Invictus 24 Posted March 21, 2014 Share Posted March 21, 2014 Hi everyone, I'm currently developing my client and so on, I'm nearing the end of bug fixing and new implementations. Obviously in this world there are some people whom strive to take down your server to bring your server to theirs further increasing population and possible profits. For obvious reasons I need to know the known exploits so I can close them on my own to prevent anyone from accessing and destroying/coping & releasing my SF,DB/Client. I'd appreciate it if someone could inform me of the known exploits, I've blocked the one in the game file using the dif. my 3306 port is closed blocking access to my database, but these are the only ones i'm aware of. Also i'd appreicate if it someone could direct me to a good client encryption software because i've got some new custom made stuff within my client that i'd prefer to keep on my server alone. thanks! Also, i'd like to say thanks for help in fixing the bugs up to this stage! Link to comment Share on other sites More sharing options...
Rumor 2631 Posted March 22, 2014 Share Posted March 22, 2014 you should block your bind port (usually 15000) and your P2P ports from external access. Only allow the server to access them. Set your server admin page ip and password in the CONFIG files. make sure you're using a game core without a backdoor in it, if you aren't sure you should ask and someone can get you the fix for it. 1 Link to comment Share on other sites More sharing options...
Invictus 24 Posted March 22, 2014 Author Share Posted March 22, 2014 thanks, just gotta check about the game core possible backdoors. Link to comment Share on other sites More sharing options...
Dr.Heisenberg 7 Posted March 22, 2014 Share Posted March 22, 2014 Hey Guy , u should tunnel ur SSH check this tutorial out http://chamibuddhika.wordpress.com/2012/03/21/ssh-tunnelling-explained/ of curse you should use random ports from 3000 - 65555 by the way , make sure that ur root password have more then 20 characters something like this $61)|.#oscar(-delta}>x-ray*=YANKEEDELTAYANKEE/*'3%victor and no bruteforce ever can find your password and Dont install an apache @ the root server cause there are known vulvns... greets Hiro 1 Link to comment Share on other sites More sharing options...
Premium Shogun 4614 Posted March 22, 2014 Premium Share Posted March 22, 2014 Set up key authentication for ssh and disable Password auth and root login. 1 Link to comment Share on other sites More sharing options...
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now