jedi-Guard Posted May 16, 2007 Share Posted May 16, 2007 I need help again, got only few details on it. I had my none mod server runing like more then 1 year, safe and secured, virus scanner and firewall installed, also updated Windows XP. I can say for sure am kind of very safe and i am a "System Administrator". Someone got the password to my server and started to change timelimits and map and so on. I changed the password, and restarted the server. He got back in and downloaded the server.cfg file. How can you download server.cfg ? It gets weirder, i went to the base folder, i know which files exists there, but there was 1 file that got there some how and i dont know how it got there. file was called 1.cfg and had a different rconpassword and alot of other settings too. I turned off Allowdownload, i deleted the 1.cfg file and i renamed the server.cfg to something something. If this helps, then do the same as i did. If it doesnt help, report and i will also keep an eye on my server too and report bugs. Link to comment Share on other sites More sharing options...
darkecho05 Posted May 29, 2007 Share Posted May 29, 2007 Mm, disturbing.. maybe it was someone you know? a friend perhaps, that opened your server.cfg file while you were away and stole the pass. The 1.cfg file.. someone must have written it, in conole you say "write "x"" and it writes a cfg file, have you accessed it and looked what's written inside? Could also be a keylogger, clean your computer from spy wares and not viruses. Host as normal, I'm pretty confident nothing will happen, if it does then I'm not much of use anyway, hope everything turns well Link to comment Share on other sites More sharing options...
jedi-Guard Posted May 30, 2007 Author Share Posted May 30, 2007 Well i can say am clean from viruses and other stuff. I suspect that someone stole the password from my friend that also was dedicated administrator, but something very weird was that, when i changed the password, he could download the server.cfg file from my server, what is the command for that, i didnt know it was possible. I disabled allowdownload cause it was enabled. that 1.cfg file is not being executed, it was just in the base folder. Link to comment Share on other sites More sharing options...
darkecho05 Posted May 31, 2007 Share Posted May 31, 2007 Neither did i know that it was possible, but now it seems it is. If you suspect it, ask him if he gave it to somebody else, if he did just change it, second thought, change it now and you wont have to worry about some stranger that have got your rcon. Since he stole the server.cfg file.. he will host the same server as yours, look for it, if he is hosting with your cfg file the chances are good that you'll find it. Good luck. Link to comment Share on other sites More sharing options...
jedi-Guard Posted June 1, 2007 Author Share Posted June 1, 2007 I dont think he gave it, i think someone stole it from him, i dont use rcon, i type directly from the server. I also have secured my server for now. Lets see whats next. May the force be with my server. Link to comment Share on other sites More sharing options...
Spiderz Posted June 21, 2007 Share Posted June 21, 2007 Turn: sv_allowdownload 0 (off) so they can't download the server.cfg Its a bug which is still used lately. If its on people can download ur server.cfg.. But if you don't want to do that, u have to rename the server.cfg to something else (and change the settings for the launch of it) Gl. Link to comment Share on other sites More sharing options...
jedi-Guard Posted June 29, 2007 Author Share Posted June 29, 2007 Read the first thread again, i did turn it off and renamed it. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.