[chucho]

hola bueno amigos posteo en busca de su ayuda sucede que, desde hace unos dias un tipo esta jodiendo mi server, lo que hace es que entran varios nombres con la misma ip y salen y haci sucesivamente por varias veces lo que ya realize es por favor si tienen algun codigo o algun fs que me pueda ayudar les agradesco!

rcon 0
/rcon banip
npc 0
y lo ultimo que hise es
/rban ip

este es un log de mi server

Код:

[14:45:31] [join] _]HAX]BOT_MqF9 has joined the server (19:189.135.45.74)
[14:45:31] [part] _]HAX]BOT_24uX has left the server (2:2)
[14:45:31] [join] _]HAX]BOT_9JuR has joined the server (20:189.135.45.74)
[14:45:33] Incoming connection: 189.135.45.74:50036
[14:45:34] [join] _]HAX]BOT_24uX has joined the server (2:189.135.45.74)
[14:45:36] [part] _]HAX]BOT_9JuR has left the server (20:1)
[14:45:36] [part] _]HAX]BOT_ezKR has left the server (9:1)
[14:45:36] [part] _]HAX]BOT_iQA5 has left the server (10:1)
[14:45:36] [part] _]HAX]BOT_zVeA has left the server (5:1)
[14:45:36] [part] _]HAX]BOT_a7PJ has left the server (14:1)
[14:45:36] [part] _]HAX]BOT_UAzH has left the server (8:1)
[14:45:36] [part] _]HAX]BOT_IFH0 has left the server (16:1)
[14:45:36] [part] _]HAX]BOT_MrkV has left the server (7:1)
[14:45:36] [part] _]HAX]BOT_xh0P has left the server (12:1

esto no se que sea

Код:

[20:09:01] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:01] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:01] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:01] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:01] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:01] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:02] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:02] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:02] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:02] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:02] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:02] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:02] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:03] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:03] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:03] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:03] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:03] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023
[20:09:03] Packet was modified, sent by id: 10, ip: 189.135.47.108:51023

[TheChaoz]

utiliza el filterscript "maxips", este esta en cualquier servidor.

[chucho]

ok ese solo lo subo a mi server y lo pongo en cfg y listo? o algo mas que pueda hacer es que quiero mas seguridad

[Jovanny]

Con lo que te dijo Chaoz basta para detenerlo

[MrLevan]

Pues imaginate me paso lo mismo. server_log tenia 50MB

[logs] Refreshed at Wed Mar 14 00:00:06 GMT 2012
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:19] BAD RCON ATTEMPT BY: 176.73.30.15
[00:34:19] BAD RCON ATTEMPT BY: 176.73.30.15

[EduGTA]

Quote:

Originally Posted by MrLevan Pues imaginate me paso lo mismo. server_log tenia 50MB [logs] Refreshed at Wed Mar 14 00:00:06 GMT 2012 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:18] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:19] BAD RCON ATTEMPT BY: 176.73.30.15 [00:34:19] BAD RCON ATTEMPT BY: 176.73.30.15

Eso significa que un bot o persona estб tratando de acceder al rcon, y al fallar en el intento, aparece su IP para que lo banees.

[[Nikk]]

Quote:

Originally Posted by Edugta. Eso significa que un bot o persona estб tratando de acceder al rcon, y al fallar en el intento, aparece su IP para que lo banees.

Nunca entendi por que ponen eso de bad rcon attemp como un problema, solo hace un flood de consola, mientras no se loguee no pasa nada

[TheChaoz]

Quote:

Originally Posted by [Nikk] Nunca entendi por que ponen eso de bad rcon attemp como un problema, solo hace un flood de consola, mientras no se loguee no pasa nada

Si es un ataque de fuerza bruta y no tienes la rcon desactivada, existe una posivilidad de que encuentren la clave. (el porcentaje para claves decentes es muy bajo/nulo en periodos cortos)

[OTACON]

https://sampwiki.blast.hk/wiki/OnRconLoginAttempt

[Jovanny]

ese callback nada mas se llama cuando un player usa /rcon login pass no importa si falle o se logue, por lo tanto no sirve de nada ya que este tipo de flood no se hace ingame