DemiGod666 Posted July 5, 2003 Share Posted July 5, 2003 Is anyone aware of a security hole that would allow an attacker to change server settings? I recent had an attack on my server, and the attacker was able to change the timelimit and fraglimit. I am certain the RCON was not compromised. Timelimit was changed to "-1234794079" effectively putting the server in permanent intermission mode. Fraglimit was changed to "Owned_Bitch" Nothing else was messed with. Network ops has checked and confirmed that the box was not compromised or penetrated. So I conclude that somehow, an attacker is able to penetrate the process and cause changes to certain settings and cause a server restart to effect them. I have the log and have ID the guy. But I'm more concerned with the possibility of a hole that would allow more of this. The box is a P4 Xeon running latest RH Linux, and also runs JA mod. I note that JA mod does not allow changes to timelimit or fraglimit, so I'm also sure the attack didn't come through the mod or was caused by a leaked JA mod password. Thx for your time, Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.