SA-MP Forums Archive
samp-npc flagged as suspicious on linux - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: samp-npc flagged as suspicious on linux (/showthread.php?tid=464213)


samp-npc flagged as suspicious on linux - ikey07 - 15.09.2013

Suspicious process running under user User:

Код:
Executable:

/home/user/.gameservers/samp_0/samp-npc


Command Line (often faked in exploits):

/home/user/.gameservers/samp_0/samp-npc -h 127.0.0.1 -p 7777 -n Cocaine_Dealer -m npcidle -z fdsfds345df


Network connections by the process (if any):

udp: 0.0.0.0:7777 -> 0.0.0.0:0
udp: 0.0.0.0:58132 -> 0.0.0.0:0
tcp: 0.0.0.0:7777 -> 0.0.0.0:0
tcp: 127.0.0.1:52574 -> 127.0.0.1:3306


Files open by the process (if any):

/dev/null
/dev/pts/1
/dev/pts/1
/dev/pts/1
/home/user/.gameservers/samp_0/mysql_log.txt
/dev/pts/1
My eyes cought the last parameter of that command line fdsfds345df


and yes, I already use R2 server.

Re: samp-npc flagged as suspicious on linux - BJIADOKC - 15.09.2013

Quote:
Originally Posted by ikey07
Посмотреть сообщение
Suspicious process running under user User:

Код:
Executable:

/home/user/.gameservers/samp_0/samp-npc


Command Line (often faked in exploits):

/home/user/.gameservers/samp_0/samp-npc -h 127.0.0.1 -p 7777 -n Cocaine_Dealer -m npcidle -z fdsfds345df


Network connections by the process (if any):

udp: 0.0.0.0:7777 -> 0.0.0.0:0
udp: 0.0.0.0:58132 -> 0.0.0.0:0
tcp: 0.0.0.0:7777 -> 0.0.0.0:0
tcp: 127.0.0.1:52574 -> 127.0.0.1:3306


Files open by the process (if any):

/dev/null
/dev/pts/1
/dev/pts/1
/dev/pts/1
/home/user/.gameservers/samp_0/mysql_log.txt
/dev/pts/1
My eyes cought the last parameter of that command line fdsfds345df


and yes, I already use R2 server.
This is a server password, your captain.

Re: samp-npc flagged as suspicious on linux - ikey07 - 15.09.2013

what password if I havent set any

Re: samp-npc flagged as suspicious on linux - BJIADOKC - 15.09.2013

Quote:
Originally Posted by ikey07
Посмотреть сообщение
what password if I havent set any
Those params used in samp.exe (client) to connect to server. Param "-z" sets server password (that you type in box before connect)
I think samp-npc doing the same, but it gets password from server.cfg

Re: samp-npc flagged as suspicious on linux - linuxthefish - 16.09.2013

cPanel is going to report that as suspicious, It's expecting that people won't be running a gameserver on the same server they host websites on!

http://forum.configserver.com/viewtopic.php?f=6&t=2059