Call of Duty Server Hacked

2009-12-30 09:32:22

#1

[HOF]Mercenary: o_O; +53|6438

Long story short, a disgruntled banned player repeatedly obtains our rcon password and bans everyone on the server.

Apparently, our "ftp upload link has the password in it"

What the heck does this mean, and how can we stop it?

Thanks in advance.

2009-12-30 09:34:54

#2

Finray: Hup! Dos, Tres, Cuatro; +2,629|6048|Catherine Black

Change your rcon password

2009-12-30 09:37:11

#3

[HOF]Mercenary: o_O; +53|6438

Rcon password has of course been changed, all root passwords are changed on everything except the FTP to our website, which we cant get to atm because of a "brute force attack"

The names of config files as well as their targets have been changed as well.

2009-12-30 10:21:46

#4

13urnzz: Banned; +5,830|6757

Finray wrote:
Change your rcon password

Finray, did you want me to point out all instances, or just select ones?

Mercenary, besides waiting out the denial of services - is this website hosted or do you have physical custody of the server?

2009-12-30 10:22:32

#5

Finray: Hup! Dos, Tres, Cuatro; +2,629|6048|Catherine Black

Well he didn't say if he had changed it or not!

2009-12-30 10:24:59

#6

[HOF]Mercenary: o_O; +53|6438

burnzz wrote:
Finray wrote:
Change your rcon password
Finray, did you want me to point out all instances, or just select ones?

Mercenary, besides waiting out the denial of services - is this website hosted or do you have physical custody of the server?

The website is hosted

2009-12-30 10:56:03

#7

13urnzz: Banned; +5,830|6757

your best friend is going to be the provider, so don't bite off his head yet.
in the meantime - i don't recall who made the rcon for CoD, but i'd check software versions, their forums, for updates and/or fixes.

good luck . . .

2009-12-31 15:48:51

#8

CrazeD: Member; +368|6932|Maine

Use a better password?

2009-12-31 15:56:38

#9

Flaming_Maniac: prince of insufficient light; +2,490|6966|67.222.138.85

Goodness people the assholes were sniffing packets. It didn't matter what the password was or what they changed it to. Server provider had (has) poor security.

2010-01-02 22:49:49

#10

CrazeD: Member; +368|6932|Maine

Flaming_Maniac wrote:
Goodness people the assholes were sniffing packets. It didn't matter what the password was or what they changed it to. Server provider had (has) poor security.

[HOF]Mercenary wrote:
because of a "brute force attack".

You sure?

2010-01-02 23:56:40

#11

mikkel: Member; +383|6861

[HOF]Mercenary wrote:
Long story short, a disgruntled banned player repeatedly obtains our rcon password and bans everyone on the server.

Apparently, our "ftp upload link has the password in it"

What the heck does this mean, and how can we stop it?

Thanks in advance.

How is the password being exposed? Have you actually put a link somewhere on a website with the FTP password in it?

2010-01-03 06:11:01

#12

[HOF]Mercenary: o_O; +53|6438

No, there are no links with the password embedded in them.

I appreciate your help though guys, thanks.

BF2S Forums Call of Duty Server Hacked

Finray wrote:

burnzz wrote:

Finray wrote:

Flaming_Maniac wrote:

[HOF]Mercenary wrote:

[HOF]Mercenary wrote:

Board footer