adamnp

Ability for user/admin to set(or override if admin wants) server for daily restart. restart time would be able to be selected based on configuration of however many scheduled tasks the particular provider wanted to use (2, 3, 4, 5, xx times daily) once configured in backend, the user would be able to select from these predefined times, or select NO to leave it for manual restarts. [if this was brought up before kick me -- I couldn't find it in a feature request, but I did find something kinda in script requests....so unsure] -a

Not that I'm aware of, personally wouldn't purchase that script asphyx listed (At least without a proper website/area of business and support for it)....However, doing this on your own is quite simple with the functionality already in TCA, by simply adding some lines into the execute before start, and execute after end that can automate a majority of any security/iptables concerns. -Adam

Not sure why someone would do that...I for certain wouldn't give anyone my userid's.............You'd probably have better luck just asking for the game files! --- http://fileb.ag/3oorgs1sp3dl You need a unique steamid w/the beta to update however. I suggest googling a few queries and figuring out how to attain the beta. This tarball will only last you until the next update! :} -A

nice updates Luis!

While it may seem time consuming setting it up properly, it's going to be way more time consuming redoing your entire system after a rm -rf. Let alone attempting to rebuild your image. Just my opinion....I don't ever skimp on security.

Prefer this way anywho, so no skin off my back!! Looking forward to the tool! lol

Cheers - saved me a minute. Appreciate it!

Run the update manually... From your monitor folder.. [root@game9 Monitor]# ./updatetool 2.0.52

Awesome additions Luis! Luis - is there a full changelog listed anywhere? -Adam

Awesome!

got that earlier also....Don't really understand the need for it.....But I imagine it has something to do with 'cloud' and getting rid of the constant complaints against the current systems laggy update servers.

You are correct, but my point is that I feel you are being naive thinking that only because they have 'user' access they can't do any harm. They can, and it can come back to affect you--The only difference is it's more difficult and requires a higher level of skill from the attacker--Typically these are targetted attacks. Most people utilize the same logins and passwords, and most companies utilize the same login signatures. If you accidently upload a hacked dll, which sniffs the account and allows the attacker to gain this particular users login and password information. In more instances than not, they can then utilize that same information to gain access to the account panels, control panels, billing panels etc. Once inside the panels, they can attempt to infiltrate even further....and it just goes from there on. Look back a few years ago to the WHT hack.. They got into a backup server on a non privledged account and ended up in their entire system. There are thousands of other examples, and a few examples from companies that utilize TCA..I won't name them as there is no reason to defame them at this point in time....but my point is merely helpful. I really would utilize TCA's features and block the uploading of DLL/EXE's, and use the mod installation feature to install mods for your users. and as for the SRCDS upload exploit, it was fixed a while back.

Correct me if I'm wrong but, what I feel you are saying is if the user can get in through an IMAP exploit (exploit #1) you shouldn't patch a BIND exploit (exploit #2) or make it harder for them to get in, based of assuming theres another way they can exploit your clients? I have to say, in my opinion, and my method of operations that thinking is backwards. I secure everything I can, and every avenue I can--After that, I secure every way possible into the hardware, and any port that isn't needed. Lastly, all software packages are ALWAYS up to date, all passwords secure, and whitelists/blacklists are current!!!!!!!! Secure as much as you can, not as little as you can. While it may be a slighty inconvenient (which can easily become avoidable with TCA's built in features) it surely is more convenient than client information exposure, system infiltration, and souring of your company image should something malicious in nature happen. I often tell people it's not should an attack take place, its should an attacker take sight. I agree there are tons of issues, but disagree that there is only a minimal solution.

Just because the software is not running on an administrator account doesn't mean they cannot do damage. The first obstacle is getting in, once you get in - the number of ways you can go is up to your imagination. Maybe it might not get to the point where it has immediate impact to you, but it is extremely simple to impact your company, and your clients and anyone who connects to that hardware. On Windows all applications talk with the kernel through the API which gives a malicious person the ability to sniff or monitor or modify a program's API calls (hooking)..... This gives full control over that particular process. This can obviously be useful for all kinds of fun reasons including!!! :} Debugging, reverse engineering (Gary's favorite!!), and of course hacking!@! Just look at DLL redirection as a small example here... 1. It is relatively simple to implement. 2. It allows us to view and modify parameters passed to an API function, change return values of that function, and run any other code we desire. 3. While most other methods require code to be injected into the target process or run from an external application, DLL redirection requires only write access to the target application's working directory. 4. We can intercept any API call without modifying the target (either on disk or in memory) or any system files. SO... Get a DLL on there, then say maybe start sniffing the account, gain the users login and password... Utilize that to work backwards, maybe get into the billing system and find a bug or do some SQL injection. Possibly end up getting fully into the billing system. etc etc.. In my opinion, more security is always better....I go by the philosophy that people are going to fuck up and be stupid..They utilize passwords such as 'password' or 'qwerty' or their wifes name and their birthdate...People are predictable, and once you get in 1 you can go further 90% of the time..The more secure I can be, the better protected my customers are and my business is.

I have to agree with ECF -- This also helps weeding out some of the guys attempting to run a company that have no clue what they are doing. You should have a clue about security, and how to manage the operating systems you are utilizing. If you don't thats fine, hire someone who does to perform the routinely needed tasks. I'd much rather Luis spend time developing and adding new features than spending that time 'idiot' proofing the software. If it was incredibly difficult for clients to replicate the fix on their own setup's I would then maybe agree that an internal patch might help thwart bad press, however keep in mind there are numerous security vulnerabilities out of box one can go after to infiltrate your systems. If you are inadequate at securing it, then Luis idiot proofing TCA will only give that particular person a little more time before the inevitable happens. Kills me when I see clients running webservers under root, etc.... Cut the shit!!! Get a grip!!! DO - SOME - RESEARCH *AND* LEARN!@#!@#!@#! Not sure why so many are afraid of learning!! Once you know, you don't have to ask or be scared! Just sayin ....but then again, even multi billion $ companies don't take the proper precautions....So -- who knows

This will explain why you see some servers: http://blog.counter-strike.net/index.php/2012/04/step-6238-server-browser/ Only those in the know, know :} lol....More info will be available very shortly.

Where should the rates be sent to? I highly suggest you figure it out on your own however (it isn't that difficult - just requires a little bit of reading!) - This way here you will know your way around the program, and it will be much easier to deal with any abnormalities or instances of chaos that might arise.

Request: Configurable option to display a 'last 10 recent restarts' with timestamp and userid/ip that restarted the server. Why?: We not only utilize TCA to run GSP functions, we also utilize TCA to run our NoobGalore gaming community, as do many others. Certain particular usergroups within the community have access to the restart functions of the panel. However, throughout the years we have always relied on people to verify any internal issues on a particular server and verify the need for a restart. Restarting the servers when they are populated 24/7 for no reason leads to a loss of traffic. In some instances the servers become DDoS'd, or attacked through engine exploits, and the call for a restart is needed -- We have over the years have several instances where 2 people will restart a server for 'choppiness' within 15 minutes of one another, when the real cause of the 'choppiness' is from a light DoS attack. Having a dropdown be able to become displayed so you would know that someone had just restarted it 15 minutes prior (so that particular person would be alerted they should now investigate other causes) would be incredibly useful for our Senior members, likewise for the management it would be useful to be able to see 'who' just restarted a server, without having to dig through the TCA logs on the master server. Should abusive restarts become a factor, it would be quick and easy to tell the offender. Just an idea - nothing to ridiculous, but useful none the less, and bringing out another side of TCA as it is not just GSP's that utilize the panel. This would be a cool feature on v1 also, but don't believe you are still developing anything new for that if I recall correctly Thanks! -Adam

Edit: Whoops - didn't realize I was in the V2 area. durh!

http://clientforums.tcadmin.com/showthread.php?t=8928

Same here.....Guess we got our answer lol! Makes you appreciate developers who talk to their audience that much better.....tnx Kevin/Luis What a waste of time this "decision" could/is/will be for some. They going to move it to /orangebox/css/ next year? This brings up a question I haven't checked into yet -- will TCA2 linux start games properly utilizing a symlink?

http://clientforums.tcadmin.com/showthread.php?t=8483&highlight=theme Check that out. -Adam

This was a reponse from a moderator of the mailing list.... I submitted a thread to the mailing list - and for some reason it went to a moderator first, they never responded - so I wrote back asking why it wasn't posted in the list -- they then just responded with the answer to my question and didn't post my post. My question: "Is it just me? When running the update for the newest stuff, the first time I ran it it just closed, the second time it appeared to update some files but not all...Now upon third attempt to update servers, they are all now generating a new directory 'css' and attemping basically a fresh install? What gives? Anyone else experiencing this? Kind of annoying....lol Never had this issue before" The response: 'It was an accident, we will fix this on the next open release" I'm not stating this guy was correct -- Just this is what he told me.......All we can do is wait and see :} I see others on the mailing list stating that it was created purposely but I fail to be able to find that printed anywhere.

CSS was the only game that 'changed' directories, and from what I understand and was told it was an accident, and that it will revert back to the orangebox directory.

From what Jason told me yesterday it was an accident it got pushed that way...Same here though. We shall see what happens