1 Topic by Schokomuesli

  • Schokomuesli
  • Schokomuesli
  • Member
  • Offline

Topic: [Request] Anti-Rcon-Bruteforce-patch

Hi!

Since a few days some people are "hacking" the TeeWorlds servers of my customers by getting the rcon password.
They are using the "stress" methods to overload the whole servercluster or they are just shutting down the TeeWorlds Servers.

The damage caused by these attacks is about 600€ per day.
I'm currently awaiting the decision of the higher regional court in Vienna and other ones which forces the ISP's to publish the owner-data of the IP's used during the attacks.

The administrators are currently working on counter-measures,... (by reducing the maximum resource consumption by the teeworlds v-servers)

My question is:

Could someone write a patch to ban an IP after n numbers of failed rcon-login attempts?

2 Reply by Rajh

  • Rajh
  • Rajh
  • Member
  • Offline

Re: [Request] Anti-Rcon-Bruteforce-patch

Would make the server unpure hmm

3 Reply by Schokomuesli

  • Schokomuesli
  • Schokomuesli
  • Member
  • Offline

Re: [Request] Anti-Rcon-Bruteforce-patch

Rajh wrote:

Would make the server unpure hmm

No problem,...

My customers aren't using vanilla game-modes,...

4 Reply by matricks

  • matricks
  • matricks
  • Developer
  • Offline

Re: [Request] Anti-Rcon-Bruteforce-patch

There isn't any buffers etc on the server that grows with any amount of requests, so the process can't hog a lot of memory and then die. Seams to me that there is something else going on. I know a bug that can crash a server that is present in 0.5.1 that is for the upcoming 0.5.2.

5 Reply by Rajh

  • Rajh
  • Rajh
  • Member
  • Offline

Re: [Request] Anti-Rcon-Bruteforce-patch

Speed patch

6 Reply by Schokomuesli

  • Schokomuesli
  • Schokomuesli
  • Member
  • Offline

Re: [Request] Anti-Rcon-Bruteforce-patch

Rajh wrote:

Speed patch

Thank you wink

7 Reply by Schokomuesli

  • Schokomuesli
  • Schokomuesli
  • Member
  • Offline

Re: [Request] Anti-Rcon-Bruteforce-patch

matricks wrote:

There isn't any buffers etc on the server that grows with any amount of requests, so the process can't hog a lot of memory and then die. Seams to me that there is something else going on. I know a bug that can crash a server that is present in 0.5.1 that is for the upcoming 0.5.2.

Another problem is, that the server is listed in the browserlist, but you can't join the game (you see the "connecting to" dialog only). It seems that the server crashed or hang-up. It does not matter if you use vanilla teeworlds or a mod,...