On Fri, Feb 28, 2003 at 09:13:06AM +1300, Jeremy Brooking wrote:
On Fri, 2003-02-28 at 08:27, Blaine Kahle wrote:
Oh come on. Let's assume you're paranoid and are filtering outbound
traffic as well, a somewhat rare practice. I manage to get my software
rare? well yes I suppose it is when
Blaine Kahle said:
Oh come on [snip] ...I now have
the ability to execute arbitrary commands/software inside your network.
Yes, there are many things you can do because you've found a vulnerability
on a box on my network. The point I am making is that there is one fewer
thing you can do if
On one single server you either allow access to a port or you
don't. If you don't then don't have a service running at that
port. If you do then the weak point is the application that
serves this port and a firewall doesn't help.
Getting people to understand that is just...amazingly
Deacon said:
Whether through one port
or one hundred ports, it's only that software that'll be responding on
those ports. You are not any more or less secure opening port #100 than
you were at port #1.
When it's on one port or on specific ports, then the software generally
sits and listens
On Thu, Feb 27, 2003 at 08:34:18AM -0800, Mad Scientist wrote:
Deacon said:
Whether through one port or one hundred ports, it's only that
software that'll be responding on those ports. You are not any more
or less secure opening port #100 than you were at port #1.
When it's on one port
: [hlds_linux] rcon hacking w/out being logged into server?
Let's get serious here why don't we. The person asking the
original question is looking for a way to stop peeps from
attemting to crack their rcon password. If you have any other
way to stop a person from attemting to crack your rcon
Not even if your running in extra secure mode?
Moot argument. If you have malicious software running on your trusted
network, you're already toast. Firewall-foo will not save you.
--
Blaine Kahle
[EMAIL PROTECTED]
0x178AA0E0
___
To unsubscribe,
Blaine Kahle said:
Moot argument. If you have malicious software running on your trusted
network, you're already toast. Firewall-foo will not save you.
If you are already compromised, but there are no available ports for the
cracker to make use of, this limits what can be done with your system.
--Original Message-
-From: [EMAIL PROTECTED]
-[mailto:[EMAIL PROTECTED] Behalf Of Florian
-Zschocke
-Sent: Wednesday, February 26, 2003 2:43 AM
-To: [EMAIL PROTECTED]
-Subject: Re: [hlds_linux] rcon hacking w/out being logged into server?
-
-
-Bryan R. Yablonski wrote:
- I suggest always
On Tue, 25 Feb 2003, Eric (Deacon) wrote:
So this is normal? Wow. I'm glad I have rcon disabled.
You...have rcon disabled??
if the rcon_password is empty you cant utilize rcon commands from clients
or using any other udp connection... if i recall correctly
One other way is to use a
Bryan R. Yablonski wrote:
Damn, its actually over but I'll reply nevertheless.
Let's get serious here why don't we.
I wasn't joking.
The person asking the original
question is looking for a way to stop peeps from attemting to crack
their rcon password. If you have any other way to stop a
Hello, this is my first post to the list.
I noticed something strange on my server a few minutes ago. Someone was
trying to guess my rcon password and execute commands on my dedicated
server. They were using passwords like leet and baby while trying to
change SV_GRAVITY to 800. When I typed
rcon_address would allow them to try rcon commands without being logged into
the server.
-Original Message-
From: David Rosner [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 2:01 PM
To: [EMAIL PROTECTED]
Subject: [hlds_linux] rcon hacking w/out being logged into server
, 2003 10:01 PM
-To: [EMAIL PROTECTED]
-Subject: [hlds_linux] rcon hacking w/out being logged into server?
-
-
-Hello, this is my first post to the list.
-
-I noticed something strange on my server a few minutes ago. Someone was
-trying to guess my rcon password and execute commands on my dedicated
:[EMAIL PROTECTED]
Sent: Tuesday, February 25, 2003 7:55 PM
To: [EMAIL PROTECTED]
Subject: RE: [hlds_linux] rcon hacking w/out being logged into server?
On Tue, 25 Feb 2003, Eric (Deacon) wrote:
So this is normal? Wow. I'm glad I have rcon disabled.
You...have rcon disabled??
I hear its
If you knew what a 'hacker' was you wouldnt be saying the above.
Linus is a hacker...
Ah, the always evolving concept of language...isn't it lovely? :)
--
Eric (the Deacon remix)
___
To unsubscribe, edit your list preferences, or view the list
Bryan R. Yablonski wrote:
I suggest always having a firewall in front of your server. Even simple
software firewalls are enough to thwart the actions of fools that try to
hack!
Ah, right, the one-saves-all firewall answer. Brilliant idea.
Block the hlds port and nobody will be able to hack your
17 matches
Mail list logo
