quantum_rds Posted July 12, 2007 Share Posted July 12, 2007 i run a jedi server and my admins are telling me that there is an exploit and througt brute force the hacker finds the admins passwords. how do i pach my server or something like that to prevent that brute force attack? Link to comment Share on other sites More sharing options...
jedi-Guard Posted July 14, 2007 Share Posted July 14, 2007 which way do they hack to receive the password ? Link to comment Share on other sites More sharing options...
darkecho05 Posted July 30, 2007 Share Posted July 30, 2007 I personally have never experienced somebody stealing my password, don't really think anybody can do that, only way for them to see your password is if you have your kt on while hosting and typing "rconpass xxxx" and just when you're about to log in your kt says something and everybody sees it. Link to comment Share on other sites More sharing options...
Tx606 Posted September 4, 2007 Share Posted September 4, 2007 i run a jedi server and my admins are telling me that there is an exploit and througt brute force the hacker finds the admins passwords. how do i pach my server or something like that to prevent that brute force attack? Well this IS possible. You can't really prevent brute force attacks. But i know how they work.. They have a list of possible users and passwords, just make sure u have a VERY complicated password for your users for your server (ftp and such things..) And if you enter a pass like r2Rfz434xz_2 they will never guess it. Remember to make a hard rconpassword too, not a simple pass like "kyle".. Link to comment Share on other sites More sharing options...
Kurgan Posted October 8, 2010 Share Posted October 8, 2010 Other tips are not to have "subadmins" or give out your password or post it online anywhere. Most "hacking attempts" turn out to be untrustworthy or disaffected former admins screwing around (consider they could give out that information to anyone they wished). If you think your admin password may have been compromised... CHANGE IT immediately. Another is to use a name other than "server.cfg" for your config file. If you botch entering your password logging in, a person could see your password attempt in the chat log too, so make sure you get it right (or enter it before you get into the game, via the save password feature in JO/JKA's in-game browers, or Qtracker, etc). Another issue is that stuff like Killtrackers and mods may have their own vulnerabilities. Use at your own risk. If you think there's some kind of security exploit in them, contact the maker of this unofficial addon and see if they can fix it. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.