Private Server Security? Possible Leak?

[Dak_iSuk]

Greets all,

I have recently placed a password on my FFA server. I put the password at the bottom of the rules page on my website in hopes that people will actually read the rules before joining. Today I had a kid join who claimed that he "hacked" the server for access and that he could not find the password on my website. Needless to say, I banned him once he started talking about hacking and all. This is the email I received this afternoon from him:

 

hello there why did you ban me cause that hack thingy isnt really hacking into your comp its just watching the server info with dos so you see the password in secret letters so thats how i got in plz unban me i know the real password now its: <removed> and i will be good just plz unban me plz!! i beg you!

 

Any thoughts on this or do you think, as I do, that he just wants to stir up trouble attempting to false create a security flaw in the q3 engine?

 

Dak

[Cedrin]

That might be possible since there were some issues with gaining passwords to half life servers a while back.

 

However it may have been a bit of social engineering and or him getting access to your messageboard that may have had it posted in the private area.

 

Lastly, he could have written a brute forcing program to run a dictionary hack through rcon.