[hlds] Mandatory Nuclear Dawn Update Released
We've released a mandatory update to Nuclear Dawn. The notes for the ND Update 6.6 are below. Gameplay and Balance - Slightly lowered NX300 damage output against players. - Slightly raised Sonic Turrent damage output to balance with Flame Turret's extra fire damage. - Lowered Machine Gun Turret cost to 2500. - Commanders now get points for a critical assist if player-initiated artillery strike kills an enemy. - Empire commander ability poison is now differently colored to distinguish between it and Consortium's. - Commander poison ability now matches description and no longer hurts teammates unless friendly fire is enabled. - Fixed NX300 not hurting teammates with friendly fire enabled. Client - Updated Report a Bug link. - Added invert mouse wheel zoom option to Options panel. - Fixed bad password connect error box using lan server error text after a recent update. - Fixed a bug that allowed malicious servers to execute restricted console commands on players. - Fixed a bug that allowed malicious servers to prevent players from executing console commands. Server - Added sv_allow_addon_override (default 0) to block client addon vpks from overriding game files. - Added mp_winlimit cvar. - Added sv_namechange_cooldown_seconds, to throttle clients from changing their name too rapidly. (Defaults to 20 seconds) - Added check to prevent player names from containing color codes. - setinfo console command will now reject attempts to set / change convars with any unusual characters - Tweaked team balancer logic to be smarter about when and whom to move. - Fixed some exploits where a malicious client could intentionally crash a server. - Fixed typo in name of research_complete event; added research completion logging. - Added rate limiting for connections and added the following convars, sv_max_connects_sec, sv_max_connects_window, sv_max_connects_sec_global. Other - Fixed being able to use some weapons (mostly throwables) while on ladder or sprinting. - Fixed in-chair commanders being unable to chat at round end. - Fixed some issues with wall and barrier collision performance. - Fixed a bug that allowed server browser network activity to continue after choosing a server. - Fixed missing effect console error when reloading Avenger. - Fixed sv_offline console error when going into Offline Practice mode. - Marked mem_force_flush as a cheat to prevent client exploits. - Fixed a packet injection exploit in the client/server streams. - Updated localizations. Mapping / Modding - Added numerous functions to the vscript api (see https://developer.valvesoftware.com/wiki/List_of_ND_Script_Functions). - Added OnResearchUnlockedConsortium and OnResearchUnlockedEmpire outputs to nd_logic_custom ent. - Added OnConditionAdded and OnConditionRemoved outputs to player. See wiki for value meanings. Hydro - Fixed commanders being able to deploy structures outside of the level in some areas. Clocktower - Fixed commanders being able to deploy structures in the parking garage. Gate - No longer in beta. - Updated overview. - Updated loading screen. -- Nicholas Hastings Developer InterWave Studios www.interwavestudios.com http://www.interwavestudios.com ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
[hlds] Mandatory TF2, DoD:S, HL2:DM updates coming
We're working on mandatory updates for TF2, DoD:S, and HL2:DM. We should have them ready soon. -Eric ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
[hlds] Mandatory TF2, DoD:S, and HL2:DM updates released
We've released mandatory updates to TF2, DoD:S, and HL2:DM. The notes for the updates are below. -Eric -- Shared Changes (TF2, DoD:S, HL2:DM) - Improved the performance of the libraries used for in-game HTML display Team Fortress 2 - Added new promo items - Fixed hats sometimes appearing multiple times in incorrect locations when changing classes - Fixed Demoman shields not reducing explosive damage in non-MvM games - Fixed the tf_bot_add command using the same name for all of the bots when adding multiple bots simultaneously - Updated the localization files - Moved map descriptions into the localization files - Map descriptions will still be loaded from the maps folder first if they exist - Updated Mann vs. Machine - Fixed a bug where players could only buy 1 upgrade at a time from the upgrade station - Fixed a bug where the Victory dialog would sometimes show during incorrect times ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
[hlds] Bruteforcing RCON
Someone is bruteforcing on my server with spoofed IPs and i have no idea on how to stop it! Today my listip.cfg was about 1,1k of banned ips... 20min logging: http://puu.sh/19j7X and there is even more! (about 20k+ of lines) I have to disable rcon (rcon_password) to avoid banning shared ips used on spoof... Any solutio for that? There is a way to make rcon_password only to specified IPs? Thanks anyway!___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] Bruteforcing RCON
Who did you piss off? to help you out further can you provide info on your hardware? Windows, Linux, Company Hosted? Game? On 9/27/2012 8:58 PM, Rafael wrote: Someone is bruteforcing on my server with spoofed IPs and i have no idea on how to stop it! Today my listip.cfg was about 1,1k of banned ips... 20min logging: http://puu.sh/19j7X and there is even more! (about 20k+ of lines) I have to disable rcon (rcon_password) to avoid banning shared ips used on spoof... Any solutio for that? There is a way to make rcon_password only to specified IPs? Thanks anyway! ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] Bruteforcing RCON
What's to say the IPs aren't allocated to machines that have been exploited? Reporting them to police when they're in different countries would have no effect anyway, I doubt any Peruvian police force has jurisdiction in Greece, or vice versa. __ Level 3 Technician Griffin Networks LLC - Gaming Solutions - Original Message - From: bottige...@gmail.com To: Half-Life dedicated Win32 server mailing list Sent: Friday, September 28, 2012 12:49 AM Subject: Re: [hlds] Bruteforcing RCON RCON uses TCP which does not allow spoofing. The IPs are not spoofed. If you look at your own logs it is the same few IPs. You can go ahead and report them to the police. On Thu, Sep 27, 2012 at 9:04 PM, Cameron Munroe cmun...@cameronmunroe.com wrote: Who did you piss off? to help you out further can you provide info on your hardware? Windows, Linux, Company Hosted? Game? On 9/27/2012 8:58 PM, Rafael wrote: Someone is bruteforcing on my server with spoofed IPs and i have no idea on how to stop it! Today my listip.cfg was about 1,1k of banned ips... 20min logging: http://puu.sh/19j7X and there is even more! (about 20k+ of lines) I have to disable rcon (rcon_password) to avoid banning shared ips used on spoof... Any solutio for that? There is a way to make rcon_password only to specified IPs? Thanks anyway! ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds -- ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] Bruteforcing RCON
No, on goldsrc it uses UDP. Look at his logs. The gamedir is 'valve'. (HLDM) On 9/28/2012 12:49 AM, bottige...@gmail.com wrote: RCON uses TCP which does not allow spoofing. The IPs are not spoofed. If you look at your own logs it is the same few IPs. You can go ahead and report them to the police. On Thu, Sep 27, 2012 at 9:04 PM, Cameron Munroe cmun...@cameronmunroe.com mailto:cmun...@cameronmunroe.com wrote: Who did you piss off? to help you out further can you provide info on your hardware? Windows, Linux, Company Hosted? Game? On 9/27/2012 8:58 PM, Rafael wrote: Someone is bruteforcing on my server with spoofed IPs and i have no idea on how to stop it! Today my listip.cfg was about 1,1k of banned ips... 20min logging: http://puu.sh/19j7X and there is even more! (about 20k+ of lines) I have to disable rcon (rcon_password) to avoid banning shared ips used on spoof... Any solutio for that? There is a way to make rcon_password only to specified IPs? Thanks anyway! ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds -- Nicholas Hastings AlliedMods.net http://www.alliedmods.net ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] Bruteforcing RCON
Rafael - RCON is just completely/inherently insecure, which I am sure by now somebody else has pointed-out in detail. If somebody hasn't said so already, just disable RCON, and use server-side mod instead: --- AMX-Mod-X for old GoldSrc engine games (HL1, TFC, CStrike 1.6, etc.) --- SourceMod for Source/Orangebox engine games (HL2, TF2, CS:S, etc.). In addition to providing a lot of functionality without having to send commands to the console, they both also have their own RCON-equivelant way of accomplishing that to. And, authentication is generally based on the behind-the-scenes SteamID of the player - which (in theory) is already secured (Steam tickets - kind of like kerberos by the sounds of it). Message: 3 Date: Fri, 28 Sep 2012 00:58:46 -0300 (Hora oficial do Brasil) From: Rafael rafa.ma...@gmail.com To: hlds@list.valvesoftware.com Subject: [hlds] Bruteforcing RCON Message-ID: 50652076.05.05900@PC1-PC Content-Type: text/plain; charset=iso-8859-1 Someone is bruteforcing on my server with spoofed IPs and i have no idea on how to stop it! Today my listip.cfg was about 1,1k of banned ips... 20min logging: http://puu.sh/19j7X and there is even more! (about 20k+ of lines) I have to disable rcon (rcon_password) to avoid banning shared ips used on spoof... Any solutio for that? There is a way to make rcon_password only to specified IPs? Thanks anyway! ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
