[Boyka96]

Hii recently my server is getting several attacks from different IPs most of them were spams for different periods of time so I think it's a kind of bruteforce or something .. may someone please tell me what should I do ? I contacted the host they said it's nothing

[KayJ]

At your server.cfg put rcon 0 or use rcon protection filterscript (search on ****** for it)

[Boyka96]

I dont use rcon system anyway so rcon 0 will disable it ?

[DeitY]

rcon 0 = no password

anyhow, if they are trying from server or spamming rcon pw, simply

PHP код:

public OnRconLoginAttempt(ip[], password[], success)
{
    if(!success) //If the password was incorrect
    {
        printf("FAILED RCON LOGIN BY IP %s USING PASSWORD %s",ip, password);
        new pip[16];
        foreach(Player, i) //Loop through all players
        {
            GetPlayerIp(i, pip, sizeof(pip));
            if(!strcmp(ip, pip, true)) //If a player's IP is the IP that failed the login
            {
                //SendClientMessage(i, 0xFFFFFFFF, "Wrong Password. Bye!"); //Send a message, but if its brute its not needed..
                Ban(i); //They are now banned.
            }
        }
    }
    return 1;
} 


[Boyka96]

thanks

[Infinity]

Quote:

Originally Posted by DeitY rcon 0 = no password anyhow, if they are trying from server or spamming rcon pw, simply PHP код: public OnRconLoginAttempt(ip[], password[], success) {     if(!success) //If the password was incorrect     {         printf("FAILED RCON LOGIN BY IP %s USING PASSWORD %s",ip, password);         new pip[16];         foreach(Player, i) //Loop through all players         {             GetPlayerIp(i, pip, sizeof(pip));             if(!strcmp(ip, pip, true)) //If a player's IP is the IP that failed the login             {                 //SendClientMessage(i, 0xFFFFFFFF, "Wrong Password. Bye!"); //Send a message, but if its brute its not needed..                 Ban(i); //They are now banned.             }         }     }     return 1; }

This is simply not true. rcon 0 disables rcon completely.

And although your script might seem like a nice stopgap in theory, it's most likely the rcon attempts are not made from Ingame. Furthermore, rcon already banned the user after numerous attempts. Your script doesn't solve the issue.

[Sithis]

Better would be a firewall rule that prevents Rcon packets from non-whitelisted IPs.

[CalvinC]

Quote:

Originally Posted by Sithis Better would be a firewall rule that prevents Rcon packets from non-whitelisted IPs.

You can just script that.

pawn Код:

if(strcmp(ip, "127.0.0.1", true)) Kick(playerid);

Using the "whitelisted" IP instead of 127.0.0.1.

[Sithis]

Quote:

Originally Posted by CalvinC You can just script that. pawn Код: if(strcmp(ip, "127.0.0.1", true)) Kick(playerid); Using the "whitelisted" IP instead of 127.0.0.1.

I said firewall rule, that would prevent rcon packets from non-whitelisted IPs from reaching your sa-mp server altogether.