My server got Hacked the guys name was JOE he registered then some how became ADMIN then Channel Admin and banned everyone Just wanted to let everyone know

My server got Hacked the guys name was JOE he registered then some how became ADMIN then Channel Admin and banned everyone Just wanted to let everyone know

that is becuse your server must be set up when you give out (R) they get the rights to allso make themselives (CA) with the powers to ban remove channel comander rights from (R) users and that wont happen again

This also happened to me. It had nothing to do with permissions. The "unregistered" person asked an admin to right click on their name and type "ear" because that is the only way their headphones work. Once the admin typed the letter "e" all players currently on the server was banned and they took over as the server admin. By the way everyone was also removed from the Manager's listing. The only way I brought it back was to immediately pull the internet connection and go in as superadmin to remove any "unknown" users. In my case their were two. I then had a friend that had not been logged in at the time to log in with a server admin name and password I created in order to remove myself from the IP banned listing. :eek:

PS: the guys user name was crazyhijacker and since he tried to log back in within the hour I have his IP address also: 67.174.65.219. He is now banned :D

This also happened to me. It had nothing to do with permissions. The "unregistered" person asked an admin to right click on their name and type "ear" because that is the only way their headphones work. Once the admin typed the letter "e" all players currently on the server was banned and they took over as the server admin. By the way everyone was also removed from the Manager's listing. The only way I brought it back was to immediately pull the internet connection and go in as superadmin to remove any "unknown" users. In my case their were two. I then had a friend that had not been logged in at the time to log in with a server admin name and password I created in order to remove myself from the IP banned listing. :eek:

PS: the guys user name was crazyhijacker and since he tried to log back in within the hour I have his IP address also: 67.174.xxx.xx. He is now banned :D*edit removed ip

well it is a permission thing ... remove (SA)'s rights from making other (SA)'s and you can't get fooled in giveing out (SA) to make a new (SA) you got to log in to web interface , makes it a tad bit more work but safer !
good you got it back find out his isp and complain to them and see if you can get his internet conection shut down !!!

so do i take away the privileged rights

Thanks for the tips. It's done now, Ive also changed the default web access port. Consequentlly, after sleeping on it, I came to the same conclusion. By the way the whole right click "e" must be an undocumented shortcut for granting server admins...Is that correct? I just want to validate that I have no trojens running on my server ...even though Norton antivirus says it's clean. :cool:

so do i take away the privileged rights


M&M is saying that all SA's (from the client) including yourself should NOT have rights to grant server admin to anyone else. You could do this through the supeadmin only (not from the client). That way nobody can trick you or other SAs into granting SAs which could subsequentially revoke rights and ban your IP. Perhaps another method would be to remove revoking rights (i.e., other SAs cannot remove other SAs rights.) It still bothers me that other SAs could Ban other SAs if you want to maintain your banning rights as an SA.

Thanks for the tips. It's done now, Ive also changed the default web access port. Consequentlly, after sleeping on it, I came to the same conclusion. By the way the whole right click "e" must be an undocumented shortcut for granting server admins...Is that correct? I just want to validate that I have no trojens running on my server ...even though Norton antivirus says it's clean. :cool:

it's a short cut. go to your ts client and hit "alt" , notice that small lines apeer under the tabs , then hit "p" = player "e" = server admin it only key commands to grant or revoke (SA) would be nice if TS3 removed that (e) from that tab

I just had a user that kept getting banned from his own server and I figured out how the guy was doing it. The server in question did not have a user password (and second time it happened his user password was very weak - his last name). Then somebody joined the server as anonymous user. The server had the anonymous priv PrivilegeRegisterSelfByDefault turn on. This means that user was able to register himself. Not a problem. But then he also had the Registered user priv PrivilegeAdminPlayerRegister turn on. That allows a registered user to make themselves a server admin! So you get a hacker that can register themselves as an admin and it takes two seconds. So it may be a pain, but I would not turn on that Anonymous priv PrivilegeRegisterSelfByDefault. Not unless you are not going to give your Registered users any privs as well.

Stefan Lehmiller
www.holdouts.com

I am having a problem where we try to ban a person on TS because he's basically being a jerk and causing problems. We had 4 SA and CA admins there, and NONE of us could ban the guy. We'd ban him, and he'd just re-connect... no IP changing. When we went to the ban list to add him, we'd get an "error" sound when we tried to ban him, but the ban did not stick. I logged into the administration section on the web and could not find a way to add an IP there (we should have that option!)

Anyone know what's going on? We are using Linux btw.