Login

Dispenz0r · (This post was last modified: 05-06-2015, 06:09 AM by Dispenz0r.)

"Banning xxx.xxx.xxx.xx (ip) for rcon hacking attempts"

what is the reason of this?

luedfe · 12-27-2011, 12:01 AM

Implement a firewall behind the server!

Regards,
Luis Carlos (Brazil)
Skype: lcb.lucas
MSN: lcb.lucas@hotmail.com

12-27-2011, 12:10 AM

I get these everyday. WHen I trace them, they always come from Russia and occasionally Ukraine so mostly some bot. Just have a strong password so they cannot guess.

luedfe · 12-27-2011, 01:40 AM

It´s happened on my server too....almost every day!

I don´t know if have solution, because even with a firewall behind the server, the ports 27015, 27016, ..... is open...

Regards,

Luis Carlos (Brazil)
Skype: lcb.lucas
MSN: lcb.lucas@hotmail.com

shadow501 · (This post was last modified: 12-27-2011, 02:35 AM by shadow501.)

Firewall won't do anything to protect people from trying to hack your rcon password. The server port must be open in the firewall to access your server for gaming.

Here's my personal security good pratice...

Use the "Advanced RCON module from your server.cfg file

sv_rcon_banpenalty
sv_rcon_maxfailures
sv_rcon_minfailures
sv_rcon_minfailuretime
sv_rcon_log

Make sure your RCON password has upper and lower case letters,
numbers any weird characters like !@#$%^&*.
Make sure your password is long enough, like over 10 characters.
Make sure it has no meaning when trying to read it!
Change you password on a regular basis (Every month or 2)
Put the server.cfg file "read only"

shadow501 · (This post was last modified: 12-27-2011, 02:30 AM by shadow501.)

(12-26-2011, 05:59 AM)Dispenz0r Wrote: i cant also connect to my server

What message you are getting when trying to connect?
Also what Admin Module are you using to manage your server?

Madgod24 · 01-05-2012, 03:27 PM

even if they do cant you just change the password?

jacek2144 · (This post was last modified: 01-09-2012, 05:11 AM by jacek2144.)

Open these ports:

PROTOCOL / INBOUND / OUTBOUND
UDP 1200 1200
UDP 26901 26901 (This will allow the server to show up on the master server list.)
UDP 27000 27015
TCP 27020 27039
UDP 27015 27015 (you may not be able to open this one, but it is suggested that you try)
UDP 27020 27020
TCP 27015 27015

click4dylan · 01-12-2012, 03:53 AM

i'm having brute force attacks as well on my rcon. for days actually

spunkster21 · 01-13-2012, 06:11 AM

If you're on Linux use iptables to implement rules to operate an RCON whitelist (in other words block EVERYTHING from RCON except what you want to use it).

E.g.

Exception:
iptables -I INPUT -p tcp -s xx.xxx.xx.xxx --destination-port 27015 -j ACCEPT

Block everything else:
iptables -A INPUT -p tcp --destination-port 27015 -j DROP

I'd suggest reading the following to gain a better understanding of how to secure your game server.

http://www.cyberciti.biz/tips/linux-iptables-examples.html
http://forums.alliedmods.net/showthread.php?t=151551&highlight=dos+attacker

click4dylan · 01-13-2012, 08:33 AM

ive never used linux, dont plan on it. windows for srcds modding forever

Login
Username:
Password:	Lost Password?
	Remember me