server hacked

m3rcury · Post by **m3rcury** » Mon Dec 05, 2005 9:18 am

hello folks.

first off, let me say how pleased i am with nfo servers. i've been renting mine about 2 weeks and just upgraded to the ping accelerator and i'm thrilled. your price cannot be beat and you guys have some of the best customer service i've seen.

ok, now on to the problem. i rent a 15man css server on the LA hybrid network. yesterday my clan and i were scrimming another team. we made the stupid mistake of setting the password to "scrim" (which we will never do again). anyhow, someone logged in and started spamming the chat - something about flashlight something strikes again - "do not open console 1111" etc. when i tried to open the console, it locked css for me, and the server locked up for everyone else. most of the guys had to completely reboot their systems. restarting the server fixed the problem. however, when i went to check my log files to try to get the guy's steam ID, the log files were gone.

so, what in the world happened? was this some kind of script this guy ran? besides using a less obvious password, what can i do to prevent this in the future?

like i said, i know it was stupid to use such a simple password. what else can i do to prevent this?

thanks in advance !!!

bOoya · Post by **bOoya** » Mon Dec 05, 2005 4:28 pm

I haven't heard of this one before, but it's likely just another exploit that VALVe will need to patch. (This isn't the first time something like this has happened with CS:S)

If you can give us your server identifier we might beable to look into the logs situation. You can also contact us directly by using the "Live chat" button on your control panel.

m3rcury · Post by **m3rcury** » Mon Dec 05, 2005 6:22 pm

the server is s17.

i suspect whoever did this is using a stolen steam ID anyway, so i'm not worried about banning them. i'm more worried about how to prevent this in the future. it was a practice scrim, but if it had been a cal match, we would have had to start the match over.

thanks for your help.

bOoya · Post by **bOoya** » Mon Dec 05, 2005 6:24 pm

The best way is to set a random password before the match begins and give it only to your clanmates and people on the other page. In all honesty it was pretty random that someone would guess your IP and password, unless it was someone you have scrimmed with or someone you know

.

m3rcury · Post by **m3rcury** » Mon Dec 05, 2005 6:31 pm

when i run the lo3.cfg script, it changes the server name to "CAL CS:Source Match Server" or something like that. couldn't someone just look at the server list, find all the servers with that name, and guess passwords until they got in? granted, this would have to be a very lonely, sad dude, but this is possible, right?

is it a requirement of cal that the name be displayed like that?

thanks for your suggestions.

bOoya · Post by **bOoya** » Mon Dec 05, 2005 7:36 pm

They could do that, but having a password other than scrim would pretty much thwart this.. like scr1m or scrim123 or scrimleet, etc.

m3rcury · Post by **m3rcury** » Mon Dec 05, 2005 7:52 pm

right on. thanks for your help.

like i said, nfo is awesome. i so glad i found you guys.