Jump to content

  • Log in with Facebook Log in with Twitter Log In with Google Log In with Steam Sign In
  • Create Account
Photo

server facade question regarding silent-0.9.0

- - - - -

  • Please log in to reply
5 replies to this topic

#1
OFFLINE   phantasm

phantasm

    Regular Member

  • Members
  • PipPipPip
  • 118 posts
6
A step in the right direction

Hello,

 

I upgraded my silent -0.8.2 server to silent 0.9.0 today, due to some recurring problems with rcon hack vulnerabilities, and it appears to possibly have a conflict with my server facades that were running fine for a long time (several years) until now.

 

I have rebooted the server facades, and then rolled my game server back to silent-0.8.2 with no success in being able to get my redirects running again.

 

I saw in the new features list that there was something to block the user redirect feature, but it isn't very specific what this does. Can you tell me if this interferes with the Server Facades?

 

I am just wondering if this version of silent mod is intended to block the server facades. If this is intentional it would nice to be transparent about it. Not everyone abuses them, I never put up fake links or spoofed anyone else's server name.

 

Thanks.



#2
OFFLINE   gaoesa

gaoesa

    Advanced Member

  • Management
  • PipPipPipPip
  • 4391 posts
341
Will become famous
  • LocationFinland

Clients have a cvar that forces redirect without asking the player about it. This cva has existed since server redirecting was introduced to the offical ET SDK (2.60 etmain). We removed that client cvar. It has nothing to do with facades. Facades in general are engine things that allow connections with 2.55 protocol as well as 2.60 protocol. I have no idea how you can reboot a facade without rebooting the server as it is the very same thing.

 

I have no idea why this is in bug reports as I don't see any bug report in it. For the question: do we do anything against server facades, no we have not done anything against server facades and we will not do anything against those either. If you have an external server for the only purpose to redirect clients to new servers (no matter if it is because you have moved your server or you want to deceive players), we have not done anything against those servers either. What we have done is that players no longer get redirected to another server without asking those players first.

 

What would be interesting would be more info about those rcon hack vulnerabilities you referred as I'm not aware of any.



#3
OFFLINE   alex

alex

    Regular Member

  • Subscriber
  • PipPipPip
  • 63 posts
12
A step in the right direction
  • LocationFrance

I d'like to know more about these vulnerabilities as well.



#4
OFFLINE   phantasm

phantasm

    Regular Member

  • Members
  • PipPipPip
  • 118 posts
6
A step in the right direction
I am using the old "Server Facade" software from Redsector to add a few extra links to my server on the masterlist. The links are the same name as my "real" server, and the player is asked if they want to go to the real server IP. This has been used by many people for years. I use these in addition to the 2.55/2.60 dual lister from Trackbase (the modified ET.exe from Paul that has been out for years). Nothing new or particularly creative lol.

We had a hacker mess with our in-game voting, which I reported here a few weeks ago. He was also using an aimbot which was uncommon on my server. This same hacker then started setting levels. I had to set the rcon password to "" to stop it. So I thought maybe the exploit would be patched in 0.9.0 and I tried it last night. It works fine with enhmod though.

#5
OFFLINE   phantasm

phantasm

    Regular Member

  • Members
  • PipPipPip
  • 118 posts
6
A step in the right direction
I consider "fake links" to be putting up names that are deceptive or have nothing to do with the actual server.

I am aware this software is easily abused. I dont think adding links with the same name as the real server is particularly bad. It is a good way to get attention and doesnt do anything to the client installs.

#6
OFFLINE   clan DIABOLIK

clan DIABOLIK

    Advanced Member

  • Members
  • PipPipPipPip
  • 322 posts
36
Getting Better

Hello phantasm

 

Concerning the Paul binary, be sure to run the 0.7.4 version for security.

 

 

V55






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users