rcon_address would allow them to try rcon commands without being logged into the server.
-----Original Message----- From: David Rosner [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 26, 2003 2:01 PM To: [EMAIL PROTECTED] Subject: [hlds_linux] rcon hacking w/out being logged into server? Hello, this is my first post to the list. I noticed something strange on my server a few minutes ago. Someone was trying to guess my rcon password and execute commands on my dedicated server. They were using passwords like "leet" and "baby" while trying to change SV_GRAVITY to 800. When I typed "users" there was no one logged in! There were no client drop messages or anything to suggest that someone was playing the game. I have the persons IP address as reported by rcon when the command failed. Any ideas on what's happening? I find it unsettling that rcon may be useable by anyone on the Internet. BTW I've had rcon disabled from the beginning but this is still disconcerting. Thanks for your help! -Dave _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.458 / Virus Database: 257 - Release Date: 2/24/2003 _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
