1. SA-MP Forums Archive
  2. SA-MP Server
  3. Server Support

Threaded Mode
Server hacked
Dan.
Huge Clucker
****
Posts: 490
Threads: 78
Joined: Jul 2011
Reputation: 0
#1

14.08.2015, 17:36
Hi,

I encountered a problem when suddenly everyone in the server got a white loading screen. The hostname was changed to:

Hacked by Vegaz!skype:[skypecontact]

I have 'rcon 0' in my server config, using a safe 15+ character RCON password. This was in the server log:
[13:28:33] BAD RCON ATTEMPT BY: 146.148.112.229
[13:28:33] BAD RCON ATTEMPT BY: 146.148.112.229

A restart worked but how can I keep this from happening in the future? This is how it looked for the players: http://i.imgur.com/u2X3Lja.png

If you enter 'Hacked by Vegaz!skype' into ****** search, then you can find some old servers who had this problem aswell.
Find
Reply
HarrisonC
Big Clucker
***
Posts: 72
Threads: 9
Joined: Aug 2012
Reputation: 0
#2

14.08.2015, 17:52
I'm not sure how this happened but it would be really useful to note which player might have caused this and disclosing their IP upon request for servers to ban this guy.
Find
Reply
SoFahim
Gangsta
*****
Posts: 879
Threads: 63
Joined: May 2015
Reputation: 0
#3

14.08.2015, 18:05
He can do thing, because in server.cfg , there one line like rcon 1 . Just put it rcon 0

NOTE : If you cannot find in server rcon 1 , then just put rcon 0 .
Find
Reply
Dan.
Huge Clucker
****
Posts: 490
Threads: 78
Joined: Jul 2011
Reputation: 0
#4

14.08.2015, 18:08
If you read my original post, you can see that I already have 'rcon 0' in my config.
Find
Reply
SoFahim
Gangsta
*****
Posts: 879
Threads: 63
Joined: May 2015
Reputation: 0
#5

14.08.2015, 18:12
Quote:
Originally Posted by Dan.
Посмотреть сообщение
If you read my original post, you can see that I already have 'rcon 0' in my config.
REALLY? Ahh! But, This is impossible to do like like. hold on, are you trying to making troll here or real problem. Because if rcon 0 , then no Rcon can connect to the server. even if they try, there will be no log of that
Find
Reply
Dan.
Huge Clucker
****
Posts: 490
Threads: 78
Joined: Jul 2011
Reputation: 0
#6

14.08.2015, 18:14
I'll recheck my configs, maybe it indeed is on 1 somehow. But still a weird problem since he got access to my server with only 2 attempts on a long RCON password.
Find
Reply
Kapersky™
Gangsta
****
Posts: 698
Threads: 5
Joined: Jul 2014
Reputation: 0
#7

14.08.2015, 18:21
He's a Russian hacker, I've encountered him at many servers. I guess he's some quality hacks or quality tricks. Are you sure your RCON was not only in Alphabets or numbers (it is easy to crack if only alphabets or numbers are there). You should use format like this "XYZ.123@9836;YHSK[LOL]" at least the mixture of special characters and alphabets; and numbers
Find
Reply
[WSF]ThA_Devil
Gangsta
****
Posts: 662
Threads: 102
Joined: Sep 2010
Reputation: 0
#8

14.08.2015, 19:44
I opt-in for a method of random RCON password each login. I handle my RCON stuff using YSF, and on each RCON login attempt, I just change a password for a random one.
Find
Reply
Jake187
Gangsta
****
Posts: 617
Threads: 6
Joined: Oct 2011
Reputation: 0
#9

15.08.2015, 00:08
Limit rcon attempts to one only, if fails autoban simple as that. Nobody should be attempting to login to the rcon besides yourself and if you get the password wrong than you ban yourself simple as that.
Find
Reply
Trollerz
Banned
Posts: 274
Threads: 67
Joined: Oct 2014
#10

15.08.2015, 08:02
Find
Reply
« Next Oldest | Next Newest »


Forum Jump:


Users browsing this thread: 1 Guest(s)
  1. SA-MP Forums Archive
  2. SA-MP Server
  3. Server Support