Acum 2-3 zile am intampinat unele probleme de securitate. Un individ reuseste sa sparga parola accessului RCON, banand si distrugand intregul server. Toate solutiile pe care le-am aplicat au fost in zadar, iar acest lucru persista, reproducandu-se. In continuare serverul este usor de 'spart', bineinteles, noi aplicand diferite metode, ca si cum ar fii: blocare, eliminare a comenzii amx_rcon, amx_showrcon, amx_cvar rcon_password si inlocuirea flagului, insa nu prea ne-au fost de ajutor.
Persoana este destul de cunoscuta in randul serverelor si fondatorilor CS 1.6, datorita implicarii negative, rezultand distrugerea a multor server, dinafara comunitatii cat si in interior.
Am reusit sa aflam niste date, fiind folositoare (neconfirmate):
Prenume: Florin
Varsta: aproximativ 18
Localitate: Sibiu
Adresa IP(stocata pe moment): 86.123.145.59
STEAM-ID: STEAM_0:1:62383254
Nickname: Ev[a]LoS # kEnT10
La adresa sa, bat la usa, reclamatii peste reclamatii:
1. https://www.google.ro/webhp?sourceid=ch ... los%20kent
2. https://www.google.ro/webhp?sourceid=ch ... %23+kEnT10
Ideea ar fii in felul urmator, ce si cum sa facem pentru a ne proteja de acest fel de atacuri?
ESTE O URGENTA, serverul pierde multi playeri, nu stiu ce sa mai fac.. problema persista, rau..
URGETA - Spargere RCON / Password Admin
Moderators: Moderatori ajutatori, Moderatori, Echipa eXtreamCS.com
-
- Membru, skill 0
- Posts: 8
- Joined: 19 Dec 2015, 22:38
- Detinator Steam: Nu
- CS Status: Citesc forumul eXtreamCS.com...!
- Fond eXtream: 0
- Location: Alexandria
- Contact:
- tier0
- Membru, skill +1
- Posts: 222
- Joined: 05 Sep 2014, 11:07
- Detinator Steam: Da
- CS Status: Citesc forumul eXtreamCS.com...!
- SteamID: tier0
- Fond eXtream: 0
- Location: Galati
- Contact:
-
- Membru, skill 0
- Posts: 8
- Joined: 19 Dec 2015, 22:38
- Detinator Steam: Nu
- CS Status: Citesc forumul eXtreamCS.com...!
- Fond eXtream: 0
- Location: Alexandria
- Contact:
Am pus parola in genul: 213191fqfj213w8wDADk234rj()()2332$#q($!#@&!@#98. La fel..
Host: KROND
Host: KROND
- tier0
- Membru, skill +1
- Posts: 222
- Joined: 05 Sep 2014, 11:07
- Detinator Steam: Da
- CS Status: Citesc forumul eXtreamCS.com...!
- SteamID: tier0
- Fond eXtream: 0
- Location: Galati
- Contact:
-
- Membru, skill 0
- Posts: 8
- Joined: 19 Dec 2015, 22:38
- Detinator Steam: Nu
- CS Status: Citesc forumul eXtreamCS.com...!
- Fond eXtream: 0
- Location: Alexandria
- Contact:
Sigur
Am adaugat un plugin anti hl brute, sa vedem daca-si face efectul.
Am adaugat un plugin anti hl brute, sa vedem daca-si face efectul.
- tier0
- Membru, skill +1
- Posts: 222
- Joined: 05 Sep 2014, 11:07
- Detinator Steam: Da
- CS Status: Citesc forumul eXtreamCS.com...!
- SteamID: tier0
- Fond eXtream: 0
- Location: Galati
- Contact:
sv_rcon_minfailures 2
// # of failures needed before ban
sv_rcon_minfailuretime 60
// amount of time (seconds) failed rcon attempts must occur within for the ban to be applied
sv_rcon_banpenalty 0
// minutes to ban. 0=permanent
sv_rcon_maxfailures 2
// similar to sv_rcon_minfailures, except this setting doesn't rely on sv_rcon_minfailuretime. Any IP address that fails 2 rcon authentications (during a server uptime session) will be banned for the banpenalty.
server.cfg
// # of failures needed before ban
sv_rcon_minfailuretime 60
// amount of time (seconds) failed rcon attempts must occur within for the ban to be applied
sv_rcon_banpenalty 0
// minutes to ban. 0=permanent
sv_rcon_maxfailures 2
// similar to sv_rcon_minfailures, except this setting doesn't rely on sv_rcon_minfailuretime. Any IP address that fails 2 rcon authentications (during a server uptime session) will be banned for the banpenalty.
server.cfg
- SkillartzHD
- Membru, skill +3
- Posts: 1096
- Joined: 08 Feb 2013, 19:43
- Detinator Steam: Da
- CS Status: HLDS Vulnerability
- Detinator server CS: GoldSrc
- SteamID: SkillartzHD_hlds
- Reputatie: Fost Moderator ajutator
- Location: Bucuresti
- Has thanked: 14 times
- Been thanked: 28 times
- Contact:
Project by HLDS-Project 2017
Static Emulator : Native | Random Emulator : SettiEmu/AVSMP1/AVSMP0/SteamEmu/oldRevEmu/RevEmu is done KickASS-HLDS v2 (hlds)
KickASS-HLDS v1 (fakedetector)
HL-ClientSteam exploit (pure hlds)
PLCore exploit (dproto&hlds)
FakeConnect 2.0(reunion&rehlds)
KickASS-HLDS v3 in amxx(hlds&rehlds)
...... time passes and evidence are many
Special thanks to Spanwer and Magister
Skype : spyware.spyware1
Steam : Click
SV_CheckForDuplicateNames V2 download
-
- Scripter eXtreamCS
- Posts: 1222
- Joined: 13 Jul 2013, 16:31
- Detinator Steam: Da
- Reputatie: Scripter eXtreamCS
Moderator ajutator - Has thanked: 15 times
- Been thanked: 12 times
ce amxx ai ?
daca ai amxx 1.8.3, iti pot face un plugin usor care sa nu permita schimbarea rcon-ului
daca ai amxx 1.8.3, iti pot face un plugin usor care sa nu permita schimbarea rcon-ului
Pauza pana in iulie... licenta ^^
Fara pm-uri pentru pluginuri de zm/furien + tot ce tine de vip.
Codul Scripterului: scripting/codul-scripterului-t362300.html#p2754224
Fara pm-uri pentru pluginuri de zm/furien + tot ce tine de vip.
Codul Scripterului: scripting/codul-scripterului-t362300.html#p2754224
-
- Membru, skill 0
- Posts: 8
- Joined: 19 Dec 2015, 22:38
- Detinator Steam: Nu
- CS Status: Citesc forumul eXtreamCS.com...!
- Fond eXtream: 0
- Location: Alexandria
- Contact:
Lux0R^ wrote:ce amxx ai ?
daca ai amxx 1.8.3, iti pot face un plugin usor care sa nu permita schimbarea rcon-ului
Folosesc 1.8.2 default, pus la dispozitie de krond.org.
--
M-a ajutat un tovaras cu o chestie. Ideea este ca: am duplicat fisierul server.cfg si l-am redenumit in nume.cfg, apoi am scris in server.cfg sa execute nume.cfg (exec nume.cfg) si el mi-a garantat ca nu poate sa treaca de aceasta chestie (Ev[A]LoS # kEnT10), oare asa este?
- SkillartzHD
- Membru, skill +3
- Posts: 1096
- Joined: 08 Feb 2013, 19:43
- Detinator Steam: Da
- CS Status: HLDS Vulnerability
- Detinator server CS: GoldSrc
- SteamID: SkillartzHD_hlds
- Reputatie: Fost Moderator ajutator
- Location: Bucuresti
- Has thanked: 14 times
- Been thanked: 28 times
- Contact:
Ai incercat ce ti-am dat eu ?
Project by HLDS-Project 2017
Static Emulator : Native | Random Emulator : SettiEmu/AVSMP1/AVSMP0/SteamEmu/oldRevEmu/RevEmu is done KickASS-HLDS v2 (hlds)
KickASS-HLDS v1 (fakedetector)
HL-ClientSteam exploit (pure hlds)
PLCore exploit (dproto&hlds)
FakeConnect 2.0(reunion&rehlds)
KickASS-HLDS v3 in amxx(hlds&rehlds)
...... time passes and evidence are many
Special thanks to Spanwer and Magister
Skype : spyware.spyware1
Steam : Click
SV_CheckForDuplicateNames V2 download
-
- Scripter eXtreamCS
- Posts: 1222
- Joined: 13 Jul 2013, 16:31
- Detinator Steam: Da
- Reputatie: Scripter eXtreamCS
Moderator ajutator - Has thanked: 15 times
- Been thanked: 12 times
tttttttttttt wrote:Lux0R^ wrote:ce amxx ai ?
daca ai amxx 1.8.3, iti pot face un plugin usor care sa nu permita schimbarea rcon-ului
Folosesc 1.8.2 default, pus la dispozitie de krond.org.
--
M-a ajutat un tovaras cu o chestie. Ideea este ca: am duplicat fisierul server.cfg si l-am redenumit in nume.cfg, apoi am scris in server.cfg sa execute nume.cfg (exec nume.cfg) si el mi-a garantat ca nu poate sa treaca de aceasta chestie (Ev[A]LoS # kEnT10), oare asa este?
kent e cel care te-a ajutat sau cel care ti-a spart sv ?
daca e cel care te-a ajutat, inseamna ca nu a facut nimic, doar te-a fraierit
Pauza pana in iulie... licenta ^^
Fara pm-uri pentru pluginuri de zm/furien + tot ce tine de vip.
Codul Scripterului: scripting/codul-scripterului-t362300.html#p2754224
Fara pm-uri pentru pluginuri de zm/furien + tot ce tine de vip.
Codul Scripterului: scripting/codul-scripterului-t362300.html#p2754224
- Carnacior
- Membrul anului 2016
- Posts: 1762
- Joined: 23 Jun 2013, 14:08
- Detinator Steam: Da
- CS Status: I eat more pussy than cervical cancer
- Detinator server CS: jb.b-zone.ro
- SteamID: -
- Reputatie: Fost Scripter eXtreamCS
Membrul anului 2016
Membru Club eXtreamCS (1 iul ) - Location: Targu Mures
- Has thanked: 5 times
- Been thanked: 13 times
- Contact:
avea king de la fostul pglzone aceeasi problema pe hosturile krond
pana la urma s-a dovedit a fi un plugin cu backdoor
nu mai folositi pluginuri fara sursa de la necunoscuti
pana la urma s-a dovedit a fi un plugin cu backdoor
nu mai folositi pluginuri fara sursa de la necunoscuti
Ai nevoie de o protectie pentru server? R4GE Server Guard
Cel mai avansat si folosit plugin de protectie romanesc public! Nu ma crezi? VERIFICA
Cel mai avansat si folosit plugin de protectie romanesc public! Nu ma crezi? VERIFICA
http://www.facebook.com/xyz.aron
Follow me for random bullshit and possibly interesting updates
Skype @ xyz_aron
Follow me for random bullshit and possibly interesting updates
Skype @ xyz_aron