Blog

Tuesday, September 25, 2012

GoldSRC/SRCDS RCON Security

Every GoldSRC and SRCDS server needs an RCON password. RCON passwords allow you to remotely control your server from the console or a 3rd party tool like HLSW. Lately there have been more hackers who try to brute force guess your password. If they do guess your password, they can take complete control of your server like ban/unban players, change the hostname and change cvars. There are a few things you can do to keep this from happening. The first thing is to pick a password that is not based on a dictionary word. It's best if your password is over 12 characters long and has a mixture of letter, numbers and symbols. The symbols are key to make it extremely hard to crack. A good example password would be something like: ^#&[email protected]*RsG0. Another thing you can do to stop or at least slow the hackers is to enable rcon protection cvars. Use the following code in your "server.cfg" file (works in GoldSRC and SRCDS):
sv_rcon_banpenalty 60 sv_rcon_maxfailures 10 sv_rcon_minfailures 5 sv_rcon_minfailuretime 45
The code does the following: sv_rcon_banpenalty : Number of minutes to ban users who fail rcon authentication sv_rcon_maxfailures : Max number of times a user can fail rcon authentication before being banned sv_rcon_minfailures : Number of times a user can fail rcon authentication in sv_rcon_minfailuretime before being banned sv_rcon_minfailuretime : Number of seconds to track failed rcon authentications This should slow down the hackers. It won't stop them completely though.
Tuesday, September 11, 2012

Troubleshooting SRCDS Crashes

The majority of Source Engine crashes are due to plugin errors and exceeding engine limits on maps. When you're faced with a constant crash on your server, there are a few steps you should take to pinpoint the culprit.

First ask yourself a few questions: Does it always happen on the same map? Were players in the server when it crashed? Does it crash on startup or on map change? Once you have the answers to these questions you can then start troubleshooting. First off, try running the server with no plugins.  This means don't load metamod, sourcemod, Eventscripts, etc.  Let the server run like this for a few days.  If there are no crashes then you've at least pinpointed that its not a corrupt installation. If it still crashes, than either you have a misconfigured CVAR or your installation is corrupt (delete all steam files and re-run the update process).  You will know if there is a crash by looking in the root directory of the server for MDMP files, MDMP files are created whenever you server crashes and are created at the time of the crash.  You can't see whats in the MDMP file though, only the developer of the mod or game can.  MDMP files are just usefull so you know the date and time of the crash.

To troubleshoot plugin problems, first try running the server with the default plugins that came with your administration tool.  Than every day or few days after that add 3 to 6 of the custom plugins you are using.  If the server crashes again, than its likely one of the last few plugins you added so remove a few of them and let the server run for a few days again. This method can take a few days to a few weeks, but its the best way to find the plugin that is causing the crashes.

 


Recent Posts



Tags


Archive

    Sign up for Product Updates and Discounts
    Captcha Image
    ×