It is currently Thu Nov 14, 2019 3:53 am |
Page 1 of 1 | [ 13 posts ] |
Print view | Previous topic | Next topic |
Author | Message |
---|---|
Joined: Fri Jan 22, 2010 1:43 pm Posts: 6 | q3 hack fix (NOT THE CRASHING ONE) Hi, when i have sv_allowdownload enabled, theres a bug that people can easily get my server.cfg, ive put the fix in the server ftp, but i don't know how to execute it from there, cause I must point the jk2mp.exe of the server. Can you please help me with it? |
Mon Jan 25, 2010 11:55 pm | |
Joined: Thu Oct 18, 2007 10:42 pm Posts: 235 | Re: q3 hack fix (NOT THE CRASHING ONE) wasn't the fix to rename server.cfg to something else, like abc123.cfg, something people wouldn't think to type in? _________________ q2server.fuzzylogicinc.com:27910 :: Leper Q2 ATTN: In serious need of limbs! d3server.fuzzylogicinc.com :: Doom 3, FMJ! etqwserver.fuzzylogicinc.com Quake Wars... Grrrrr..... |
Tue Jan 26, 2010 8:23 am | |
Joined: Thu Jun 17, 2004 4:38 am Posts: 582 Location: Nooboo | Re: q3 hack fix (NOT THE CRASHING ONE) Edit your server.cfg so sv_allowdownload is disabled. seta sv_allowdownload '0' sv_allowdownload should always be '0'. The Quake3 map download feature is old and very slow. There is no reason to enable it, and keeping it disabled prevents a known hack that allows people to download your server.cfg and gain your rcon password. _________________ Human Female Jedi Skin Expansion Mod Tavion Extreme Makeover |
Tue Jan 26, 2010 7:29 pm | |
Joined: Thu Oct 18, 2007 10:42 pm Posts: 235 | Re: q3 hack fix (NOT THE CRASHING ONE) is there an admin mod someone can use so they can still allow downloads & not deal with this? Talking to older Quake players they all agree that the easy content downloading is what kept quake 2 & 3 engines alive for so long. _________________ q2server.fuzzylogicinc.com:27910 :: Leper Q2 ATTN: In serious need of limbs! d3server.fuzzylogicinc.com :: Doom 3, FMJ! etqwserver.fuzzylogicinc.com Quake Wars... Grrrrr..... |
Tue Jan 26, 2010 10:54 pm | |
if im putting custom maps on my server that i made myself and that i dont wanna release, theres a reason to put allowdownload to 1, thats why i wanna fix this and im paying monthly for my server, so i would like it to be safe against hackers, i dont wanna only rename the server.cfg to something i wanna be sure its fixed... | |
Wed Jan 27, 2010 4:02 am | |
and ive got another question, is there anyway to stop the auto reboot of the server? I didnt want to make another topic for this... | |
Wed Jan 27, 2010 4:03 am | |
Joined: Thu Oct 18, 2007 10:42 pm Posts: 235 | Re: q3 hack fix (NOT THE CRASHING ONE) ET can't fix errors in the game that the developer made, that's the dev's responsibility. I'm not quite up on my Q3A security, but it may be possible to block the hackers once you get their IP. You can't stop the server from rebooting, it always happens. Is there issues with it on your end? _________________ q2server.fuzzylogicinc.com:27910 :: Leper Q2 ATTN: In serious need of limbs! d3server.fuzzylogicinc.com :: Doom 3, FMJ! etqwserver.fuzzylogicinc.com Quake Wars... Grrrrr..... |
Wed Jan 27, 2010 8:05 am | |
Joined: Thu Jun 17, 2004 4:38 am Posts: 582 Location: Nooboo | Re: q3 hack fix (NOT THE CRASHING ONE) if im putting custom maps on my server that i made myself and that i dont wanna release, theres a reason to put allowdownload to 1, thats why i wanna fix this and im paying monthly for my server, so i would like it to be safe against hackers, i dont wanna only rename the server.cfg to something i wanna be sure its fixed... Have you ever tried downloading a map from a server using the built-in sv_allowdownload function? It is incredibly slow and takes so long I would guess most players will disconnect before it is downloaded. Plus, it takes bandwidth away from your server and it opens up a security exploit. It just is not a good idea to use it. You might as well put your rcon password in your MOTD. If for some reason you don't want to release your maps to the general public, email copies of the map to the people that you want to have it and leave sv_allowdownload '0' (off). That's a much safer way to do it. and ive got another question, is there anyway to stop the auto reboot of the server? I didnt want to make another topic for this... Daily rebooting of JK2 and JA servers running on Linux is necessary to keep the server running well. If it isn't rebooted on a regular basis it will eventually lag and lock up, not fun. _________________ Human Female Jedi Skin Expansion Mod Tavion Extreme Makeover |
Wed Jan 27, 2010 9:57 pm | |
and if for some reason i have to put sv_allowdownload to 1, what am i gonna do? thats why ive put the fix in the server ftp, so i just want u guys to point it to the jk2mp.exe of the server, i dont think its so complicated, id do it if i could, but i cant... thx for the second question =] | |
Thu Jan 28, 2010 12:31 am | |
oh and since i cant stop the auto reboot, is there anyway to hide the bots so that they stop annoying every1? im putting bots to show people that its an active server, but i wanan hide them somewhere so that they stop annoying. I mean hiding automatically at server reboot. | |
Thu Jan 28, 2010 12:35 am | |
Joined: Thu Oct 18, 2007 10:42 pm Posts: 235 | Re: q3 hack fix (NOT THE CRASHING ONE) if you use server redirect does the game still have the exploit? (hoe come noone's changed q3a's audodownload like q2's so it faster! ) _________________ q2server.fuzzylogicinc.com:27910 :: Leper Q2 ATTN: In serious need of limbs! d3server.fuzzylogicinc.com :: Doom 3, FMJ! etqwserver.fuzzylogicinc.com Quake Wars... Grrrrr..... |
Thu Jan 28, 2010 11:51 am | |
Joined: Thu Jun 17, 2004 4:38 am Posts: 582 Location: Nooboo | Re: q3 hack fix (NOT THE CRASHING ONE) and if for some reason i have to put sv_allowdownload to 1, what am i gonna do? thats why ive put the fix in the server ftp, so i just want u guys to point it to the jk2mp.exe of the server, i dont think its so complicated, id do it if i could, but i cant... thx for the second question =] Sorry, I don't understand the question. All that sv_allowdownload '1' does is allow .pk3 files that the server is actively using (such as a map that the server is currently running) to be downloaded to clients using the server's bandwidth, set by sv_maxrate. It has nothing to do with directing anything to jk2mp.exe. Even at the maximum sv_maxrate of 25000 bits per second (25 kbs) that is super slow compared to broadband rates of megabits per second that people are used to. It is super slow and just not worth it. If you insist on using it you just have to accept the security risk, there is no way to prevent it. It would be better to figure out some other way to distribute your map. Most people just submit it to file sites like jk2files.com so people can download it at broadband rates. oh and since i cant stop the auto reboot, is there anyway to hide the bots so that they stop annoying every1? im putting bots to show people that its an active server, but i wanan hide them somewhere so that they stop annoying. I mean hiding automatically at server reboot. In your server.cfg, put the following line set bot_minplayers '2' When your server starts up, it will add two bots. If a human joins the server the server will kick one of the bots so there will be one human and one bot on the server. The human can chase the bot around if he wants to. As soon as a second human joins the server the one bot will be kicked, leaving two humans. If one of the humans leaves the server will add back a bot. If both humans leave it will add two bots. bot_minplayers 'x' will always keep at least x players, humans and bots, on the server, adding or kicking bots as necessary. _________________ Human Female Jedi Skin Expansion Mod Tavion Extreme Makeover |
Fri Jan 29, 2010 5:12 pm | |
ok, thx alot ! =] | |
Tue Feb 09, 2010 3:04 am |
Page 1 of 1 | [ 13 posts ] |
Who is online |
Users browsing this forum: No registered users and 3 guests |
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot post attachments in this forum |