hope (but they are unable to writecfg without the ServSecurity password). But I do not give my admins rcon access.

I made my post because this is what works without reading every detail of how and why. All that other post is doing is being an enabler of "how-to" exploit. Be warned, they will find a workaround in a matter of time, but KAC is a step ahead of the game. But ServSecurity is just an added extra measure. No harm in overprotecting your servers in the event of failure. But it is the Admins choice of using ServSecurity with its requirement or not. That is why KAC is separated but that requires SourceMOD.

Quote:
Originally Posted by Bacardi View Post
...can be change server to read different named configuration files than default server.cfg ??
Maybe better if change path
...cfg/abc_123/x_server_qwerty.cfg

And not add that rcon_password any cfg file, just only in launch parameters...

And can be change default autoexec.cfg to different name or add in sub-folder
Nice idea, but this was not the problem. The problem was the exploit allowed them to change the rcon_password no matter what it was set for. Then using rcon command gave themselves FULL 100% ACCESS to Mani Admin Plug-in. ServSecurity will not allow key files like server.cfg, client.txt (Admin list for MAP) without unlocking with a password set within ServSecurity.cfg.

Krillin
__________________
Krillin's World Server(s) Operator


Last edited by Krillin; 06-03-2010 at 18:13. Reason: Making a clearer statement.
Krillin is offline
Send a message via Yahoo to Krillin
Bacardi
Veteran Member
Join Date: Jan 2010
Location: mom's basement
Old 06-04-2010 , 09:06   Re: Protecting your server!
Reply With Quote #10

They have maybe exploit Mani Admin command ma_rcon (not srcds own rcon command)to get rcon password change....

But I try avoid posting in here thread more post.
Bacardi is online now
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 19:34.


Powered by vBulletin®
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
Theme made by Freecode