SA-MP Forums

Go Back   SA-MP Forums > SA-MP Scripting and Plugins > Filterscripts

Reply
 
Thread Tools Display Modes
Old 14/05/2011, 08:53 AM   #1
Mauzen
Godfather
 
Mauzen's Avatar
 
Join Date: Jun 2007
Location: Western Germany
Posts: 5,097
Reputation: 1522
Default SafeCon - Protect your RCON against unwanted access

I made this filterscript today, as I noticed quite a lot of RCON attacks in the last time.
SafeCon will protect your server from unwanted RCON access. Hackers wont have a chance to get your rcon password, if you use it right.

SafeCon basically has one main feature so far: a frequently changing RCON password. It chooses a random password from your list once in a specified interval. Doesnt sound special, but it is very effective. Beside this, it offers a name- and IP-whitelist. Only people on one of these lists can login as RCON admin ingame.
For security reasons all those lists are compiled with the code. This means you have to recompile it everytime you want to change it, but this makes it a lot more safe. Incase someone can read your server directory (e.g. your hoster) he could read the RCON password from the server.cfg or any password list file, but this way he even cant do that. He would have to decompile the code (which is of course AntiDeAMX protected).

Setup
The setup is quite easy. Copy the pastebin code and paste it to an empty file. Just take a look at the top of the script, everything should be explained in the comments. And of course dont upload the pwn source to your server, just the compiled amx.
When you set all the defines and arrays the way you like, compile the code. Add the filterscript to your server.cfg or put this somewhere in your OnGameModeInit():
Code:
SendRconCommand("loadfs SafeCon");   // or however you named the file

How to use
When using the hardcoded password list, use /rconpw ingame to get the index of the currently active password. Index 0 is the first password in the array. Anyone can use this command. Then check the password list for that index to see whats the current password.
So you should think at least twice who should get the password list. Only people you can trust 111% should get it, and tell them not to give it to anyone else (just like you should handle your normal RCON password). I recommend using a safe connection for sending the list, services like https://privnote.com/ should do fine.

The name/IP-whitelist can be used if you experience RCON hacks anyways. When using a safe register/login system the name-list will do it, otherwise use the ip-list (which has to be updated more often because of dynamic IPs of course)


What else
Thats it, your RCON password should now be 99,9% safe (without any warranty of course )
If you got any suggestions, feel free to tell me.

Download: Pastebin

Last edited by Mauzen; 14/05/2011 at 09:52 AM.
Mauzen is offline   Reply With Quote
Old 14/05/2011, 08:55 AM   #2
wheelman_WM
Huge Clucker
 
wheelman_WM's Avatar
 
Join Date: Jan 2011
Location: Sun
Posts: 402
Reputation: 0
Default Re: SafeCon - Protect your RCON against unwanted access

wow man it will really help many people thnx for it i m gonna use it
wheelman_WM is offline   Reply With Quote
Old 14/05/2011, 08:55 AM   #3
juraska
Huge Clucker
 
juraska's Avatar
 
Join Date: Apr 2011
Posts: 357
Reputation: 11
Default Re: SafeCon - Protect your RCON against unwanted access

Nice job man
juraska is offline   Reply With Quote
Old 14/05/2011, 09:03 AM   #4
Markx
Gangsta
 
Markx's Avatar
 
Join Date: Dec 2010
Location: Zagreb, Croatia
Posts: 967
Reputation: 39
Default Re: SafeCon - Protect your RCON against unwanted access

Very good!
__________________
...Left samp for now, hope i gonna be back someday...

Markx is offline   Reply With Quote
Old 14/05/2011, 09:05 AM   #5
[DR]Reaper[GEARS]
Big Clucker
 
[DR]Reaper[GEARS]'s Avatar
 
Join Date: Feb 2011
Posts: 76
Reputation: 0
Default AW: SafeCon - Protect your RCON against unwanted access

nice (:
__________________
[DR]Reaper[GEARS] is offline   Reply With Quote
Old 14/05/2011, 09:39 AM   #6
Kaperstone
High-roller
 
Kaperstone's Avatar
 
Join Date: May 2011
Location: Home
Posts: 3,115
Reputation: 562
Default Re: SafeCon - Protect your RCON against unwanted access

nice!!
__________________
Kaperstone is offline   Reply With Quote
Old 14/05/2011, 11:01 AM   #7
Medal Of Honor team
Gangsta
 
Medal Of Honor team's Avatar
 
Join Date: Feb 2011
Location: Osama Bin Laden's house ;)
Posts: 539
Reputation: 2
Default Re: SafeCon - Protect your RCON against unwanted access

really nice!
__________________
Making a Social Website from scratch. Need a PHP partner
Medal Of Honor team is offline   Reply With Quote
Old 14/05/2011, 11:18 AM   #8
Naruto_Emilio
Banned
 
Join Date: Apr 2011
Location: North Africa
Posts: 1,576
Reputation: 365
Default Re: SafeCon - Protect your RCON against unwanted access

Epic Release , Thanks Mauzen
Naruto_Emilio is offline   Reply With Quote
Old 14/05/2011, 11:32 AM   #9
[S]trong
Guest
 
Posts: n/a
Default Re: SafeCon - Protect your RCON against unwanted access

nice
  Reply With Quote
Old 14/05/2011, 11:36 AM   #10
••• ĤΑĶΑM •••
Huge Clucker
 
••• ĤΑĶΑM •••'s Avatar
 
Join Date: Aug 2010
Location: C:/windows/system32/hakam.dll
Posts: 278
Reputation: 0
Default Re: SafeCon - Protect your RCON against unwanted access

Pretty much nice - but for the white list, I don't think it's recommended for anyone who has a dynamic IP address.
__________________
I don't care.
••• ĤΑĶΑM ••• is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[FilterScript] [FS] RCON-manager (control your server easier from RCON-console) Correlli Filterscripts 34 09/04/2015 08:28 PM
I get unwanted error! :( nuriel8833 Help Archive 4 24/04/2011 08:23 AM
Cannot access rcon with 0.3b FoxtrotZulu Server Support 1 13/08/2010 08:50 PM
Unwanted Message Showing sidhu123 Help Archive 20 24/03/2009 12:11 AM


All times are GMT. The time now is 08:04 AM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.