09-08-2009, 10:38 PM
Here are a few things that you can do and add to your game server to protect it from exploiters & hackers.
1) Do not give to anyone the RCON PASSWORD to your game server.
2) Never give out to anyone your game server FTP LOGIN NAME / FTP PASSWORD.
3) Never enable SV_CHEATS 1 in your game server change it to 0.
4) Add to your server.cfg file rcon authentication fail ban penalty. Copy & paste into your server.cfg file then make the necessary changes to your linkings.
http://forums.alliedmods.net/showthread.php?t=87553
You can also add to your game server "Rcon Locker / exploit fix" it will prevent your rcon password from being changed.
http://forums.alliedmods.net/showthread.php?t=93934
( Thanks devicenull for letting me know about this plugin. )
There's another plugin for sourcemod admin mod that you can add called "Command Blocker" you can block players from using commands you specify in the server.cfg file.
http://forums.alliedmods.net/showthread.php?t=73828
6) If you're using mattie eventscripts there's quite a few addons that use can use to proctect your game server.
Miauw Mzx's Anti-Exploits -- It blocks players from doing command exploits.
http://addons.eventscripts.com/addons/view/mizx_exploits
HackThis -- This plugin blocks unnconnected player names, protect rcon and channel overflow exploit.
http://addons.eventscripts.com/addons/view/HackThis
Exploit Coverup -- This plugin block players from known commands to crash your server.
http://addons.eventscripts.com/addons/view/exploit
IronWall -- Protects your game server from exploiters & hackers.
http://addons.eventscripts.com/addons/view/ironwall
Rcon LOCK -- Locks players from unloading the plugin and stops players changing your rcon password.
http://addons.eventscripts.com/addons/view/rcon_lock
Block crash -- Addon to stop players from using the reliable channel overflow exploit.
http://addons.eventscripts.com/addons/view/block_crash
Anti-cheat -- Addon to ban/kick players that use the unconnected exploit or sv_cheat 1
http://addons.eventscripts.com/addons/view/es_anti-cheat
7) Do not add too many plugins or mods to your game server. If one of the plugins or mods has an exploit how will you know which one is? you may have to disable / enable all plugins & mods to know which one is the one with the exploit.
8) Do not give to anyone the Login Name / Password to your game server providers control panel.
9) Scan your computer regularly for viruses, key loggers, spyware... not only to proctect your rcon login / password but also to proctect your steam account from being stolen / hijacked.
10) Let me know what #10 is? If you know of a way to protect your game server and is not listed here share it with us.
The original can be found here: 10 things to protect your game server
1) Do not give to anyone the RCON PASSWORD to your game server.
2) Never give out to anyone your game server FTP LOGIN NAME / FTP PASSWORD.
3) Never enable SV_CHEATS 1 in your game server change it to 0.
4) Add to your server.cfg file rcon authentication fail ban penalty. Copy & paste into your server.cfg file then make the necessary changes to your linkings.
Quote:sv_rcon_banpenalty 5 --- Number of minutes that a player can be banned 1 - 60 max5) If you're using sourcemod you can add a plugin called "Forlix FloodCheck" to protect your game server from chat spam & command flood.
sv_rcon_maxfailures 10 --- Number of times a player can retry to enter a password 1 - 20 max before being banned.
sv_rcon_minfailures 5 --- Number of times a player can retry to enter a password 1 - 20 max before being banned.
sv_rcon_minfailuretime 30 --- Number of seconds that a player has to wait until entering a password again 1 second - 60 minutes max.
http://forums.alliedmods.net/showthread.php?t=87553
You can also add to your game server "Rcon Locker / exploit fix" it will prevent your rcon password from being changed.
http://forums.alliedmods.net/showthread.php?t=93934
( Thanks devicenull for letting me know about this plugin. )
There's another plugin for sourcemod admin mod that you can add called "Command Blocker" you can block players from using commands you specify in the server.cfg file.
http://forums.alliedmods.net/showthread.php?t=73828
6) If you're using mattie eventscripts there's quite a few addons that use can use to proctect your game server.
Miauw Mzx's Anti-Exploits -- It blocks players from doing command exploits.
http://addons.eventscripts.com/addons/view/mizx_exploits
HackThis -- This plugin blocks unnconnected player names, protect rcon and channel overflow exploit.
http://addons.eventscripts.com/addons/view/HackThis
Exploit Coverup -- This plugin block players from known commands to crash your server.
http://addons.eventscripts.com/addons/view/exploit
IronWall -- Protects your game server from exploiters & hackers.
http://addons.eventscripts.com/addons/view/ironwall
Rcon LOCK -- Locks players from unloading the plugin and stops players changing your rcon password.
http://addons.eventscripts.com/addons/view/rcon_lock
Block crash -- Addon to stop players from using the reliable channel overflow exploit.
http://addons.eventscripts.com/addons/view/block_crash
Anti-cheat -- Addon to ban/kick players that use the unconnected exploit or sv_cheat 1
http://addons.eventscripts.com/addons/view/es_anti-cheat
7) Do not add too many plugins or mods to your game server. If one of the plugins or mods has an exploit how will you know which one is? you may have to disable / enable all plugins & mods to know which one is the one with the exploit.
8) Do not give to anyone the Login Name / Password to your game server providers control panel.
9) Scan your computer regularly for viruses, key loggers, spyware... not only to proctect your rcon login / password but also to proctect your steam account from being stolen / hijacked.
10) Let me know what #10 is? If you know of a way to protect your game server and is not listed here share it with us.
The original can be found here: 10 things to protect your game server
