-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I spent a little while looking into this, and found a few things:
1) The servers with rcon_password=1 are fine, and don't seem to have been hacked. This is caused by the eventscripts rcon_lock plugin. Aside from showing the rcon_password as 1 it doesn't seem to have any negative effects. 2) The servers with actual rcon passwords have been hacked in some way. See http://forums.alliedmods.net/showthread.php?t=93937 for more details on this. Note that this is NOT an exploit in Sourcemod. Anyone running a server with files as described in that topic should email me the malicious plugins. - - Brian Rak -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkooNb4ACgkQdYIfzEQqW+mUAgCgyOlA+h8ur7xvMKoJTQRl/6nG xUEAoMGtzzoymi1hcpB0LAvUv8RtpFye =sACC -----END PGP SIGNATURE----- _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
