Can we focus on exploits please? I THINK RCON IS CLEAR. On Mon, Sep 13, 2010 at 8:21 PM, clad iron <[email protected]> wrote:
> So if > sv_rcon_minfailures 3 > and you make a mistake and get banned. your going to wait the amount of > time > you got banned before you try to access your rcon again ? > > If that happen to me i would use FTP to remove the ban , or the web > interface to remove it from the mysql DB. > After the 2nd atemp to enter rcon. if that didn't work, i think it would be > a good idea to double check the server.cfg for the rcon vers making another > mistake. > > Again this not to start an argument, but to only understand why. > > > > On Mon, Sep 13, 2010 at 11:35 AM, [蓉wilight侷 <[email protected]> wrote: > > > Don't cite me, I use 14-character rcon. :P > > > > > > Codeseer wrote: > > > >> Yeah, these guys trying to say a 6 character password is so uber aren't > >> thinking like a cracker. We know how the quality of valve coding can > be... > >> a > >> good example is the sentry/dispenser/sapper exploit that was so wide > >> spread > >> and still has usable exploit potential on some levels, which I won't go > >> into > >> here. But I will pose this question... what happens to your dictionary > >> level > >> password when a bug or exploit renders the previously mentioned cvars > >> useless? ... anybody serious about security tries to make use of > >> multi-factor and multi-level authentications where possible. > >> > >> -----Original Message----- > >> From: [email protected] > >> [mailto:[email protected]] On Behalf Of Alon Gubkin > >> Sent: Monday, September 13, 2010 10:59 AM > >> To: [email protected]; [email protected] > >> Subject: Re: [hlds] SRCDS Protect Tips > >> > >> Guys, I'm sure safe rcon password is a clear rule, but I was really > >> talking > >> about exploits in the game, like cheating, crashes, takeovers and etc. > >> > >> On Mon, Sep 13, 2010 at 10:12 AM, [>Twilight<] <[email protected]> > >> wrote: > >> > >> > >> > >>> Because you can accidentally make mistakes on your own, when you typing > >>> your rcon and using it. And that's why > >>> > >>> sv_rcon_minfailures 3 > >>> > >>> even better. You don't want to be banned from your own server, don't > you? > >>> > >>> > >>> clad iron wrote: > >>> > >>> > >>> > >>>> to each his own, but if someone was trying to hack your rcon, why give > >>>> them > >>>> a 2nd chance ? > >>>> If it is set to "sv_rcon_minfailures 2" and it was an admin that > failed > >>>> the > >>>> password, i would thing they could get a hold of someone to remove it. > >>>> > >>>> if i'm not seeing this correctly or there would be other reasons to > >>>> allow > >>>> someone that tries to hack rcon access and fails to rejoin. > >>>> Then please tell me. > >>>> > >>>> > >>>> > >>>> > >>> _______________________________________________ > >>> To unsubscribe, edit your list preferences, or view the list archives, > >>> please visit: > >>> http://list.valvesoftware.com/mailman/listinfo/hlds > >>> > >>> > >>> > >> _______________________________________________ > >> To unsubscribe, edit your list preferences, or view the list archives, > >> please visit: > >> http://list.valvesoftware.com/mailman/listinfo/hlds > >> > >> > >> _______________________________________________ > >> To unsubscribe, edit your list preferences, or view the list archives, > >> please visit: > >> http://list.valvesoftware.com/mailman/listinfo/hlds > >> > >> > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
