A lot of us just use sourcemod to manage admins and we use direct ssh to
server (or rpc and whatnot if you are on windows) and access the server
console if we need to do so. I've ran gameservers nearly 10 years and
haven't used rcon that much, ever. However, i do have rcon set and it's
not
Well then weasels, your hlstats webpanel will never show who's on the
server because daemon can't rcon the server.
On Fri, Jan 23, 2015 at 9:12 PM, Weasels Lair wea...@weaselslair.com wrote:
I run hlstats and sourcebans without rcon and do without the rcon
integration.
On Jan 23, 2015 4:20
Make sure you also have sv_workshop_allow_other_maps 0 otherwise someone
may be able to load a malicious map onto the server.
On Jan 23, 2015 10:12 AM, Nomaan Ahmad n0man@gmail.com wrote:
OP mentioned about allowing gameme's rcon connection, so this plugin will
help him.
TCP can be
: [hlds] Someone took over server
Make sure you also have sv_workshop_allow_other_maps 0 otherwise someone may be
able to load a malicious map onto the server.
On Jan 23, 2015 10:12 AM, Nomaan Ahmad n0man@gmail.com wrote:
OP mentioned about allowing gameme's rcon connection, so this plugin
...@gmail.com
Date:01/23/2015 12:24 (GMT-05:00)
To: Half-Life dedicated Win32 server mailing list
hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
Make sure you also have sv_workshop_allow_other_maps 0 otherwise someone
may be able to load a malicious map onto the server
wazanato...@gmail.com
Date:01/23/2015 12:24 (GMT-05:00)
To: Half-Life dedicated Win32 server mailing list
hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
Make sure you also have sv_workshop_allow_other_maps 0 otherwise
someone may be able to load a malicious map onto
Sourcemods RCON has limitations. Try getting a full status output with
sm_rcon, or anything that returns a lot of information.
External plugins or logging tools(HLStats, GameME, Sourcebans) also
require RCON.
On 1/23/2015 4:14 PM, Weasels Lair wrote:
I don't understand why people even enable
I don't understand why people even enable RCON any more. That's what
SourceMod and AMX-Mod-X are for. Just use those to lock it down to which
players SteamID's will be your admins.
___
To unsubscribe, edit your list preferences, or view the list
From: Jesse Oak wazanato...@gmail.com
Date:01/23/2015 12:24 (GMT-05:00)
To: Half-Life dedicated Win32 server mailing list
hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
Make sure you also have sv_workshop_allow_other_maps 0 otherwise
someone may be able to load
I used it predominantly because I could fix something from at work without
having to ssh into my box. I also set the password in-line and not the
config to prevent the upload-download exploit from being a problem.
___
To unsubscribe, edit your list
Whitelisting home connections is rather pointless since the majority
have dynamic IP addresses that constantly change. Then there's the
problem that IP addresses can be easily spoofed.
The inbound packets can be source-spoofed, but full TCP links and return
UDP will not reach the spoofer
As already stated by Crazed Gunman, things like Source Query,
SourceBans, Gameme/HLStatsX:CE require the engine's rcon to run
commands on the server.
On Fri, Jan 23, 2015 at 4:14 PM, Weasels Lair wea...@weaselslair.com wrote:
I don't understand why people even enable RCON any more. That's what
-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
That's good for you, but some communities need it.
RCON is fine if used properly, like issuing IP bans for failed attempts etc.
In CS:GO sv_allowdownload and sv_allowupload
That's good for you, but some communities need it.
RCON is fine if used properly, like issuing IP bans for failed attempts etc.
In CS:GO sv_allowdownload and sv_allowupload can be set to 0 anyway to
fix any download exploits since it doesn't support sprays and you should
be used
I run hlstats and sourcebans without rcon and do without the rcon
integration.
On Jan 23, 2015 4:20 PM, William Pickard lollol22...@gmail.com wrote:
As already stated by Crazed Gunman, things like Source Query,
SourceBans, Gameme/HLStatsX:CE require the engine's rcon to run
commands on the
Cc:
Subject: Re: [hlds] Someone took over server
That's good for you, but some communities need it.
RCON is fine if used properly, like issuing IP bans for failed attempts etc.
In CS:GO sv_allowdownload and sv_allowupload can be set to 0 anyway to fix any
download exploits since it doesn't
Sorry, I meant properly using the engines built in ban system for failed
login attempts. On our servers I think we allow 5 failed attempts before
we IP ban for an hour.
On 1/23/2015 11:20 PM, Korrey Moore wrote:
RCON is fine if used properly, like issuing IP bans for failed
attempts etc.
RCON is fine if used properly, like issuing IP bans for failed attempts
etc.
You don't need RCON to issue an IP ban. Why you'd want to ban someone by IP
address is beyond me since IP bans are pretty much useless.
I have tried to ban people but the steam I'd doesn't stay in the file it
You should use SMAC's RCON Locker and whitelist IP that you want to allow.
http://smac.sx/
Whitelisting home connections is rather pointless since the majority have
dynamic IP addresses that constantly change. Then there's the problem that
IP addresses can be easily spoofed.
It's a TCP
Cc:
Subject: Re: [hlds] Someone took over server
Whitelisting home connections is rather pointless since the majority
have dynamic IP addresses that constantly change. Then there's the
problem that IP addresses can be easily spoofed.
The inbound packets can be source-spoofed, but full TCP
OP mentioned about allowing gameme's rcon connection, so this plugin will
help him.
TCP can be spoofed? I thought that was true for UDP.
I have had similar server hijackings in the past, this plugin helped.
Blocking off rcon by using rcon_password or disabling TCP altogether
might have same
: Peter Jerde peter-h...@jerde.net
Date:01/22/2015 20:49 (GMT-05:00)
To: Half-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
What game?
Check your logs. It might indicate if there were a bunch of bad rcon password
attempts
Date:01/22/2015 20:35 (GMT-05:00)
To: Half-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
Your question is a bit confusing. Are you asking if there is a way to stop
someone learning your RCON password or are you asking
took over server
What game?
Check your logs. It might indicate if there were a bunch of bad rcon
password attempts before the successful ones came through, or whether the
attacker was using some authority granted by one of your plugins (sourcemod
or whatnot).
Also consider other non-game avenues
@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
How do you give your admins admin? By steamid I hope
On 2015-01-22 9:01 PM, 2xcombatvet 2xcombat...@gmail.com wrote:
Sorry this is for cs go. Ya someone came in and took my server over and even
banned my IP address. Had to remove it from
:
Subject: Re: [hlds] Someone took over server
What game?
Check your logs. It might indicate if there were a bunch of bad rcon
password attempts before the successful ones came through, or whether the
attacker was using some authority granted by one of your plugins (sourcemod
or whatnot
:01/22/2015 20:35 (GMT-05:00)
To: Half-Life dedicated Win32 server mailing list
hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
Your question is a bit confusing. Are you asking if there is a way to stop
someone learning your RCON password or are you asking
@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
Upload/download exploit possibly. Are you listing your rcon password in your
server.cfg?
For my community I just block TCP packets to the port 27015 with my firewall
and whitelist my IP
Sent from my iPhone
On Jan 22
@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
Upload/download exploit possibly. Are you listing your rcon password in your
server.cfg?
For my community I just block TCP packets to the port 27015 with my firewall
and whitelist my IP
Sent from my iPhone
On Jan 22, 2015
You should not be using RCON when other alternatives for server
administration exist like Source Mod. RCON is basically root access to your
server and has almost nil security protection against all sorts of attacks.
There have been innumerable RCON exploits exposed over the years on pretty
much
Original message
From: Cody Woodson xxwoodyman123...@sbcglobal.net
Date:01/22/2015 21:47 (GMT-05:00)
To: Half-Life dedicated Win32 server mailing list
hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
Upload/download exploit possibly. Are you listing
:
Subject: Re: [hlds] Someone took over server
Upload/download exploit possibly. Are you listing your rcon password in your
server.cfg?
For my community I just block TCP packets to the port 27015 with my firewall
and whitelist my IP
Sent from my iPhone
On Jan 22, 2015, at 6:24 PM, 2xcombatvet
+1 on using source mod where possible
If you set the rcon password on the command line, it cannot be changed at
runtime.
On Jan 22, 2015, at 7:06 PM, Korrey Moore ajac...@gmail.com wrote:
You should not be using RCON when other alternatives for server
administration exist like Source Mod.
If you absolutely need to leave RCON enabled, then restricting access to it
with a firewall rule is probably the best option. In other Valve games
there were server cvars to control the number of failed RCON attempts
before a client was banned:
sv_rcon_banpenalty
sv_rcon_maxfailures
You should use SMAC's RCON Locker and whitelist IP that you want to allow.
http://smac.sx/
On 23 January 2015 at 03:50, Tom Weir tw...@geekwerks.ca wrote:
+1 on using source mod where possible
If you set the rcon password on the command line, it cannot be changed at
runtime.
On Jan 22,
stats?
Sent from my T-Mobile 4G LTE Device
Original message
From: Tom Weir tw...@geekwerks.ca
Date:01/22/2015 22:50 (GMT-05:00)
To: Half-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
+1 on using
T-Mobile 4G LTE Device
Original message
From: Tom Weir tw...@geekwerks.ca
Date:01/22/2015 22:50 (GMT-05:00)
To: Half-Life dedicated Win32 server mailing list
hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
+1 on using source mod where
-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
+1 on using source mod where possible
If you set the rcon password on the command line, it cannot be changed at
runtime.
On Jan 22, 2015, at 7:06 PM, Korrey Moore ajac
: Stephen Swires st...@swires.me
Date:01/22/2015 23:06 (GMT-05:00)
To: Half-Life dedicated Win32 server mailing list
hlds@list.valvesoftware.com
Cc:
Subject: Re: [hlds] Someone took over server
It's a TCP block, dunno why he said HTTP explicitly because it isn't HTTP.
On 23 Jan 2015 04:04
I was getting people to join the server to fill it up and before I joined
someone was on my server banning people. He even banned me as I joined. He must
have gained access to my econ somehow. I have never gave my econ to no one and
no one is set to have access but me. So my question is how do
Your question is a bit confusing. Are you asking if there is a way to stop
someone learning your RCON password or are you asking if there is another way
they got into your server's console?
—
Sent from Mailbox
On Thu, Jan 22, 2015 at 8:33 PM, 2xcombatvet 2xcombat...@gmail.com
wrote:
I was
What game?
Check your logs. It might indicate if there were a bunch of bad rcon password
attempts before the successful ones came through, or whether the attacker was
using some authority granted by one of your plugins (sourcemod or whatnot).
Also consider other non-game avenues of connecting
42 matches
Mail list logo
