Not anymore, We run no rcon password now to stop them, which is a shame as it stops people getting their HLstats.
We tried, RCON commandline, DFENS, RCON Lock, KAC. Also some last ditch attempts, updating SM, removing SM.... The guys at SM were trying to work on a fix for it, but now moving to Orangebox engine, all existing hacks wont work, but could inspire them to build CSS/TF2 cross-game hacks. ________________________________________ From: [email protected] [[email protected]] on behalf of Mike Vail [[email protected]] Sent: Tuesday, June 22, 2010 8:14 AM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] HD Counte Strike Source: RCON HACKER I too use the Sourcemod Dfens, Rcon Lock and also Kigen's anticheat plugin on my CSS servers. Additionally, I set only set my RCON password in the server's command line using +rcon_password parameter instead of in a config file. I have tested these settings with known rcon hackers and they cannot take control. Hopefully this is still the case. Mike Vail On Jun 21, 2010, at 12:53 PM, "AnAkIn ." <[email protected]> wrote: > The file download exploit was fixed a while ago already, in EP1 and OB > Engine. > > 2010/6/21 ics <[email protected]> > >> There are plugins that can be ran on players pc which can retrieve >> the >> rcon password or change it. If your servers run es_tools or older >> version of mani-admin, it can also be easily hacked. Anyone can >> download >> your server.cfg off the server if you do not have D-FENS or similiar >> blocking the download or rcon_lock that prevents changing it or >> similiar. All this easily with plugins running on players machine. >> They >> need to go, as the plugins are ment for the servers, NOT for the >> clients. >> >> Video seems legit but no idea if that is really the case. It needs >> further investigation. >> >> -ics >> >> 21.6.2010 22:19, Anthony E. Prandi kirjoitti: >>> I have been on a server where someone blatantly hacked the rcon >>> while the >>> owner was there and there was nothing he could do.. he changed the >>> rcon >> and >>> the hacker got it in seconds again....this does exist whether or >>> not this >>> particular instance is true >>> >>> -----Original Message----- >>> From: [email protected] >>> [mailto:[email protected]] On Behalf Of Jonah >>> Hirsch >>> Sent: Monday, June 21, 2010 2:39 PM >>> To: Half-Life dedicated Win32 server mailing list >>> Subject: Re: [hlds] HD Counte Strike Source: RCON HACKER >>> >>> The sound effects made me think it could be... >>> >>> Sent from my Incredible >>> >>> On Jun 21, 2010 11:20 AM, "AnAkIn ."<[email protected]> wrote: >>> >>> How do you know the video is not fake? Could be. >>> >>> 2010/6/21 Juliano<[email protected]> >>> >>> >>> >>>> Thank you all for the answers, he discovered the rcon server with >>>> this >>>> tool. >>>> This is a brute ... >>>> >>> -- >>> Best regards, >>> AnAkIn, >>> ------------- >>> ESL EU TF2 Admin >>> http://www.esl.eu/eu/tf2 >>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view ... >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list >>> archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds >>> >>> >>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list >>> archives, >> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds >>> >> >> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list >> archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> > > > > -- > Best regards, > AnAkIn, > ------------- > ESL EU TF2 Admin > http://www.esl.eu/eu/tf2 > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list > archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
