WARNING - Gmod Servers

[Benheryet]

Make sure you keep an eye on your restrictions for clients to upload (.dll, .bat, .cmd, .exe etc).

 

I recently had a client use GMOD Lua script to open command prompt, remove/change the password for the dedicated server. Then they logged into the server using remote desktop, and uninstall TCAdmin and all client files. They then removed a ton of system files (including boot.ini) which meant when I rebooted to recover the password, the system would not evan boot. Resulting in me having to reformat the hard drive and start for scratch.

 

Don't let this happen to you.

[HIS-MOTHER]

dll, .bat, .cmd, .exe are restricted by default in TCA. Removing those restrictions is asking for trouble as we can see by your results.

[Benheryet]

dll, .bat, .cmd, .exe are restricted by default in TCA. Removing those restrictions is asking for trouble as we can see by your results.

 

Yeah, but then with GMOD servers a lot of clients require .dlls upload.

 

I removed all restrictions which was a bad idea.

 

Im not sure if they can do the same results with dll's (they used exe + bat with me), so you goto watch out.

[{-SMAKU-}_MotorMouth]

I have installed mods for rFactor that had a bad .dll file. When it was installed it completely took the server offline when the server crashed. It took us for ever to find out the cause. When customers ask me to open it I say nope. They don't like it but they will get over it or go somewhere else.

[HIS-MOTHER]

The best thing to do is configure all mods for installation via TCA mod installation packages. This way you know what is going is is legit.

 

Yeah it's a pain in the ass but a small inconvenience is better than knocking the entire box offline or worse have to reload it.

[studeggle]

Yeah, but then with GMOD servers a lot of clients require .dlls upload.

 

I removed all restrictions which was a bad idea.

 

Im not sure if they can do the same results with dll's (they used exe + bat with me), so you goto watch out.

 

Not true you do not have to allow dll's with gmod. And yes there are a couple dll mods out there that will allow client full control of your box. There is a very good reason for those files being restricted by default.

[{-SMAKU-}_MotorMouth]

The best thing to do is configure all mods for installation via TCA mod installation packages. This way you know what is going is is legit.

 

Yeah it's a pain in the ass but a small inconvenience is better than knocking the entire box offline or worse have to reload it.

 

 

That's what I always do. The problem is it also installed the file on about 7 boxes. dll files can be a headache that's why we will not allow customers to upload them.

[jcroom]

sigh, I think there are ways around these things for instance the cod series, if someone was smart enough, you could just pack the .dll's in a pk3 and somehow call them from the mod.

[KingJ]

The best solution is to run the servers as a restricted user, hence they can only damage their own server. Until then though, restricting DLL files is the way to go. We recently did it and after we got most of the popular addons on and verified we've had no complaints. If a customer asks for a specific DLL, ask for the source code and compile it yourself to be sure.

[Magnetar]

I had one GMOD guy that loaded a hack with the restrictions all on.

Somehow he changed the filename to an exe and started it with LUA scripts.

He was looking around at all the files in the server box when I busted him,

I just happened to be on that box and saw it running.

[Defcon|Rich]

I read on one of the security forums recently that today's "hackers" are far less sophisticated but accomplish far more in light of this. The chief reason being the amount of systems online with either zero protection or clueless sys. admins.

 

 

TCAdmin is a control panel, It won't guard your server or wash your car. It's only purpose is to launch game servers.. Sure it has certain security features built in but it shouldn't be used as your servers protection.