xBrute Attack

DC32 · **Author**

Hello Modders!

Iam occuring an attack against my servers.. Below you can see a part of a log of attacks who arrives to my server at the moment right now

Quote:

Bad Rcon from 92.255.174.241:27006:
rcon 2136931807 "615" echo XBrute by ZeaL
Bad rcon_password.
Bad Rcon from 171.14.202.140:27005:
rcon 594454996 "617" echo XBrute by ZeaL
Bad rcon_password.
Bad Rcon from 92.80.162.49:10072:
rcon 1318364471 "550" echo XBrute by ZeaL
Bad rcon_password.
Bad Rcon from 77.122.9.90:27006:
rcon 1452884912 "547" echo XBrute by ZeaL
Bad rcon_password.
Bad Rcon from 46.99.18.38:23012:
rcon 1605288065 "549" echo XBrute by ZeaL
Bad rcon_password.

How can i prevent this? :S

Quote:

sv_rcon_banpenalty 60
sv_rcon_maxfailures 2
sv_rcon_minfailures 1
sv_rcon_minfailuretime 60

is the rcon settings i use.

I've heard that you can use a blank rcon password, but then the users can access the rcon commands with no problems, or what?..

Also, those attacks, from my experience within emulation, those attacks should be slowing down my server, making it lagg and more unstable, is it true?

a huge thanks in advance

-DC32

^SmileY · 06-24-2013 , 08:42 Re: xBrute Attack

Yeah its a new exploit or hack, i think its better to disable rcon or put the strong password

I have the same issue yesterday.. And change the port / ip of the server but the hack persists.

Tip: If you are running Skype on same machine of server, remove it because its the main reason for the "exploiter"
find server ip (I think)

Thanks.

YamiKaitou · 06-24-2013 , 09:29 Re: xBrute Attack

If you have a complex password, ignore it.
If you don't have a password set at all, ignore it since they will never be able to get in
If you have a simple password, make it more complex or remove it

DC32 · 06-24-2013 , 09:49 Re: xBrute Attack

so the users cant use the rcon if theres no password?

and HLDS wont startup with a blank rcon pw

YamiKaitou · 06-24-2013 , 09:55 Re: xBrute Attack

HLDS runs fine without a rcon password, my test server doesn't have one set.

AmineKyo · 06-24-2013 , 11:39 Re: xBrute Attack

Quote:

Originally Posted by dc32

so the users cant use the rcon if theres no password?

and HLDS wont startup with a blank rcon pw

Start it with a command line.

kwpd · 06-24-2013 , 12:07 Re: xBrute Attack

ataques masivo

AmineKyo · 06-24-2013 , 12:11 Re: xBrute Attack

Quote:

Originally Posted by kwpd

Massive attacks

Quote:

Originally Posted by YamiKaitou

If you have a complex password, ignore it.
If you don't have a password set at all, ignore it since they will never be able to get in
If you have a simple password, make it more complex or remove it

TheDS1337 · 06-24-2013 , 12:20 Re: xBrute Attack

Last HLDS update have an exploit :S, with 1 command you can crash the server ( only using last HLDS update )

Mikado · 06-24-2013 , 12:38 Re: xBrute Attack

Disable rcon

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode