Blaine Kahle said:
> Oh come on [snip] ...I now have
> the ability to execute arbitrary commands/software inside your network.
Yes, there are many things you can do because you've found a vulnerability
on a box on my network. The point I am making is that there is one fewer
thing you can do if
Blaine Kahle said:
> Moot argument. If you have malicious software running on your "trusted"
> network, you're already toast. Firewall-foo will not save you.
If you are already compromised, but there are no available ports for the
cracker to make use of, this limits what can be done with your syst
Not even if your running in "extra secure mode"?
> Moot argument. If you have malicious software running on your "trusted"
> network, you're already toast. Firewall-foo will not save you.
>
> --
> Blaine Kahle
> [EMAIL PROTECTED]
> 0x178AA0E0
> ___
> To
ED]
> Subject: RE: [hlds_linux] rcon hacking w/out being logged into server?
>
> > Let's get serious here why don't we. The person asking the
> > original question is looking for a way to stop peeps from
> > attemting to crack their rcon password. If you have a
On Thu, Feb 27, 2003 at 08:34:18AM -0800, Mad Scientist wrote:
> Deacon said:
> > Whether through one port or one hundred ports, it's only that
> > software that'll be responding on those ports. You are not any more
> > or less secure opening port #100 than you were at port #1.
>
> When it's on on
Deacon said:
> Whether through one port
> or one hundred ports, it's only that software that'll be responding on
> those ports. You are not any more or less secure opening port #100 than
> you were at port #1.
When it's on one port or on specific ports, then the software generally
sits and liste
> On one single server you either allow access to a port or you
> don't. If you don't then don't have a service running at that
> port. If you do then the weak point is the application that
> serves this port and a firewall doesn't help.
Getting people to understand that is just...amazingly diffic
Bryan R. Yablonski wrote:
Damn, its actually over but I'll reply nevertheless.
Let's get serious here why don't we.
I wasn't joking.
The person asking the original
question is looking for a way to stop peeps from attemting to crack
their rcon password. If you have any other way to stop a person
On Tue, 25 Feb 2003, Eric (Deacon) wrote:
> > So this is normal? Wow. I'm glad I have rcon disabled.
>
> You...have rcon disabled??
if the rcon_password is empty you cant utilize rcon commands from clients
or using any other udp connection... if i recall correctly
One other way is to use a
->-Original Message-
->From: [EMAIL PROTECTED]
->[mailto:[EMAIL PROTECTED] Behalf Of Florian
->Zschocke
->Sent: Wednesday, February 26, 2003 2:43 AM
->To: [EMAIL PROTECTED]
->Subject: Re: [hlds_linux] rcon hacking w/out being logged into server?
->
->
->B
Bryan R. Yablonski wrote:
I suggest always having a firewall in front of your server. Even simple
software firewalls are enough to thwart the actions of fools that try to
hack!
Ah, right, the one-saves-all firewall answer. Brilliant idea.
Block the hlds port and nobody will be able to "hack" your
> > If you knew what a 'hacker' was you wouldnt be saying the above.
>
> Linus is a hacker...
Ah, the always evolving concept of language...isn't it lovely? :)
--
Eric (the Deacon remix)
___
To unsubscribe, edit your list preferences, or view the list
On Wed, 2003-02-26 at 16:56, Bryan R. Yablonski wrote:
> I suggest always having a firewall in front of your server. Even simple
> software firewalls are enough to thwart the actions of fools that try to
> hack! Trust me if a real hacker set their sights on your server you
> will certainly loose!
mailto:[EMAIL PROTECTED]
> Sent: Tuesday, February 25, 2003 7:55 PM
> To: [EMAIL PROTECTED]
> Subject: RE: [hlds_linux] rcon hacking w/out being logged into server?
>
> On Tue, 25 Feb 2003, Eric (Deacon) wrote:
>
> > > So this is normal? Wow. I'm glad I have rcon disa
> So this is normal? Wow. I'm glad I have rcon disabled.
You...have rcon disabled??
--
Eric (the Deacon remix)
___
To unsubscribe, edit your list preferences, or view the list archives, please visit:
http://list.valvesoftware.com/mailman/listinfo/hlds
ailto:[EMAIL PROTECTED] Behalf Of Kevin J.
Anderson
Sent: Tuesday, February 25, 2003 10:06 PM
To: [EMAIL PROTECTED]
Subject: RE: [hlds_linux] rcon hacking w/out being logged into server?
yeah, any program such as hlsw can send rcon commands from outside a client,
hence from anywhere on the internet.
yeah, any program such as hlsw can send rcon commands from outside a client,
hence from anywhere on the internet. They still need to authenticate
though.
kev
->-Original Message-
->From: [EMAIL PROTECTED]
->[mailto:[EMAIL PROTECTED] Behalf Of David
->Rosner
->Sent: Tuesday, February 25,
rcon_address would allow them to try rcon commands without being logged into
the server.
-Original Message-
From: David Rosner [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 26, 2003 2:01 PM
To: [EMAIL PROTECTED]
Subject: [hlds_linux] rcon hacking w/out being logged into server?
Hel
18 matches
Mail list logo