Jump to content
For maintenance and updates, the community will be offline on 31 December 2022 ×
!-->
  • 0

What are the base elements to do for a working and secure FreeBSD system to run Metin2 server?


Arvydas

Question

Hello,

I would like to know what to do on a FreeBSD to make it 100% compatible with Metin2 and to be secure.
I know MySQL server is needed for the database. What else? And how to make the system secure against attacks and exploits? (DDoS protection is provided)

Link to comment
Share on other sites

1 answer to this question

Recommended Posts

  • 0
  • Premium

There's no single "Metin2" set of files but generally speaking you'd need to install 32 bit compatibility libraries.

As for system security:

Create a non-root user. Put your game in his home directory. Add him to the wheel group. Create ssh keys for him.

Disable Permit Root Login, Password Authentication, Challenge-Response Authentication, PAM in /etc/ssh/sshd_config so you can only login with this ssh-key. You can always use IPMI/KVM/etc on an emergency. Change the SSH port to some random high number between 32000 and 65000. Restart sshd_config.

Do not bind mysql server to a public IP and if you have to, use an IP whitelist in PF or in a hardware firewall like OVH's. If you use Navicat and such, use SSH authentication. Do not leave port 3306 open to public.

Do not bind db to a public IP, and if you have to, whitelist the necessary IPs.

Install pf and set it up to accept only the necessary ports. If you have less than 15 ports that need opening, you can use the OVH firewall if you are in OVH.

There's hundreds of exploits working on the original leaked source. Get some good files like martysama's.

As for DDoS protection: use Cloudflare. Use origin pulls. Whitelist Cloudflare IPs. Set rate limits on NGINX. Set timeouts. Cache database accesses such as "Top Players" to not directly execute expensive database queries which are easy targets for DDoS.

I could go on, but the only good answer here is, if you're serious about doing something, get someone who knows his stuff.

  • Love 1

Currently working on my FreeBSD blog:

FreeBSD is Fun, practical tutorials and articles

⚠️                Are you under attack?               ⚠️

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×
×
  • Create New...

Important Information

Terms of Use / Privacy Policy / Guidelines / We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.