Jump to content
  • 0
Sign in to follow this  
Invictus

Protecting Server from exploits?

Question

Hi everyone, I'm currently developing my client and so on, I'm nearing the end of bug fixing and new implementations. Obviously in this world there are some people whom strive to take down your server to bring your server to theirs further increasing population and possible profits.

 

For obvious reasons I need to know the known exploits so I can close them on my own to prevent anyone from accessing and destroying/coping & releasing my SF,DB/Client.

 

I'd appreciate it if someone could inform me of the known exploits, I've blocked the one in the game file using the dif. my 3306 port is closed blocking access to my database, but these are the only ones i'm aware of.


Also i'd appreicate if it someone could direct me to a good client encryption software because i've got some new custom made stuff within my client that i'd prefer to keep on my server alone.

 

 

thanks!

 

Also, i'd like to say thanks for help in fixing the bugs up to this stage!

Share this post


Link to post

4 answers to this question

Recommended Posts

  • 0

you should block your bind port (usually 15000) and your P2P ports from external access. Only allow the server to access them.

 

Set your server admin page ip and password in the CONFIG files.

 

make sure you're using a game core without a backdoor in it, if you aren't sure you should ask and someone can get you the fix for it.

 

 

  • Love 1

Share this post


Link to post
  • 0

thanks, just gotta check about the game core possible backdoors.

Share this post


Link to post
  • 0

Hey Guy ,

 

u should tunnel ur SSH

 

check this tutorial out http://chamibuddhika.wordpress.com/2012/03/21/ssh-tunnelling-explained/

 

of curse you should use random ports from 3000 - 65555

 

by the way , make sure that ur root password have more then 20 characters

 

something like this $61)|.#oscar(-delta}>x-ray*=YANKEEDELTAYANKEE/*'3%victor

and no bruteforce ever can find your password

 

and Dont install an apache @ the root server cause there are known vulvns...

 

greets Hiro

 

 

  • Love 1

Share this post


Link to post
  • 0

Set up key authentication for ssh and disable Password auth and root login.

  • Love 1

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.