[b3nz]

Ultimate RCON security
Version: r1

sup everyone,

so this is a simple script that will prevent your server's RCON from any possibilites to steal its password. It does two things:

1. Punishes player (kicks or bans, depending on the settings set in the file) if he exceeds the warnings limit for trying to login into RCON with wrong password
2. Changes the RCON password immediatly every 3 invalid tries to login in.

Settings

I've tried to make the script as easy to understand and effiecient as I could think of. There are several settings in the file you might want to change:

pawn Код:

#define MAX_RCON_LENGHT             32          // What is the max lenght for a new RCON password?
#define MAX_RCON_WARNINGS           5           // How many times a player can input a wrong RCON password before he gets punished?
#define MAX_WRONG_INPUTS            3           // How many wrong RCON password inputs are needed for a new password?
#define PUNISHMENT                  1           // How should a player, who exceeded the MAX_RCON_WARNINGS limit, should be punished? 1 - ban, 2 - kick.

Other features

This script also has a 'rcon whitelist'. If the player's name is in the list, he can see the RCON password using /rcon_password command. I've did this because as I said, this script will change the RCON password to a random one if there'll be several invalid tries to login into RCON.

Download

Version: r1 (release date: 06.17.15)
Link: Pastebin (indentation is wrong somewhy)
Link: Solidfiles


If you have any questions and/or ideas, feel free to discuss. I've tested it alone and looks like it works just fine.

[SpikY_]

Not bad. Keep it up! +rep

[KayJ]

Seems you copied these codes from different scripts and paste into 1.

[b3nz]

Quote:

Originally Posted by Kyla Seems you copied these codes from different scripts and paste into 1.

Oh, really?

[Pottus]

Quote:

Originally Posted by Kyla Seems you copied these codes from different scripts and paste into 1.

Find the code copied and paste links if you can find examples but it seems original to me.

[Abagail]

I would recommend either:
a. Making a version using the "FileManager" and change the value in the server.cfg.
b. Print the new password to the console.
c. Make "rcon_password" act as also a rcon command(see OnRconCommand function).

[iFrame]

Quote:

Originally Posted by Pottus Find the code copied and paste links if you can find examples but it seems original to me.

Don't give a fuck. He's just throwing baseless assumptions.

On-Topic: Nice work there!

[b3nz]

Quote:

Originally Posted by Abagail I would recommend either: a. Making a version using the "FileManager" and change the value in the server.cfg. b. Print the new password to the console. c. Make "rcon_password" act as also a rcon command(see OnRconCommand function).

I could make another version of the filterscript using the plugin, but I don't think it's really worthful using a plugin for one simple filterscript. As for the second idea, it's already here (look at the bottom of the function 'ChangeRCONPassword)'. I'll use the third idea though.

Thank you.

[Pottus]

Quote:

Originally Posted by iFrame Don't give a fuck. He's just throwing baseless assumptions.

You think I don't know that? This FS is barely a valid release by the skin of it's teeth in all do respect to the author it is a mere fragment of which belongs to a full security system. How this pertains to making "baseless assumptions" I am certain the mods here would delete this thread on a dime if there is any sort of shenanigans going on suspected or not. So as useless I think this release is I was still sticking up for him because at least he tried.

[b3nz]

You people need to calm down. I just needed this kind of "system" (I don't even want to name it this way, lol) for myself, so I thought about sharing it with the others. Pottus, please explain what is a valid release for you? Cuhh.

peace out, yo.