Hi Dimitri, have talked to our Server Admin. He installed KAC at Monday and the last crash was today :(
What do you mean with cvars ? Special CVars ? -------- Original-Nachricht -------- > Datum: Fri, 22 Jan 2010 16:44:17 +0100 > Von: Jacob Juul <[email protected]> > An: [email protected] > Betreff: Re: [hlds_linux] Rcon Hacking attempts > > Gameserver. trust me, i know how it feels.. keeps crashing your > server(s).. not anymore, here's the link > http://forums.alliedmods.net/showthread.php?t=114153 > > PLEASE let me know if you want cvars for the sourcemod.cfg or any help, > LET'S BLOCK THOSE....... ... > > no pretty words left > > > > > > Please look around in there.. and tell others about this. But at the same > time keep i safe from those idiots who will try to break it.. but at the > same time i dont think they can.. because this Kigen guy.. he is a hardcore > one.. So back him up and let him know if it works and thank him. He is the > help valve never will get you. > > > Date: Fri, 22 Jan 2010 16:14:21 +0100 > > From: [email protected] > > To: [email protected] > > Subject: Re: [hlds_linux] Rcon Hacking attempts > > > > How can I block the Port ? > > > > And sorry... but I cant find an download Link for KAC > > > > Must I install it on Root or on Gameserver ? > > > > > > -------- Original-Nachricht -------- > > > Datum: Fri, 22 Jan 2010 15:54:25 +0100 > > > Von: Jacob Juul <[email protected]> > > > An: [email protected] > > > Betreff: Re: [hlds_linux] Rcon Hacking attempts > > > > > > > > Avoid all attacks, i post it once more guys... > > > > > > Dosattackfixer = fixed flood > > > Sourcemod also has this, but does not block all flood programs > > > > > > Rcon_lock for sourcemod = alot of rcon exploits > > > > > > And the best for last > > > > > > KAC!.. KAC has been so much updated it blocks almost everything.. We > used > > > to be goal one for crashers, but now we see them running. It's must > for > > > your servers, trust me... > > > > > > Read here > > > > > > Kigenac.com > > > > > > Use KAC 1.2.0.7 and remember to install SOCKET 3.0..something, or > higher. > > > > > > If it crashes? > > > > > > Be sure to shut it down before installing > > > > > > > > > > > > > From: [email protected] > > > > To: [email protected] > > > > Date: Fri, 22 Jan 2010 09:32:32 -0500 > > > > Subject: Re: [hlds_linux] Rcon Hacking attempts > > > > > > > > I get a lot less of these when I moved rcon port to a different port > > > using port forwarding in iptables. > > > > > > > > 27015 seems to have a bulls eye on it. > > > > > > > > Allan > > > > > > > > -----Original Message----- > > > > From: [email protected] > > > [mailto:[email protected]] On Behalf Of Daniel > Nilsson > > > > Sent: Friday, January 22, 2010 8:45 AM > > > > To: Half-Life dedicated Linux server mailing list > > > > Subject: Re: [hlds_linux] Rcon Hacking attempts > > > > > > > > Block tcp connection it is the easy way to protect your server. Only > > > > allow your own trusted ip. > > > > > > > > //Daniel > > > > > > > > [email protected] skrev: > > > > > hi Claudio, > > > > > > > > > > rcon lock is allready installed. > > > > > Which values should I use at sv_rcon_minfailures and maxfailures ? > > > > > > > > > > > > > > > -------- Original-Nachricht -------- > > > > > > > > > >> Datum: Fri, 22 Jan 2010 10:51:20 +0100 > > > > >> Von: Claudio Beretta <[email protected]> > > > > >> An: Half-Life dedicated Linux server mailing list > > > <[email protected]> > > > > >> Betreff: Re: [hlds_linux] Rcon Hacking attempts > > > > >> > > > > > > > > > > > > > > >> You should use the "rcon lock" sourcemod plugin > > > > >> http://forums.alliedmods.net/showthread.php?t=93934 > > > > >> and ensure that sv_rcon_minfailures and sv_rcon_maxfailures are > set > > > to > > > > >> very > > > > >> high values (check your config). > > > > >> > > > > >> Another alternative is to block the 27015 tcp port (assuming your > > > > >> gameserver > > > > >> is run on that port). > > > > >> > > > > >> > > > > >> > > > > >> On Fri, Jan 22, 2010 at 7:09 AM, <[email protected]> wrote: > > > > >> > > > > >> > > > > >>> Hello, > > > > >>> > > > > >>> we have an big problem on our DOD:S Gameserver. > > > > >>> Someone attack our Server with "rcon hacking attempts" (thats in > the > > > > >>> screenlog) > > > > >>> > > > > >>> rcon from "91.148.94.233:51401": Bad Password > > > > >>> Banning 91.148.94.233 for rcon hacking attempts > > > > >>> L 01/22/2010 - 03:51:02: Addip: "<><><>" was banned by IP "for > > > > >>> > > > > >> 20000000.00 > > > > >> > > > > >>> minutes" by "Console" (IP "91.148.94.233") > > > > >>> Banning 91.148.94.233 for rcon hacking attempts > > > > >>> L 01/22/2010 - 03:51:02: Addip: "<><><>" was banned by IP "for > > > > >>> > > > > >> 20000000.00 > > > > >> > > > > >>> minutes" by "Console" (IP "91.148.94.233") > > > > >>> ./srcds_run: line 335: 14016 Speicherzugriffsfehler $HL_CMD > > > > >>> Add "-debug" to the ./srcds_run command line to generate a > debug.log > > > to > > > > >>> help with solving this problem > > > > >>> Fr 22. Jan 03:51:02 CET 2010: Server restart in 10 seconds > > > > >>> > > > > >>> > > > > >>> > > > > >>> Know Valve that there is an exploit like that and do they > something > > > ? ? > > > > >>> Or what can we do ? > > > > >>> The Ip from where the attacks come, are every time an other IP. > We > > > think > > > > >>> they use the "TOR Project" > > > > >>> > > > > >>> And no, it is NO RAM Failure... When the Server runs on an other > > > Port, > > > > >>> > > > > >> then > > > > >> > > > > >>> there are no attacks :( > > > > >>> > > > > >>> I hope someone can help me > > > > >>> > > > > >>> > > > > >>> -- > > > > >>> Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla > > > Firefox > > > > >>> > > > > >> 3.5 > > > > >> > > > > >>> - > > > > >>> sicherer, schneller und einfacher! > > > http://portal.gmx.net/de/go/chbrowser > > > > >>> > > > > >>> _______________________________________________ > > > > >>> To unsubscribe, edit your list preferences, or view the list > > > archives, > > > > >>> please visit: > > > > >>> http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > >>> > > > > >>> > > > > >> _______________________________________________ > > > > >> To unsubscribe, edit your list preferences, or view the list > > > archives, > > > > >> please visit: > > > > >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > __________ Information from ESET NOD32 Antivirus, version of virus > > > signature database 4797 (20100122) __________ > > > > > > > > The message was checked by ESET NOD32 Antivirus. > > > > > > > > http://www.eset.com > > > > > > > > > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view the list > archives, > > > please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view the list > archives, > > > please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > > _________________________________________________________________ > > > Få 25 GB lagerplads på nettet! > > > > http://www.microsoft.com/danmark/windows/windowslive/products/skydrive.aspx > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > -- > > Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox > 3.5 - > > sicherer, schneller und einfacher! http://portal.gmx.net/de/go/chbrowser > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > _________________________________________________________________ > Få 25 GB lagerplads på nettet! > http://www.microsoft.com/danmark/windows/windowslive/products/skydrive.aspx > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3.5 - sicherer, schneller und einfacher! http://portal.gmx.net/de/go/atbrowser _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
