lfnetwork.com mark read register faq members calendar

Thread: admin password hack
Thread Tools Display Modes
Post a new thread. Add a reply to this thread. Indicate all threads in this forum as read. Subscribe to this forum. RSS feed: this forum RSS feed: all forums
Old 07-12-2007, 05:36 PM   #1
quantum_rds
Lurker
 
Join Date: Jul 2007
Posts: 1
admin password hack

i run a jedi server and my admins are telling me that there is an exploit and througt brute force the hacker finds the admins passwords.

how do i pach my server or something like that to prevent that brute force attack?
quantum_rds is offline   you may: quote & reply,
Old 07-14-2007, 05:31 PM   #2
jedi-Guard
Rookie
 
Join Date: Sep 2005
Posts: 207
which way do they hack to receive the password ?
jedi-Guard is offline   you may: quote & reply,
Old 07-30-2007, 03:38 PM   #3
darkecho05
Rookie
 
darkecho05's Avatar
 
Join Date: May 2007
Location: Sweden
Posts: 48
I personally have never experienced somebody stealing my password, don't really think anybody can do that, only way for them to see your password is if you have your kt on while hosting and typing "rconpass xxxx" and just when you're about to log in your kt says something and everybody sees it.


Error is our enemy!
darkecho05 is offline   you may: quote & reply,
Old 09-04-2007, 02:25 PM   #4
Tx606
Rookie
 
Join Date: Feb 2007
Posts: 78
Quote:
Originally Posted by quantum_rds
i run a jedi server and my admins are telling me that there is an exploit and througt brute force the hacker finds the admins passwords.

how do i pach my server or something like that to prevent that brute force attack?
Well this IS possible.
You can't really prevent brute force attacks. But i know how they work..
They have a list of possible users and passwords, just make sure u have a VERY complicated password for your users for your server (ftp and such things..) And if you enter a pass like r2Rfz434xz_2 they will never guess it.
Remember to make a hard rconpassword too, not a simple pass like "kyle"..
Tx606 is offline   you may: quote & reply,
Old 10-07-2010, 09:55 PM   #5
Kurgan
Headhunter
 
Kurgan's Avatar
 
Join Date: Nov 1997
Location: The Dawn of Time
Posts: 18,322
LFN Staff Member 10 year veteran! 
Other tips are not to have "subadmins" or give out your password or post it online anywhere. Most "hacking attempts" turn out to be untrustworthy or disaffected former admins screwing around (consider they could give out that information to anyone they wished).

If you think your admin password may have been compromised... CHANGE IT immediately. Another is to use a name other than "server.cfg" for your config file.

If you botch entering your password logging in, a person could see your password attempt in the chat log too, so make sure you get it right (or enter it before you get into the game, via the save password feature in JO/JKA's in-game browers, or Qtracker, etc).

Another issue is that stuff like Killtrackers and mods may have their own vulnerabilities. Use at your own risk. If you think there's some kind of security exploit in them, contact the maker of this unofficial addon and see if they can fix it.


Download JK2 maps for JA Server|BOOT CAMP!|Strategic Academy|
(JA Server: 108.178.55.189:29070)


"The Concussion Rifle is the weapon of a Jedi Knight Player, an elegant weapon, from a more civilized community." - Kyle Katarn
Kurgan is offline   you may: quote & reply,
Post a new thread. Add a reply to this thread. Indicate all threads in this forum as read. Subscribe to this forum. RSS feed: this forum RSS feed: all forums
Go Back   LucasForums > Network > JediKnight Series > Help Center > Dedicated Server > admin password hack

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 09:11 PM.

LFNetwork, LLC ©2002-2011 - All rights reserved.
Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.