Rcon Access/commands And A Problem..
SystemOfADOWN
Join Date: 2003-12-27 Member: 24798Members
Join Date: 2003-12-27 Member: 24798Members
Hey, i'm probably about to become an admin on a very good NS 2.01 server, and my question is this.
Where can i find a FAQ/tutorial on RCON commands and using RCON? I will obviously need this..
secondly, people have been crapping over the server with an RCON access hack of some type...allows them to access sv_cheats and change it to 1, etc.
is this a known exploit or is it just an unauthorized person with the rcon password? i'm guessing it's one of the two..
any links or help would be GREATLY appreciated.
also, to install for protection, what would be the best anti-cheat software to install? hl guard, cd..? both?
thanks again.
Where can i find a FAQ/tutorial on RCON commands and using RCON? I will obviously need this..
secondly, people have been crapping over the server with an RCON access hack of some type...allows them to access sv_cheats and change it to 1, etc.
is this a known exploit or is it just an unauthorized person with the rcon password? i'm guessing it's one of the two..
any links or help would be GREATLY appreciated.
also, to install for protection, what would be the best anti-cheat software to install? hl guard, cd..? both?
thanks again.
Comments
Where can i find a FAQ/tutorial on RCON commands and using RCON? I will obviously need this..
secondly, people have been crapping over the server with an RCON access hack of some type...allows them to access sv_cheats and change it to 1, etc.
is this a known exploit or is it just an unauthorized person with the rcon password? i'm guessing it's one of the two..
any links or help would be GREATLY appreciated.
also, to install for protection, what would be the best anti-cheat software to install? hl guard, cd..? both?
thanks again. <!--QuoteEnd--> </td></tr></table><div class='postcolor'> <!--QuoteEEnd-->
This is an interesting topic you posted here, please excuse me brain dumping
There are pro's and con's with rcon (I personally think there are way more cons than pros).
I personally perfer adminmod as it can be put together with various access levels and you can admin people to these various levels with a degree of control that rcon wishes for!
I set adminmod up like so:
#define LANDLORD 255
#define ADMIN1 127
#define ADMIN2 63
#define ADMIN3 31
#define ADMIN4 7
#define PUNTERS 2
As I am the landlord, I get acccess to rcon via adminmod and depending on how much you paid for your admin (levels) depends on your range of control. i.e. admin1 highest you can pay for coming in at $600 a year, admin4 = admin for $10 per year.
admin4 can admin_say stuff
admin3 - some more stuff like ban people
admin2 - ban and unban and punish
admin1 can do anything that doesn't require the rcon like teleport, gravity and stacking
The con is that A) It currently refuses to work, B) there is a cpu hit, C) if you have never done any development work bad luck as the defaults were designed by people doing LSD.
As for using rcon, one big tip 'rcon changelevel map' is all you should ever use, 'rcon map' is bad mmm'kay
ok, best close now as these forums don't like long posts
Where can i find a FAQ/tutorial on RCON commands and using RCON? I will obviously need this..
secondly, people have been crapping over the server with an RCON access hack of some type...allows them to access sv_cheats and change it to 1, etc.
is this a known exploit or is it just an unauthorized person with the rcon password? i'm guessing it's one of the two..
any links or help would be GREATLY appreciated.
also, to install for protection, what would be the best anti-cheat software to install? hl guard, cd..? both?
thanks again. <!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd-->
Yes, there is an exploit known as the dfile exploit. This allows the person to download any file in the Mod's directory. There are several fixes for this problem some more desirable then others.
I'm going to assume that this server isn't your own and that you don't know what OS it is running on. I'll lay out the options for you:
The easiest fix is to have the server owner add or change the following line to the server.cfg:
<!--c1--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
sv_allowdownload 0
<!--c2--></td></tr></table><div class='postcolor'><!--ec2-->
This will prevent the user from downloading any files from the server including the server.cfg where the rcon_password is stored. This is good an bad, good to prevent the exploit, bad if you have custom content you want the person to download when he connects.
The second easiest way to fix this is to upgrade the HLDS version to the latest. This contains an official Valve fix to this problem as well as a few bug fixes in the engine. The admin should check valve's ftp site for upgrades
Third, if your admin is running Linux for its OS you could download and install the boffix patch which hardens the server vs buffer overflow vulnerabilities as well as the dlfile exploit. Your server admin should check the official valve mailing list for those files. They are community designed and distributed and not an official valve fix, though they worked fine when I was using them.
NOTE: These fixes don't apply if you are running the latest STEAM HLDS server binaries. Those problems have been fixed in the latest version already.
As for rcon commands, I use AdminMod for my server but there is occasion where I remove it to compare performance. I'll describe how you use rcon access and what commands I'm aware of:
To gain authentication to use rcon you need to open your console by hitting the "~" key on your keyboard, then type:
<!--c1--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
rcon_password YourPasswordHere
<!--c2--></td></tr></table><div class='postcolor'><!--ec2-->
Once you've done that you should then be able to issue rcon commands by typing "rcon" and then the command you want to run followed by its arguments. If you use steam on the server the following examples are accurate, if you use WON for authentication then you should exchange the STEAMID arguments for WONID numbers.
Examples:
Change the map to ns_eclipse and keep all players connected:
<!--c1--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
rcon changelevel ns_eclipse
<!--c2--></td></tr></table><div class='postcolor'><!--ec2-->
Change the map to ns_eclipse and kick all players:
<!--c1--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
rcon changemap ns_eclipse
<!--c2--></td></tr></table><div class='postcolor'><!--ec2-->
Global say message to all players:
<!--c1--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
rcon say Hey guys, stop picking on the newbie. We were all new once!
<!--c2--></td></tr></table><div class='postcolor'><!--ec2-->
Kick a player from the server:
<!--c1--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
rcon kick STEAM_0:0:1234567
<!--c2--></td></tr></table><div class='postcolor'><!--ec2-->
Ban a player from the server but do not kick them from the game (the 0 after the ban command means permanant ban, change this to a number of minutes for a timed ban):
<!--c1--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
rcon banid 0 STEAM_0:0:1234567
<!--c2--></td></tr></table><div class='postcolor'><!--ec2-->
Ban then kick a player immediately (the 0 after the ban command means permanant ban, change this to a number of minutes for a timed ban):
<!--c1--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
rcon banid 0 STEAM_0:0:1234567 kick
<!--c2--></td></tr></table><div class='postcolor'><!--ec2-->
Removes the specific id from the banned list.
<!--c1--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>CODE</b> </td></tr><tr><td id='CODE'><!--ec1-->
rcon removeid STEAM_0:0:1234567
<!--c2--></td></tr></table><div class='postcolor'><!--ec2-->
As for which anti-cheat is best, I think that CD is the only one that truly disables cheats from working. The rest catch some cheats but there are always ones they don't catch.
Hope that helps.
the server is currently down but the owner will assign me and another person as admins with our wonIDs..
i received an e-mail from him stating:
"I'll add those wonids, but you guys have to learn how to set up yur comp to acess an HL server when using Admin-mod acess. Go to google and search admin-mod.org or admin-mod.com or something. There are directions there. Its tricky, but you'll figure it out."
What does he mean set up my computer to access the hl server when using admin-mod access? i thought i could just join and type in the rcon password or am i totally wrong and is rcon not being used? i'm confused, someone help..<!--emo&:)--><img src='http://www.unknownworlds.com/forums/html//emoticons/smile.gif' border='0' style='vertical-align:middle' alt='smile.gif' /><!--endemo-->
<a href='http://www.vadakill.com/nsguides/ns20-adminmod.shtml' target='_blank'>http://www.vadakill.com/nsguides/ns20-adminmod.shtml</a>
I can't help make an observation... Are you sure you want to waste your time on a server helping a guy who won't even help you set up your computer or explain the commands you have access to? For him to not assist you sounds like he does not value you as an administrator. I dunno, but this Admin guy sounds like a jerk to me.
i'll check that guide out
wait..i just read it...setinfo _pw-<!--emo&???--><img src='http://www.unknownworlds.com/forums/html//emoticons/confused.gif' border='0' style='vertical-align:middle' alt='confused.gif' /><!--endemo-->?
i know what the password will be but what goes for the line after _pw-