Mattie wrote: > As people mentioned, steam won't work because of remote rcon (like HLSW, web > consoles, etc). An IP whitelist could be better, but it's more complicated > to implement and people use HLSW from multiple locations. > > Still, what I'm looking for is the simplest, least impactful change to > improve security. Rcon behavior is surely over a decade old by now and > people use it in different ways-- the idea is to minimally impact the > day-to-day for admins while preventing their servers from being taken over > when they're not around because of some Source or plugin exploit. > > Is this sacrifice too big to prevent newbie and experienced admins some of > the current grief they have from getting banned from their own servers, etc? > That's really the question I'm asking here. > > Thanks for all the great feedback so far, guys! > -Mattie > > On Thu, Oct 16, 2008 at 1:55 AM, kama <[EMAIL PROTECTED]> wrote: > >
Surely, the best way to do this would be to lock setting an rcon_password to the server.cfg and the only way to change it would be either map change and/or exec server.cfg and/or restarting the server. This way rather than starting to limit it to ips/steam ids and having to create mass whitelists, its in one file & only people with access can set it. ================================================ This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone +44 845 868 1337 or return the E.mail to [EMAIL PROTECTED] _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
