[cod] Cfg download hacking
saimon
saimon at optonline.net
Tue Sep 14 18:44:07 EDT 2010
The only deterrent/options I had available to me at that time was to
remove the rcon password which as we all know makes server managment a
real drag or be very vigilent and locate the intuders ip-address in
your log files and ban there entire subnet so that if they reboot or
shut down their modem dsl or cable they can't use that address to attack
you. Of course keep in mind when you ban a subnet you ban all users
from that subnet so if the bad guy has a address of say 24.16.xxx.xxx
and you ban that subnet net every one that try's to access your server
from with address within the xxx.xxx octets will be banned as well.
Yeah the deal is the pitts and those that make the problem have a great
need of what I'll never know.
On 9/14/2010 2:14 PM, Marco Padovan wrote:
> I see...
>
> will take the "random cfg filename" path as all other workarounds are
> not acceptable for my use :(
>
> On Tue, Sep 14, 2010 at 8:01 PM, Morpheus<morpheus at clantoc.org> wrote:
>
>> I think iptables is too low-level to deal with such specific hack attempts.
>> At least you can use it to ban IP addresses you catch... It's sad it has not
>> been fixed since discovery, with all the games that are using the
>> codebase...
>>
>> Le 14/09/2010 19:32, Marco Padovan a écrit :
>>
>>> I'm aware of the exploits... was looking for some suggestion on how to
>>> fix them... even via iptables eventually...
>>>
>>> On Tue, Sep 14, 2010 at 6:56 PM, James Landi<jim at landi.net> wrote:
>>>
>>>> The exploit I just posted about could be an older version or not the
>>>> same
>>>> as described in this mail list thread.
>>>>
>>>> using the second link should give you a good list of quake based exploits
>>>> you may want to watch for.
>>>>
>>>> Sorry for the wrong ling
>>>>
>>>> Jim Landi
>>>> Rudedog
>>>> FPSadmin.com
>>>> Microsoft MVP, Games for Windows | Twitter@ therealrudedog
>>>>
>>>>
>>>> On 9/14/10 12:25 PM, Morpheus wrote:
>>>>
>>>>> We're talking about the built-in download system, not the http redirect
>>>>> one, which you can control with symlinks and htaccess features. It's
>>>>> about a
>>>>> security hole that virtually exists in all q3-based games (at least for
>>>>> the
>>>>> net code).
>>>>>
>>>>> Le 14/09/2010 18:21, Mavrick a écrit :
>>>>>
>>>>>> Anyone tried symbolic links?
>>>>>>
>>>>>> On 14/09/2010 3:11 AM, Nosjp Nosjp wrote:
>>>>>>
>>>>>>> The only one solution: set sv_allowDownload "0"
>>>>>>>
>>>>>>> On Mon, Sep 13, 2010 at 7:45 PM, Marco
>>>>>>> Padovan<evolutioncrazy at gmail.com
>>>>>>> <mailto:evolutioncrazy at gmail.com>> wrote:
>>>>>>>
>>>>>>> We are having major hack attempts that consist in people
>>>>>>> downloading the cfg files.... currently we had to use random
>>>>>>> file names...
>>>>>>>
>>>>>>> is there any solid work around?
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> cod mailing list
>>>>>>> cod at icculus.org<mailto:cod at icculus.org>
>>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> cod mailing list
>>>>>>> cod at icculus.org
>>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>>
>>>>>> _______________________________________________
>>>>>> cod mailing list
>>>>>> cod at icculus.org
>>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>>
>>>>> _______________________________________________
>>>>> cod mailing list
>>>>> cod at icculus.org
>>>>> http://icculus.org/mailman/listinfo/cod
>>>>>
>>>> _______________________________________________
>>>> cod mailing list
>>>> cod at icculus.org
>>>> http://icculus.org/mailman/listinfo/cod
>>>>
>>>>
>>> _______________________________________________
>>> cod mailing list
>>> cod at icculus.org
>>> http://icculus.org/mailman/listinfo/cod
>>>
>> _______________________________________________
>> cod mailing list
>> cod at icculus.org
>> http://icculus.org/mailman/listinfo/cod
>>
>>
> _______________________________________________
> cod mailing list
> cod at icculus.org
> http://icculus.org/mailman/listinfo/cod
>
>
More information about the cod
mailing list