I Have dynamic ip and i'm using dyndns with script that checks domain and when ip changes script also change iptables rule (remove old and add new ip).
You will must run special dyndns application or configure your router to use dyndns (if have that option), also it take some time to refresh domain ip after ip change. 2010/8/26 Eric Riemers <[email protected]>: > Or if you have a webserver running on it: > http://ruckman.net/downloads.htm#RUCKMANRCONSOURCE > > A php interface for rcon, then you can just say connect locally and deny all > requests from outside. (and still be able to manage it from outside) > > Eric > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of Ben Mendis > Sent: donderdag 26 augustus 2010 0:44 > To: Half-Life dedicated Linux server mailing list > Subject: Re: [hlds_linux] ip spoofing > > An alternative to setting up a whole VPN is to use Single Packet > Authentication to protect the port in question. > > http://cipherdyne.org/fwknop/ > > Works with iptables to dynamically open the port for a specific IP address > only after that IP has authenticated by sending a special cryptographic > packet. > > On Wed, Aug 25, 2010 at 6:06 PM, Allan Button <[email protected]> wrote: > >> Easy to fix this. Get static IP at home, then blacklist tcp 27015, and >> pinhole only your static IP at home to that port. >> >> If that's no good, because you either can't get static at home, or you >> need to manage from elsewhere, install vpn server on your server, >> block traffic to tcp 27015, and vpn in to manage rcon, that's how I am > handling it. >> >> They would need to hack my vpn to get my server. >> >> Allan >> >> -----Original Message----- >> From: [email protected] [mailto: >> [email protected]] On Behalf Of >> [email protected] >> Sent: Wednesday, August 25, 2010 9:45 AM >> To: [email protected] >> Subject: Re: [hlds_linux] ip spoofing >> >> >> >> >> On August 25, 2010 at 5:51 AM > [email protected]: >> >> > Message: 1 >> > Date: Tue, 24 Aug 2010 13:18:54 -0700 >> > From: pat w <[email protected]> >> > Subject: [hlds_linux] IP Spoofing rcon hacker >> > To: [email protected] >> > Message-ID: >> > >> > <[email protected]> >> > Content-Type: text/plain; charset=ISO-8859-1 >> > >> > Hi, >> > >> > I've already posted my problem on the srcds forums but I thought it >> > might get more feedback from the mailing list here. Basically what >> > I have here is a repeat offender trying to hack my server via the >> > console rcon. I've banned them with >> > >> > addip 0 210.51.45.37 >> > >> > as well as >> > >> > iptables -A INPUT -s 210.51.45.37 -j DROP >> > >> > However upon waking up in the morning and checking my console it >> > appears they are still at it every day for about 15 attempts -- >> > >> > Banning 210.51.45.37 for rcon hacking attempts (repeated about >> > fifteen times each day) >> > >> > I've not noticed any active connections to my server (players or >> > otherwise) when I notice these reports. How is it they can attempt >> > to hack my rcon without even being on my server at the time? Is >> > there a way to find out who is doing this and ban them entirely, or >> > will they just spoof their IP again? >> > >> > Thanks! >> > >> There are a few things that you can do to protect yourself. You >> should check into your network controls to make sure your ip4 settings >> dont allow for spoofing. The other thing would be to ban more then >> that single address. Ban his CIDR address instead. >> >> iptables -A INPUT -s 210.51.0.0/16 -j DROP >> >> That address is from China. You can look up any ip address via >> www.dnsstuff.com. If it cant find the information for you, it will point >> you to the appropriate resource like ARIN. >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> _______________________________________________ >> To unsubscribe, edit your list preferences, or view the list archives, >> please visit: >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux >> > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please > visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
