I'm unable to find any information on this 'ownedgroup' which apparently released this rcon hack.
On Tue, Jun 22, 2010 at 9:48 AM, Shane Arnold <[email protected]> wrote: > How is updating a firewall to secure a server a pain in the ass? > > Perhaps you should of said "normal" server owners are slack? Windows is > point and click and iptables is one line of text (a lot shorter than > this email). I'd also imagine pretty much damn near all GSP's use a > static IP system, and you'll find the minority of people experiencing > RCON hack attempts are people at home on dynamic IP DSL connections > being hacked. > > **On 22/06/2010 7:32 AM, Rothgar wrote: >> Yeah that sounds like the best method of doing it. >> >> I am not sure if someone could hook rcon attempts and make some sort of >> whitelist system? Through SourceMod or MetaMod or something. >> >> Updating firewall rules would be a PITA for normal server owners and >> especially GSP's, also with a number of people probably not having static >> IP's however I'm sure it works well for people who have static IP's and have >> access to firewalls. >> >> -------------------------------------------------- >> From: "Matthew Lyons"<[email protected]> >> Sent: Monday, June 21, 2010 4:17 PM >> To: "Half-Life dedicated Win32 server mailing list" >> <[email protected]> >> Subject: Re: [hlds] HD Counte Strike Source: RCON HACKER >> >> >>> There are other videos on YT of similar hacks all look to use the same >>> process. >>> >>> 1) Install either a 3rd party plugin or dll to a CSS client installation. >>> 2) Run the modified CSS client >>> 3) On CSS client invoke the plugin/hack via console command >>> 4) Minimise and run a separate windows executable that prompts for a >>> servers IP:port >>> 5) After entering an IP:port combination about 4-5 lines of "Decrypting >>> rcon password" progress bars show >>> 6) After about 5s the server name, ip and rcon password are displayed >>> 7) In the video he does this about 4 times and successfully connects to 3 >>> of the servers (4th had blocked the port so HLSW timed out). >>> >>> All related videos on YT showed a similar process. >>> >>> Block your rcon ports or setup a firewall allowing only a whitelist of IPs >>> to pass through it. >>> >>> I doubt valve will fix this, they are moving CSS to OB and this is just >>> another incentive for them to do so. >>> >>> -- >>> Matt Lyons >>> Content Administrator, games.on.net >>> Email: [email protected] >>> Web: http://games.on.net >>> "In theory, there is no difference between theory and practice; In >>> practice, there is." >>> >>> >>> >>> _______________________________________________ >>> To unsubscribe, edit your list preferences, or view the list archives, >>> please visit: >>> http://list.valvesoftware.com/mailman/listinfo/hlds >>> >>> >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
