Addon Details

Watch - Add Favorite


ServSecurity ScreenShot

( More Images )

73
w00ts
w00t!2

ServSecurity - Version 0.8.3

posted on 2009-10-03 10:10:09
by [Dark_Session]



download  Download Current Version

Description

English
ServSecurity is a powerful script to prevent server lags, hacking attemps, abuse and crashes.

  1. Blocks harmful commands
    Commands which can lag or crash the server
    get blocked
  2. Blocks connection-flooders
    Users who use a script that will automatically
    reconnect to the server will get banned (by IP)
    Quote:
    [ServSecurity 12.02.2010 14:02:38] [Information] Player 'A Player...' connected with ip '**.**.***.**' (attemp number 1)
    [ServSecurity 12.02.2010 14:02:38] [Information] Player 'A Player...' connected with ip '**.**.***.**' (attemp number 2)
    [ServSecurity 12.02.2010 14:02:38] [Information] Player 'A Player...' connected with ip '**.**.***.**' (attemp number 3)
    [ServSecurity 12.02.2010 14:02:39] [Information] Player 'A Player...' connected with ip '**.**.***.**' (attemp number 4)
    [ServSecurity 12.02.2010 14:02:39] [Information] Player 'A Player...' connected with ip '**.**.***.**' (attemp number 5)
    [ServSecurity 12.02.2010 14:02:39] [Warning ] Player A Player... kicked for too many connection attemps
    [ServSecurity 12.02.2010 14:02:39] [Information] IP '**.**.***.**' banned for '86400' minutes
  3. Blocks the RCON-password-crash exploit
    Blocks the exploits which can crash the server
    after too many bad passwords
  4. Crashreporter [cstrike/addons/eventscripts/servsecurity/crashreport.txt]
    Reports server crashes (this often includes server reboots)
    Quote:
    Server crash detected! Server crashed at 11.02.2010 08:08:33. Restarted at 11.02.2010 08:08:52
  5. Blocks 'STEAM_ID_PENDING' users
    Quote:
    L 02/14/2010 - 20:29:02: "A Player...<1431><STEAM_ID_PENDING><Unassigned>" joined team "CT"
    [ServSecurity 15.02.2010 20:29:03] [Information] Player 'A Player...' was kicked because his Steam-ID wasn't validated
    L 02/14/2010 - 20:29:03: "A Player...<1431><STEAM_ID_PENDING><CT>" disconnected (reason "Kicked by Console : [ServSecurity] Your Steam-ID is still pending, please try again")
  6. Protects server variables (for example the rcon-password)
    Quote:
    [ServSecurity 11.02.2010 09:09:36] [Warning ] Variable 'rcon_password' was changed to 'hacked', forced back to '(***PROTECTED***)'
  7. Checks for out-of-date plugins
    Quote:
    [ServSecurity 11.02.2010 15:03:57] [Important ] Your 'Mani Admin Plugin' is out of date! Current versions are '1.2T VSP', '1.2T SMM', you use '1.2BetaS VSP' - Download-Homepage: http://mani-admin-plugin.com/
  8. Kicks user with illegal characters in the username
    Quote:
    L 02/15/2010 - 14:45:40: [ServSecurity 15.02.2010 14:02:40] [Information] IP '192.168.1.33' banned for '86400' minutes
    L 02/15/2010 - 14:45:40: [ServSecurity 15.02.2010 14:02:40] [Warning ] Player '*Colored username :P*' kicked for using illegal characters
    L 02/15/2010 - 14:45:40: "*Colored username :P*<3><STEAM_ID_PENDING><>" disconnected (reason "Kicked by Console : [ServSecurity] Your username contains illegal characters")
  9. Blocks text with illegal characters
    Quote:
    L 02/15/2010 - 14:48:12: [ServSecurity 15.02.2010 14:02:12] [Warning ] Blocked text from 'Dark Session' (userid '2') which contains illegal chars
    L 02/15/2010 - 14:48:12: [ServSecurity 15.02.2010 14:02:12] [Warning ] Blocked text from 'Dark Session' (userid '2') which contains illegal chars
    L 02/15/2010 - 14:48:13: [ServSecurity 15.02.2010 14:02:13] [Warning ] Blocked text from 'Dark Session' (userid '2') which contains illegal chars
    L 02/15/2010 - 14:48:13: [ServSecurity 15.02.2010 14:02:13] [Warning ] Blocked text from 'Dark Session' (userid '2') which contains illegal chars
    L 02/15/2010 - 14:48:13: [ServSecurity 15.02.2010 14:02:13] [Information] IP '192.168.1.33' banned for '86400' minutes
    L 02/15/2010 - 14:48:13: [ServSecurity 15.02.2010 14:02:13] [Important ] Player 'Dark Session' kicked and banned for using illegal characters in his messages
    L 02/15/2010 - 14:48:13: "Dark Session<2><STEAM_0:1:1234567><TERRORIST>" disconnected (reason "Kicked by Console : [ServSecurity] Kicked and banned for using illegal chars in your messages!")
  10. Blocks the exploit to bypass the team-choice
    Quote:
    L 02/15/2010 - 14:38:10: [ServSecurity 15.02.2010 14:02:10] [Important ] Kicked player 'Dark Session' for using the unassigned exploit
    L 02/15/2010 - 14:38:10: "Dark Session<3><STEAM_0:1:1234567><Unassigned>" disconnected (reason "Kicked by Console : [ServSecurity] Detected: Unassigned exploit"
  11. Protects files
    Quote:
    [ServSecurity 20.03.2010 08:46:01] [Important ] WARNING: FILE *\cstrike\cfg\server.cfg WAS MODIFIED!

    [ServSecurity 20.03.2010 08:46:01] [Warning ] File '*\cstrike\cfg\server.cfg' restored!
    [...]
    [ServSecurity 20.03.2010 12:03:26] [Important ] Illegal file '*\cstrike\cfg\mani_admin_plugin\adminlist.txt' removed
  12. Protects against the disconnect exploit / Removes custom disconnect messages
  13. Limits the commands 'status' and 'ping'
  14. Kicks users with clientside Plugins like Eventscripts or LUA (1.2)
  15. Blocks the changelevel exploit
  16. Anti-Namehack
  17. Checks client variables (sv_cheats and sv_allow_wait_command)
  18. Popup (pending) crash exploit blocker



Deutsch
ServSecurity ist ein leistungstarkes Script welches vor Server Lags, Crashes, Hackversuchen und Missbrauch schützt.

  1. Blockt schädliche Commands
    Commands welche den Server zum laggen/crashen bringen
    werden geblockt
  2. Sperrt "Connection"-Flooders aus
    User welche ein Connection-Script benutzen, welches
    automatisch neu verbindet werden gebannt (IP-Ban)
    Quote:
    [ServSecurity 12.02.2010 14:02:38] [Information] Player 'A Player...' connected with ip '**.**.***.**' (attemp number 1)
    [ServSecurity 12.02.2010 14:02:38] [Information] Player 'A Player...' connected with ip '**.**.***.**' (attemp number 2)
    [ServSecurity 12.02.2010 14:02:38] [Information] Player 'A Player...' connected with ip '**.**.***.**' (attemp number 3)
    [ServSecurity 12.02.2010 14:02:39] [Information] Player 'A Player...' connected with ip '**.**.***.**' (attemp number 4)
    [ServSecurity 12.02.2010 14:02:39] [Information] Player 'A Player...' connected with ip '**.**.***.**' (attemp number 5)
    [ServSecurity 12.02.2010 14:02:39] [Warning ] Player A Player... kicked for too many connection attemps
    [ServSecurity 12.02.2010 14:02:39] [Information] IP '**.**.***.**' banned for '86400' minutes
  3. Blockt das RCON-Passwort-Crash-Exploit
    Blockt den Exploit, welches den Server crashen kann,
    nach zu vielen Falscheingaben den RCON-Passworts
  4. Crashreporter
    Meldet Server-Crashes (dazu zählen oft auch Server-Neustarts)
    Quote:
    Server crash detected! Server crashed at 11.02.2010 08:08:33. Restarted at 11.02.2010 08:08:52
  5. Blockt 'STEAM_ID_PENDING' User
    Quote:
    L 02/14/2010 - 20:29:02: "A Player...<1431><STEAM_ID_PENDING><Unassigned>" joined team "CT"
    [ServSecurity 15.02.2010 20:29:03] [Information] Player 'A Player...' was kicked because his Steam-ID wasn't validated
    L 02/14/2010 - 20:29:03: "A Player...<1431><STEAM_ID_PENDING><CT>" disconnected (reason "Kicked by Console : [ServSecurity] Your Steam-ID is still pending, please try again")
  6. Schützt Variabeln (unter anderem das RCON-Passwort) vor Änderungen
    Quote:
    [ServSecurity 11.02.2010 09:09:36] [Warning ] Variable 'rcon_password' was changed to 'hacked', forced back to '(***PROTECTED***)'
  7. Findet veraltete Plugins
    Quote:
    [ServSecurity 11.02.2010 15:03:57] [Important ] Your 'Mani Admin Plugin' is out of date! Current versions are '1.2T VSP', '1.2T SMM', you use '1.2BetaS VSP' - Download-Homepage: http://mani-admin-plugin.com/
  8. Kickt User mit verbotenen Zeichen im Usernamen
    Quote:
    L 02/15/2010 - 14:45:40: [ServSecurity 15.02.2010 14:02:40] [Information] IP '192.168.1.33' banned for '86400' minutes
    L 02/15/2010 - 14:45:40: [ServSecurity 15.02.2010 14:02:40] [Warning ] Player '*Colored username :P*' kicked for using illegal characters
    L 02/15/2010 - 14:45:40: "*Colored username :P*<3><STEAM_ID_PENDING><>" disconnected (reason "Kicked by Console : [ServSecurity] Your username contains illegal characters")
  9. Blockt Text mit verbotenen Zeichen
    Quote:
    L 02/15/2010 - 14:48:12: [ServSecurity 15.02.2010 14:02:12] [Warning ] Blocked text from 'Dark Session' (userid '2') which contains illegal chars
    L 02/15/2010 - 14:48:12: [ServSecurity 15.02.2010 14:02:12] [Warning ] Blocked text from 'Dark Session' (userid '2') which contains illegal chars
    L 02/15/2010 - 14:48:13: [ServSecurity 15.02.2010 14:02:13] [Warning ] Blocked text from 'Dark Session' (userid '2') which contains illegal chars
    L 02/15/2010 - 14:48:13: [ServSecurity 15.02.2010 14:02:13] [Warning ] Blocked text from 'Dark Session' (userid '2') which contains illegal chars
    L 02/15/2010 - 14:48:13: [ServSecurity 15.02.2010 14:02:13] [Information] IP '192.168.1.33' banned for '86400' minutes
    L 02/15/2010 - 14:48:13: [ServSecurity 15.02.2010 14:02:13] [Important ] Player 'Dark Session' kicked and banned for using illegal characters in his messages
    L 02/15/2010 - 14:48:13: "Dark Session<2><STEAM_0:1:1234567><TERRORIST>" disconnected (reason "Kicked by Console : [ServSecurity] Kicked and banned for using illegal chars in your messages!")
  10. Blockt den Exploit welcher ermöglicht die Teamwahl zu umgehen
    Quote:
    L 02/15/2010 - 14:38:10: [ServSecurity 15.02.2010 14:02:10] [Important ] Kicked player 'Dark Session' for using the unassigned exploit
    L 02/15/2010 - 14:38:10: "Dark Session<3><STEAM_0:1:1234567><Unassigned>" disconnected (reason "Kicked by Console : [ServSecurity] Detected: Unassigned exploit"
  11. Schützt Dateien
    Quote:
    [ServSecurity 20.03.2010 08:46:01] [Important ] WARNING: FILE *\cstrike\cfg\server.cfg WAS MODIFIED!

    [ServSecurity 20.03.2010 08:46:01] [Warning ] File '*\cstrike\cfg\server.cfg' restored!
    [...]
    [ServSecurity 20.03.2010 12:03:26] [Important ] Illegal file '*\cstrike\cfg\mani_admin_plugin\adminlist.txt' removed
  12. Schützt vor dem Disconnect-Exploit / Entfernt Custom Disconnect-Nachrichten
  13. Limitert die Commands 'status' und 'ping'
  14. Kickt user mit Clientside Plugins wie Eventscripts oder LUA (<= 1.2)
  15. Blockt den changelevel Exploit
  16. Anti-Namehack
  17. Client Variable Prüfung (sv_cheats und sv_allow_wait_command)
  18. Popup (pending) crash exploit Blocker


Important Notes
  • ServSecurity don't protect your server from (D)DoS. To protect you from DoS use this plugin:
    http://www.sourceop.com/modules.php?nam ... load&cid=9
  • ServSecurity generally don't protect against any attacks from outside. At the moment its impossible to realize this in Python.
  • To check the client variable "sv_cheats" please use this script:
    http://addons.eventscripts.com/addons/view/enforcevars
  • You can't use ServSecurity on a server with sv_cheats 1
  • Please use secure rcon-passwords!
  • ServSecurity DONT protect you from hacks like aim-bots or wallhacks

Installation

English
*Please read the readme*

Deutsch
*Bitte lies die Readme*

Version Notes For 0.8.3

Updated on: 2010-05-12 20:50:40 EST by [Dark_Session] (View Zip Contents)
  • Fixed: Bugs
  • Updated: Every disconnect message will be replaced with 'Disconnect by user.'


( Previous Versions )

Find Servers

Servers running this addon.

Discussion

Forum Link: http://forums.mattie.info/cs/forums/viewtopic.php?t=33974