> I sorta disagree - with some of the nastier viri that have > come about, they > aren't just limited to spreading via email or MS office > applications....
hehe. I knew someone would take exception to my advice...didn't think it would be you ;) Code Red and nimda both propagate via IIS security holes, and nimda can propagate by other means as well. I guess my point is that an administrator that is security conscience/tidy has probably already protected him/herself BEFORE these h4x were unleashed on the net. Cases in point: 1. A previous worm (I can't recall the name) took advantage of an unchecked buffer in the "web printer share" feature of W2K. I can't imagine when this "feature" would really come in handy, unless it's supposed to be a replacement for faxing. If so, why not just email the shit to the person. Let them print it. How many of us running an HLDS server have a printer attached to it? Not me. I had no printers configured, and sure as hell wouldn't have shared them over the web if I did, so I was not vulnerable to this one. 2. Code read hit. BOOM! How many of you running IIS on your game servers left the Indexing Service enabled? I didn't. Is it required for running stats for HLDS? Is there a compelling performance reason to do so? I don't belive so. I've hated that document indexing shit since Office95, and have manually disabled it on every winders machine I have ever used. I disabled it during my initial install of my W2K Server IIS5 box, BEFORE I even got SP1 installed. So, my machine never got infected by Code Red, although IIS did keep crashing every so often, as I hadn't installed the patch quickly after the worm started hitting my server. What's the old saying? "An ounce of prevention...." This was annoying, but nothing like those who fully got nailed by Code Red. 3. I installed W2K SP2 shortly after it became available, which was what? About 6 to 8 months ago? W2K SP2 prevents the folder traversal exploit that is the main attack mechanism of nimda. The other nimda exploit is hitting PREVIOUSLY and STILL infected Code Red machines. So, I was already covered on both when this nasty little bastard hit. I've just developed a habit over the years of stripping out as much MS fluff crap as possible that I know I won't need. If I ever need it, all I have to do is reset it's startup status in the services applet. Done. Using this rule of thumb, and installing service packs as they become available enabled me to avoid all this nastiness. I'm sure I'm not the only admin on this list who avoided these nasty exploits merely by disabling much of the MS fluff 90% of us will never use. Hehe, printer shares on a web server... lol. ;) So, in essence, if you follow good practices to begin with, you don't need virus/worm scanners on many server platforms. Now, if you're moving files back and forth to your server from your workstation, and you have drives mapped to folders on the server, or have persistent connections to folders on the server, by all means run antivirus software on your workstation. Believe it or not, I haven't run any kind of anti-virus software on any of my winders machines for years. This is mainly because no one else has access to them, AND, I'm very careful about what I download, I have fairly tight application security settings on my machines, and I open no attachments before fully identifying the file type. I won't even open .exe's and .bat's that come from my closest friends. Sometimes this pisses them off because they think I don't trust them. About the only attachments I will open are .JPGs, .GIFs, and .TXT files. They're just missing the point, and I forgive them. :) StanTheMan TheHardwareFreak www.hardwarefreak.devastation.cc [EMAIL PROTECTED] > -----Original Message----- > From: K2 [mailto:[EMAIL PROTECTED]] > Sent: Monday, October 15, 2001 10:55 PM > To: [EMAIL PROTECTED] > Subject: RE: [hlds] Re: Timeout During Map Changes > > > I sorta disagree - with some of the nastier viri that have > come about, they > aren't just limited to spreading via email or MS office > applications. Code > Red and Nimda are prime examples. I run IIS 5 on my game box, > to provide my > regulars access to output from a ping-probe MRTG script that > shows latency > data from the game server to the main backbone router users > must pass thru > to get to my server (or used to anyways...) so having some > type of real-time > protection against viri that can access my server via port 80 > (I know, close > it down... hush!) or any other port for that matter... that's > important to > me. Besides - it's an easy matter to tell Norton AV 2001 > (that's what I use) > to exclude hlds.exe and it's sub-directories from auto scans, > that way NAV > wont be continuously scanning the hlds.exe process as it's > running, thereby > reducing CPU overhead. > > Worth looking into. > > K2 > [EMAIL PROTECTED] > http://www.hardfought.org > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Stan Hoeppner > Sent: Monday, October 15, 2001 10:15 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [hlds] Re: Timeout During Map Changes > > > If your games server is dedicated to game serving, why do you > need a virus > scanner on it? Are you unaware/uneducated as to the means by > which viri and > worms propogate?? > > If the server is dedicated to game serving, and is behind a > NATing firewall, > you don't have anything to worry about. > > UNLESS, you surf the web or run outlook or office on that > server's console. > In this case, you're stupid, and are asking for trouble. > > I know some guys on the list will take exception to this > advice, as I'm not > spoon feeding you every possible configuration scenario, and > the config > changes needed to secure the box. > > If you're NATing at the server, or with a dedicated piece of > hardware, be > sure you're not allowing NETBIOS traffic outbound, or > inbound. And lock all > ports to the server, only redirecting port 27015 (27016... > and others if you > run multiple HLDS servers.) If you lock all ports, you don't need to > specifically worry about NETBIOS, as it is port 139. Just > lock em all down, > and you're set. > > If you're not doing other 'risky' console work on that > machine, you don't > need to worry about viri and worms infecting that game server. > > If it's not behind a firewall, just lock down all the ports > except those > needed by HLDS. If you weren't savvy enough to NOT install > IIS5 during W2K > server setup, disable it now. (Again, no need to worry here > if the server > is behind a firewall that doesn't allow port 80 traffic to > the game server). > > StanTheMan > TheHardwareFreak > www.hardwarefreak.devastation.cc > [EMAIL PROTECTED] > > > -----Original Message----- > > From: Ronnie Enriquez [mailto:[EMAIL PROTECTED]] > > Sent: Monday, October 15, 2001 3:36 PM > > To: [EMAIL PROTECTED] > > Subject: [hlds] Re: Timeout During Map Changes > > > > > > Yo Check-it! > > > > I finally figured out why my map changes are so slow. I'm > > running Win2k > > Server along with the latest version of McAfee NetShield + > > newest DATs. > > Disabling the virus scanner did NOT fix the problem, but > > shutting off the > > service altogether fixed the slow map changes. Now my maps > > change within 10 > > seconds, compared to up to 1 minute while running NetShield. > > > > Has anyone else run into this same NetShield issue? If so, > > do you have any > > resolutions to this problem? These days, I really would hate > > to run any > > type of server without a virus scanner. Is a virus scanner > > something I have > > to sacrifice in order to run CS? > > > > BTW: If I run Win2k Professional with McAfee VirusScan (not > > NetShield), > > everything runs fine. > > > > In addition, is Win2k Pro sufficient to run multiple CS > > servers on 1 box? > > The reason why I run Win2k Server is because I was told that > > Server has a > > more robust IP stack compared to Pro and is more reliable > > overall in terms > > of stability and performance, especially when running > > multiple instances of > > CS. I'm not running any of it's additional services (DNS, DHCP, AD, > > etc...), just CS... > > > > Any feedback is good feedback... > > > > > > -ronnie > > > > > > ----- Original Message ----- > > From: Ryan McCullough > > To: [EMAIL PROTECTED] > > Sent: Tuesday, October 09, 2001 2:31 PM > > Subject: RE: Timeout During Map Changes > > > > > > This has been covered many times but I will give you some pointers. > > > > It looks like you have fast drives. That was going to be my > > first question. > > Next, it looks like you have plenty of ram so you shouldn't > > be using the > > pagefile too much. The next thing I would suggest is to unpak > > the files in > > your pak0.pak file. This can save alot of loading time. > > > > Basically the thing that slows down map changes are your hard > > disks, the pak > > file, and the map. Some maps take longer to load than > others. Have you > > noticed problems on particular maps? I am told there are a > > couple maps that > > are particularly easy to load(de_dust). You didn't mention > if you are > > running any kind of raid?? It might help to run some type of > > striping, or if > > you don't have too many maps you might be able to fit your hlserver > > directory on a ramdrive. This would make it alot faster. > > > > -Ryan > > -----Original Message----- > > From: Ronnie Enriquez [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, October 09, 2001 1:55 PM > > To: [EMAIL PROTECTED] > > Subject: Timeout During Map Changes > > > > > > Hi Everyone! I'm not sure if this was previously addressed > or not.... > > but... > > > > In a nutshell, my CS server takes way too long to change > > maps. It is NOT > > because no one is pressing fire. I'll be in the server > > myself and will > > press fire to initiate the map change. I know the map is > > changing because i > > get a "flatline" on my netgraph. It is NOT due to the > > custom.hpk size. It > > is 7k. In addition, I have disabled uploads. > > > > Sometimes, it can take up to 1 minute to change maps. When > > this happens, > > people have reported seeing the dreaded message: "Warning: > > Connection > > Problem..." They will see this for a few seconds and will go > > away. When it > > goes away, they'll see the LOADING... message on the screen. > > Then they will > > enter the new map. Some people won't even get this far. > > They'll just be > > dropped altogether. > > > > When I do a manual changelevel, it takes even longer! The > > server does not > > crash during map change. Since the server is co-lo'd at a > > data center, I > > cannot physically see or hear if the HD is crunching away > > during the delay > > period. So I really don't know if there's anything happening > > on the server > > end. > > > > Bandwidth is not an issue. There's plenty of it. Also, some > > people say > > that this is a known issue. On the other hand, I've seen > > plenty of other > > win32-based CS servers out that don't have this issue. > > Anyone want to sell > > me a clue? > > > > BTW: Everything listed above has been done with a fresh new > > install of the > > OS, HL, and CS. > > > > My CS server is running on a fairly decent system: > > > > ---Hardware--- > > Pentium3 / 1GHz > > Asus CUSL2 Motherboard > > 768MB SDRAM > > Adaptec 2940UW SCSI Controller > > 2 x Seagate Barracudda 9.1GB UW-SCSI Drives > > 2 x IBM Deskstar 18GB UW-SCSI Drives > > > > ---Software--- > > Win2K Server SP2 > > HLDS 4.1.0.8a > > Counter-Strike 1.3 Full > > 20 players > > > > > > > > -ronnie > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > > archives, please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list > archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
