Hi Sven. Do you mean that I have to re-install the RH again, or just change all passwords to hlds (like Rcon password, and the other passwords for HL) ??
Or do I have to change all local user passwords in RH ??? Regards Tuffy ----- Original Message ----- From: "Sven" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, December 13, 2003 12:05 PM Subject: Re: Re[2]: [hlds_linux] root-exploit through hlds? > Be careful... I've seen bindings from passwd to the ip and port of hlds... > Better set up your box again and change every password. > > Regards, > Sven > > ----- Original Message ----- > From: "HalfLife" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Saturday, December 13, 2003 2:58 AM > Subject: Re: Re[2]: [hlds_linux] root-exploit through hlds? > > > > Hi all. > > > > I've been hacked too, since my HLDM server frozee or crashed after 3-16 > > hours run time. I even had found some of those mentioned hack files and > > deleted em. > > > > Im running RH8.0 and upgraded the kernel from > > https://rhn.redhat.com/errata/RHSA-2003-392.html which is 2.4.20-24.8 > > > > My HLDM versions is: > > > > Protocol version 46 > > Exe version 3.1.1.0 > > Exe build: 14:46:34 Jun 11 2002 (2056) > > > > If I set the allowdownload = 0 are my server "secure" now, untill the > patch > > file from valve are released (If they will make it) ????? > > > > Regards > > > > Tuffy > > > > > > > > > > > > ----- Original Message ----- > > From: "Josephus" <[EMAIL PROTECTED]> > > To: "Sven" <[EMAIL PROTECTED]> > > Sent: Wednesday, December 10, 2003 1:45 PM > > Subject: Re[2]: [hlds_linux] root-exploit through hlds? > > > > > > > > > > > > > > > > I'm using 2.4.23-grsec and 3110c-boffix > > > everything is just fine :) > > > > > > S> Could be a mistake from our side... the kernel wasn't the newest, but > > we are > > > S> building a new kernel at the moment... the only question is: what was > > the > > > S> way the exploid uses to come on the system ? > > > > > > > > > S> ----- Original Message ----- > > > S> From: "jwm" <[EMAIL PROTECTED]> > > > S> To: <[EMAIL PROTECTED]> > > > S> Sent: Wednesday, December 10, 2003 12:14 PM > > > S> Subject: RE: [hlds_linux] root-exploit through hlds? > > > > > > > > > >> Sven <mailto:[EMAIL PROTECTED]> wrote: > > > >> > The password for the console is definetly NOT in any log file > > > >> > or something and totally different. > > > >> > The rcon also was changed days before. I don't have any ideas... > > > >> > > > > >> > In fact that km3 (http://august.v-lo.krakow.pl/~anszom/km3.c) > > > >> > was placed in the gameserver-directory and the user was the > > > >> > local customer, finally the passwd was binded to the > > > >> > gameserver ip and port (all gameservers have different ip's) > > > >> > I think there is a connection between that. > > > >> > Every customer have also different folders (gameserver, web and > irc). > > > >> > > > >> Is your kernel patched against the very old kmod/ptrace-bug? Cause > > that's > > > >> just what the exploit uses: > > > >> > > > >> /* lame, oversophisticated local root exploit for kmod/ptrace bug in > > linux > > > >> * 2.2 and 2.4 > > > >> * > > > >> * have fun > > > >> */ > > > >> > > > >> See also: > > > >> -> http://www.kb.cert.org/vuls/id/176888 > > > >> > > > >> jwm > > > >> > > > >> > > > >> _______________________________________________ > > > >> To unsubscribe, edit your list preferences, or view the list > archives, > > > S> please visit: > > > >> http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > >> > > > > > > > > > S> _______________________________________________ > > > S> To unsubscribe, edit your list preferences, or view the list > archives, > > please visit: > > > S> http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > > ------ > > > Udv: > > > Josephus > > > mailto:[EMAIL PROTECTED] > > > ---=[ "It doesn't protect from that" - Sandor Szalacsi ]=--- > > > > > > > > > > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list archives, > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > > > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
