[Kyance]

I asked my friend, to add my gamemode to his server for a test, and i told him to do RCON logins etc..

But after some time, when he gave me the chatlog:

Код:

[10:25:25] BAD RCON ATTEMPT BY: 86.57.***.***
[10:27:30] BAD RCON ATTEMPT BY: 86.57.***.***
[10:29:36] BAD RCON ATTEMPT BY: 86.57.***.***
[10:31:40] BAD RCON ATTEMPT BY: 86.57.***.***
[10:33:44] BAD RCON ATTEMPT BY: 86.57.***.***
[10:35:48] BAD RCON ATTEMPT BY: 86.57.***.***
[10:37:55] BAD RCON ATTEMPT BY: 86.57.***.***
[10:40:06] BAD RCON ATTEMPT BY: 86.57.***.***
[10:42:15] BAD RCON ATTEMPT BY: 86.57.***.***
[10:44:29] BAD RCON ATTEMPT BY: 86.57.***.***
[10:46:44] BAD RCON ATTEMPT BY: 86.57.***.***
[10:48:55] BAD RCON ATTEMPT BY: 86.57.***.***
[10:51:07] BAD RCON ATTEMPT BY: 86.57.***.***
[10:53:20] BAD RCON ATTEMPT BY: 86.57.***.***
[10:55:33] BAD RCON ATTEMPT BY: 86.57.***.***
[10:57:48] BAD RCON ATTEMPT BY: 86.57.***.***
[11:00:04] BAD RCON ATTEMPT BY: 86.57.***.***
[11:17:58] BAD RCON ATTEMPT BY: 178.167.**.***
[11:19:19] BAD RCON ATTEMPT BY: 178.167.**.***
[11:20:49] BAD RCON ATTEMPT BY: 178.167.**.***
[11:22:15] BAD RCON ATTEMPT BY: 178.167.**.***
[11:23:42] BAD RCON ATTEMPT BY: 178.167.**.***
[11:25:07] BAD RCON ATTEMPT BY: 178.167.**.***
[11:26:40] BAD RCON ATTEMPT BY: 178.167.**.***
[11:28:27] BAD RCON ATTEMPT BY: 178.167.**.***
[11:30:15] BAD RCON ATTEMPT BY: 178.167.**.***
[11:31:54] BAD RCON ATTEMPT BY: 178.167.**.***
[11:33:35] BAD RCON ATTEMPT BY: 178.167.**.***
[11:36:00] BAD RCON ATTEMPT BY: 178.167.**.***
[11:38:18] BAD RCON ATTEMPT BY: 178.167.**.***
[11:40:39] BAD RCON ATTEMPT BY: 178.167.**.***
[11:42:52] BAD RCON ATTEMPT BY: 178.167.**.***
[11:45:03] BAD RCON ATTEMPT BY: 178.167.**.***
[11:46:56] BAD RCON ATTEMPT BY: 178.167.**.***
[11:48:55] BAD RCON ATTEMPT BY: 178.167.**.***
[11:50:58] BAD RCON ATTEMPT BY: 178.167.**.***
[11:52:56] BAD RCON ATTEMPT BY: 178.167.**.***
[11:55:32] BAD RCON ATTEMPT BY: 178.167.**.***
[11:57:42] BAD RCON ATTEMPT BY: 178.167.**.***
[12:00:34] BAD RCON ATTEMPT BY: 178.167.**.***
[12:03:40] BAD RCON ATTEMPT BY: 178.167.**.***
[12:06:27] BAD RCON ATTEMPT BY: 178.167.**.***
[12:09:12] BAD RCON ATTEMPT BY: 178.167.**.***
[12:12:13] BAD RCON ATTEMPT BY: 178.167.**.***
[12:16:06] BAD RCON ATTEMPT BY: 178.167.**.***
........................
[14:29:41] BAD RCON ATTEMPT BY: 178.167.**.***
[14:33:19] BAD RCON ATTEMPT BY: 178.167.**.***
[14:37:01] BAD RCON ATTEMPT BY: 178.167.**.***
[14:40:18] BAD RCON ATTEMPT BY: 178.167.**.***
[14:45:42] BAD RCON ATTEMPT BY: 86.57.***.***
[14:46:59] BAD RCON ATTEMPT BY: 86.57.***.***
[14:48:18] BAD RCON ATTEMPT BY: 86.57.***.***
[14:49:39] BAD RCON ATTEMPT BY: 86.57.***.***
[14:51:00] BAD RCON ATTEMPT BY: 86.57.***.***
[14:52:24] BAD RCON ATTEMPT BY: 86.57.***.***
[14:53:52] BAD RCON ATTEMPT BY: 86.57.***.***
[14:55:20] BAD RCON ATTEMPT BY: 86.57.***.***

I tried IP banning the IPs, but it didn't work, and my script didn't detect them/him either..

[]Rafaellos[]

There is a program that brute-force the RCON remotely. It's going to work if you have simple password but it's going to take a LOT of time to actually find it.

[Latyos]

Let me guess ip addresses:

178.167.40.195
86.57.187.228

I'm having these attacks too.

By the way if you want to prevent your rcon got hacked use rcon 0 for server.cfg and set your rcon password complex like "asHdfsЈ#>Ј1231243$Ј#423fAdHsd"

[Scenario]

The OnRconLogin callback in your script only detects when someone tries to log into RCON via /rcon login. You simply need to set rcon to 0 in your server.cfg file and then ban those two IPs.

[Kyance]

Quote:

Originally Posted by Latyos Let me guess ip addresses: 178.167.40.195 86.57.187.228 I'm having these attacks too. By the way if you want to prevent your rcon got hacked use rcon 0 for server.cfg and set your rcon password complex like "asHdfsЈ#>Ј1231243$Ј#423fAdHsd"

Yeah, exactly.


This is my OnRconLogin ... script:

pawn Код:

public OnRconLoginAttempt(ip[], password[], success)
{
    new playerid;
    if(!success)
    {
        if(Warns[playerid] == 2)
        {
            if(PlayerInfo[playerid][pFailedRCON] <= 1)
            {
                new name[MAX_PLAYER_NAME], string[94];
                GetPlayerName(playerid, name, sizeof(name));
                format(string, sizeof(string), "* %s[%d] was automatically KICKED for failed RCON Login Attempts [3/3]!", name, playerid);
                SendClientMessageToAll(COLOR_RED, string);
                SetTimerEx("KickTimer", 100, false, "i", playerid);
                PlayerInfo[playerid][pTimesKicked]++;
                PlayerInfo[playerid][pFailedRCON]++;
                printf("%s has been AUTO-KICKED for Failed RCON Login(s) - IP: %s - PASSWORD: %s", name, playerid, ip, password);
            }
            else if (PlayerInfo[playerid][pFailedRCON] >= 2)
            {
                new name[MAX_PLAYER_NAME], string[94], plrIP[16];
                GetPlayerIp(playerid, plrIP, sizeof(plrIP));
                GetPlayerName(playerid, name, sizeof(name));
                format(string, sizeof(string), "* %s[%d] was automatically BANNED for MULTIPLE failed RCON Login Attempts!", name, playerid);
                SendClientMessageToAll(COLOR_RED, string);
                SetTimerEx("BanTimer", 50, false, "i", playerid);
                format(string, sizeof(string), "banip %s", plrIP);
                SendRconCommand(string);
                PlayerInfo[playerid][pACBanned] = 1;
                PlayerInfo[playerid][pTimesKicked]++;
                PlayerInfo[playerid][pFailedRCON] = 3;
                printf("%s has been AUTO-BANNED for Failed RCON Login(s) - IP: %s - PASSWORD: %s", name, playerid, ip, password);
            }
        }
        else
        {
            new name[MAX_PLAYER_NAME], string[94];
            GetPlayerName(playerid, name, sizeof(name));
            Warns[playerid]++;
            format(string, sizeof(string), "* Failed RCON Login Attempt - [ %d / 3 ]", Warns[playerid]);
            SendClientMessage(playerid, COLOR_RED, string);
            format(string, sizeof(string), "* WARNING * Player %s[%d] is attempting to login the RCON - IP: %s -", name, playerid, ip);
            SendMessageToAdmins(COLOR_RED, string);
            printf("%s has tried to login in RCON - IP: %s - PASSWORD: %s", name, playerid, ip, password);
        }
    }
    return 1;
}

I actually don't get any PRINTF warnings, when they attempt to login.. And my password is kinda complex (6 letters, 4 numbers)

Anyways..
"rcon 0", if it's disabled, will stuff like "/rcon login MYPASSWORD" or "SendRconCommand("gmx") work?

[Bingo]

SendRconCommand("gmx");

This will restart your server mate, Just change it to rcon 0.

[Kyance]

Quote:

Originally Posted by [vTc]Patroool SendRconCommand("gmx"); This will restart your server mate, Just change it to rcon 0.

I know that, I just a have a Admin-Panel script.. which uses the gmx to restart the server, That's why I'm asking, if the RCON Commands( Like GMX, Unloadfs etc. ) will work, if the RCON is set to 0? ;d

[Bingo]

Yes i guess it will work because its under GameMode.

[Kyance]

Quote:

Originally Posted by [vTc]Patroool Yes i guess it will work because its under GameMode.

Alright, will try it out, thanks everyone.

[Bingo]

Quote:

Originally Posted by Kyance Alright, will try it out, thanks everyone.

Alright, Your most welcome enjoy!

Tip: Make your password as hard f.... you can, Use symbols, Alphabet, Numbers etc.