<div>Hello,</div><div></div><div>Maybe I'm misunderstanding your script, but won't the initial rm delete the clients' dirs, thus removing the config files as well as possible mods installed, etc?<br></div><div class="gmail_quote">
</div><div class="gmail_quote">Cheers,</div><div class="gmail_quote">Tomé Duarte</div><div class="gmail_quote"></div><div class="gmail_quote">On Fri, May 29, 2009 at 3:06 PM, escapedturkey <span dir="ltr"><<a href="mailto:escapedturkey@escapedturkey.com">escapedturkey@escapedturkey.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">You could update the files automatically every 24 hours so they always have the legit binaries and iwd files.<br>
<br>
Example:<br>
<br>
crontab this ever 24 hours.<br>
<br>
update-files.bsh<br>
<br>
#!/bin/bash<br>
rm -f /home/users<br>
chattr -R +i /home/install<br>
cd /home<br>
ls -1p|grep /|grep -v install|cut -d "/" -f1 > users<br>
for user in `cat users`<br>
do<br>
rsync -av /home/install/cod4 /home/$user/<br>
done<br>
rm -f /home/users<br>
exit $?<br>
<br>
Make sure no .cfg files are in your skeleton version so to avoid over-writes. This would make sure .iwd and binaries are legit every 24 hours.<br>
<br>
<br>
Oliver Warburton wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">
This is the first thing I would do.<br>
<br>
Then replace those files back. Then try every way possible to try and overwrite them.<br>
They must be overwriting then somehow, and remember these people aren't the kind that would just do it over FTP. They can be quite sneaky, and that involves hacking round your setup to get what they want.<br>
Oliver Warburton,<br>
Managing Director<br>
INX-Network LTD<br>
INX-Gaming<br>
|<br>
</div><a href="http://www.inx-gaming.com" target="_blank">www.inx-gaming.com</a> <<a href="http://www.inx-gaming.com" target="_blank">http://www.inx-gaming.com</a>><div class="im"><br>
<br>
----- Original Message -----<br>
*From:* Einar S. Idsø <mailto:<a href="mailto:einar.cod@norsk-esport.no" target="_blank">einar.cod@norsk-esport.no</a>><br>
*To:* Call of Duty server admin list. <mailto:<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a>><br>
*Sent:* Friday, May 29, 2009 10:24 AM<br>
*Subject:* Re: [cod] Beware...<br>
<br>
Have you checked the binaries of the alleged hacked servers and<br>
compared them with binaries from the non-hacked ones? You could run<br>
an md5sum on the specific file(s) only, or a diff -r --brief<br>
/path/to/nonhackedserver /path/to/hackedserver to look for differences.<br>
<br>
Cheers,<br>
Einar<br>
<br>
On Fri, May 29, 2009 at 11:10 AM, Matt | Pointy BestGN<br></div><div class="im">
<<a href="mailto:matt@bestgn.net.au" target="_blank">matt@bestgn.net.au</a> <mailto:<a href="mailto:matt@bestgn.net.au" target="_blank">matt@bestgn.net.au</a>>> wrote:<br>
<br>
No.<br>
<br>
<br>
Up until a couple of weeks ago, the only ppl to have access to<br>
the cod4 directories were myself and 1 other person that runs<br>
the network with me.<br>
<br>
We have never allowed box access to anyone.<br>
<br>
<br>
<br>
<br>
*From:* Clanwarz [mailto:<a href="mailto:clanwarz@gmail.com" target="_blank">clanwarz@gmail.com</a><br>
<mailto:<a href="mailto:clanwarz@gmail.com" target="_blank">clanwarz@gmail.com</a>>]<br>
*Sent:* Friday, May 29, 2009 7:02 PM<br>
<br>
*To:* Call of Duty server admin list.<br>
*Subject:* Re: [cod] Beware...<br>
<br>
<br>
Can your clients remove the bin or exe and replace it?<br>
<br>
<br>
--jay<br>
<br>
On Fri, May 29, 2009 at 3:40 AM, Matt | Pointy BestGN<br></div><div><div class="h5">
<<a href="mailto:matt@bestgn.net.au" target="_blank">matt@bestgn.net.au</a> <mailto:<a href="mailto:matt@bestgn.net.au" target="_blank">matt@bestgn.net.au</a>>> wrote:<br>
<br>
Hey peeps..<br>
<br>
I'm having a problem identifying why some of my COD4 servers are<br>
displaying<br>
as 'cracked' servers.<br>
Over the many months of hosting COD4, both public servers and<br>
sponsored clan<br>
servers, I have always used the same set of installed (updated)<br>
files from a<br>
core install.<br>
At one stage I had 6 public and 3 sponsored servers running - 2<br>
showing as<br>
cracked (allset up and installed from the same core files)<br>
<br>
<br>
I uploaded the game files when I purchased the game on release-<br>
so the game<br>
files are 100% legit<br>
If I wanted a new COD4 server up, I add a user (or new dir under<br>
the cod4<br>
user), cp the core files to the user dir, edit the server config<br>
and away we<br>
go...<br>
<br>
All my update patches have always been downloaded via links from<br>
this<br>
mailing list and linux bins are always downloaded from links on<br>
FPSAdmin...<br>
<br>
Anyone got any ideas why they are showing as being cracked?<br>
<br>
<br>
<br>
-----Original Message-----<br>
From: MaydaX [mailto:<a href="mailto:maydaxone@gmail.com" target="_blank">maydaxone@gmail.com</a><br>
<mailto:<a href="mailto:maydaxone@gmail.com" target="_blank">maydaxone@gmail.com</a>>]<br>
Sent: Friday, May 29, 2009 8:46 AM<br>
To: Call of Duty server admin list.<br>
Subject: Re: [cod] Beware...<br>
<br>
MD5 checks would do the trick. Also you can check the value of<br>
authservername to be sure it's correct as an added check.<br>
<br>
The main issue is legit players are populating cracked servers.<br>
The client<br>
could check the master server to see if the server they are<br>
connecting to is<br>
listed. If it's not then kick them with an error like cod waw<br>
does. Ofc it<br>
would have to check if the server is running in LAN etc.<br>
<br>
Before PBBans redirected <a href="http://cod4master.activhsion.com" target="_blank">cod4master.activhsion.com</a><br></div></div>
<<a href="http://cod4master.activhsion.com" target="_blank">http://cod4master.activhsion.com</a>> to the real master server<div><div class="h5"><br>
we logged all IP's that connected to us. So far we have logged<br>
783 server ip's (Which I attached). PunkBuster has the ability<br>
to ban a<br>
server ip but I don't hear much on them anymore. From what I<br>
understand<br>
Activision has to send the IP's to EB for banning.<br>
<br>
Any player can check the authservername value by using "/pb_cvarval<br>
authservername" in the console.<br>
<br>
MaydaX<br>
Developer<br>
<a href="http://www.pbbans.com" target="_blank">http://www.pbbans.com</a><br>
<br>
Joker{eXtreme+} wrote:<br>
<file:///F:/Users/Seven/Desktop/cracked_list.zip><br>
> Mods are given freely, not paid for, so if the md5 doesn't<br>
check out,<br>
> the mod will crash, not the server or game. Just means you<br>
can't run<br>
> the mod without legit copy of the game ;)<br>
><br>
> That should skip all the newer laws just fine, but I will<br>
double check<br>
> with an attorney no problems (got a few in the family)<br>
><br>
> ~Joker<br>
> eXtreme+ mod<br>
> <a href="http://www.mycallofduty.com" target="_blank">http://www.mycallofduty.com</a><br>
<br>
<br>
No virus found in this incoming message.<br></div></div>
Checked by AVG - <a href="http://www.avg.com" target="_blank">www.avg.com</a> <<a href="http://www.avg.com" target="_blank">http://www.avg.com</a>><div class="im"><br>
Version: 8.5.339 / Virus Database: 270.12.44/2140 - Release<br>
Date: 05/28/09<br>
18:09:00<br>
<br>
_______________________________________________<br>
cod mailing list<br></div>
<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a> <mailto:<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a>><div class="im"><br>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
<br>
<br>
No virus found in this incoming message.<br></div>
Checked by AVG - <a href="http://www.avg.com" target="_blank">www.avg.com</a> <<a href="http://www.avg.com" target="_blank">http://www.avg.com</a>><div class="im"><br>
Version: 8.5.339 / Virus Database: 270.12.44/2140 - Release<br>
Date: 05/28/09 18:09:00<br>
<br>
<br>
_______________________________________________<br>
cod mailing list<br></div>
<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a> <mailto:<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a>><div class="im"><br>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
<br>
<br>
------------------------------------------------------------------------<br>
<br>
_______________________________________________<br>
cod mailing list<br>
<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a><br>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
<br>
<br>
<br>
__________ Information from ESET Smart Security, version of virus<br>
signature database 3877 (20090222) __________<br>
<br>
The message was checked by ESET Smart Security.<br>
<br>
<a href="http://www.eset.com" target="_blank">http://www.eset.com</a><br>
<br>
<br></div>
------------------------------------------------------------------------<div class="im"><br>
<br>
_______________________________________________<br>
cod mailing list<br>
<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a><br>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
</div></blockquote><div><div class="h5">
_______________________________________________<br>
cod mailing list<br>
<a href="mailto:cod@icculus.org" target="_blank">cod@icculus.org</a><br>
<a href="http://icculus.org/mailman/listinfo/cod" target="_blank">http://icculus.org/mailman/listinfo/cod</a><br>
</div></div></blockquote></div><br>