Avoid all attacks, i post it once more guys... Dosattackfixer = fixed flood Sourcemod also has this, but does not block all flood programs
Rcon_lock for sourcemod = alot of rcon exploits And the best for last KAC!.. KAC has been so much updated it blocks almost everything.. We used to be goal one for crashers, but now we see them running. It's must for your servers, trust me... Read here Kigenac.com Use KAC 1.2.0.7 and remember to install SOCKET 3.0..something, or higher. If it crashes? Be sure to shut it down before installing > From: [email protected] > To: [email protected] > Date: Fri, 22 Jan 2010 09:32:32 -0500 > Subject: Re: [hlds_linux] Rcon Hacking attempts > > I get a lot less of these when I moved rcon port to a different port using > port forwarding in iptables. > > 27015 seems to have a bulls eye on it. > > Allan > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Daniel Nilsson > Sent: Friday, January 22, 2010 8:45 AM > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] Rcon Hacking attempts > > Block tcp connection it is the easy way to protect your server. Only > allow your own trusted ip. > > //Daniel > > [email protected] skrev: > > hi Claudio, > > > > rcon lock is allready installed. > > Which values should I use at sv_rcon_minfailures and maxfailures ? > > > > > > -------- Original-Nachricht -------- > > > >> Datum: Fri, 22 Jan 2010 10:51:20 +0100 > >> Von: Claudio Beretta <[email protected]> > >> An: Half-Life dedicated Linux server mailing list > >> <[email protected]> > >> Betreff: Re: [hlds_linux] Rcon Hacking attempts > >> > > > > > >> You should use the "rcon lock" sourcemod plugin > >> http://forums.alliedmods.net/showthread.php?t=93934 > >> and ensure that sv_rcon_minfailures and sv_rcon_maxfailures are set to > >> very > >> high values (check your config). > >> > >> Another alternative is to block the 27015 tcp port (assuming your > >> gameserver > >> is run on that port). > >> > >> > >> > >> On Fri, Jan 22, 2010 at 7:09 AM, <[email protected]> wrote: > >> > >> > >>> Hello, > >>> > >>> we have an big problem on our DOD:S Gameserver. > >>> Someone attack our Server with "rcon hacking attempts" (thats in the > >>> screenlog) > >>> > >>> rcon from "91.148.94.233:51401": Bad Password > >>> Banning 91.148.94.233 for rcon hacking attempts > >>> L 01/22/2010 - 03:51:02: Addip: "<><><>" was banned by IP "for > >>> > >> 20000000.00 > >> > >>> minutes" by "Console" (IP "91.148.94.233") > >>> Banning 91.148.94.233 for rcon hacking attempts > >>> L 01/22/2010 - 03:51:02: Addip: "<><><>" was banned by IP "for > >>> > >> 20000000.00 > >> > >>> minutes" by "Console" (IP "91.148.94.233") > >>> ./srcds_run: line 335: 14016 Speicherzugriffsfehler $HL_CMD > >>> Add "-debug" to the ./srcds_run command line to generate a debug.log to > >>> help with solving this problem > >>> Fr 22. Jan 03:51:02 CET 2010: Server restart in 10 seconds > >>> > >>> > >>> > >>> Know Valve that there is an exploit like that and do they something ? ? > >>> Or what can we do ? > >>> The Ip from where the attacks come, are every time an other IP. We think > >>> they use the "TOR Project" > >>> > >>> And no, it is NO RAM Failure... When the Server runs on an other Port, > >>> > >> then > >> > >>> there are no attacks :( > >>> > >>> I hope someone can help me > >>> > >>> > >>> -- > >>> Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox > >>> > >> 3.5 > >> > >>> - > >>> sicherer, schneller und einfacher! http://portal.gmx.net/de/go/chbrowser > >>> > >>> _______________________________________________ > >>> To unsubscribe, edit your list preferences, or view the list archives, > >>> please visit: > >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux > >>> > >>> > >> _______________________________________________ > >> To unsubscribe, edit your list preferences, or view the list archives, > >> please visit: > >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux > >> > > > > > > > > __________ Information from ESET NOD32 Antivirus, version of virus signature > database 4797 (20100122) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux _________________________________________________________________ Få 25 GB lagerplads på nettet! http://www.microsoft.com/danmark/windows/windowslive/products/skydrive.aspx _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
