I know that while I can log the IP addresses of users who log in, is there any way to log the IP addresses of failed log-in attempts within Teamspeak 2?

The reason I'm asking, is I am concerned about "brute force" attempts to access my server. Given enough time, anyone could eventually break any password. I am using it as a Clan Server, and it is private, and passworded(obviously), but I'd like the added security of seeing any brute force attempts early on, and ban the IP address of the source through my firewall or router.

I might sound a bit paranoid, but have heard of Clan wars heating up, and spilling over into real life. I would just like to ensure that my server doesn't get trashed because of something like this.

Additionally, if this option doesn't exist (I haven't found it in almost a complete day of searching this forum.), has anyone heard of a plug-in or utility that would fit the bill?

Thanks in advance.

this brute force will probably be directed to your webinterface (hopefully you do not have the TCPQuery open to the WAN) ?

So what about logging this attempts through your firewall ? This IS THE tool you should use to log suspecious connections. Linux offers a lot of log "warning" tools, I guess win does so as well ?

All I'm looking for is a simple way to detect failed log-ins to the server from a specific IP address. I could log all attempts to access the server, but I know that a failed log-in wouldn't raise a flag (in the firewall log), and each legitimate client accesses the port enough that if I logged all traffic to that port, I'd spend enough time inspecting port traffic that I wouldn't have time for much else. I don't have static IP addresses for all the users, so I can't make a list of allowed addresses. The only traffic I redirect from the router to the TS server is the default TS server port(8687). I also took the value out of the TCPQuery in the system.ini file. Is that enough to close the TCPQuery from others, or should I assign it a value, then block it via the firewall?

Additionally, wouldn't this just be a good trouble-shooting tool? If they hit the server, but weren't connected, it could log a reason, and if it's a bad password, the password attempted, etc. Also, now that I think about it, does TS have any kind of "lock-out" should a user try to log in too many times without the proper password? I haven't seen any mention of it in the manual or forum.

Maybe I should post this in the thread about suggestions for future versions, but honestly thought someone had already thought of it.

Thanks in advance.

All I'm looking for is a simple way to detect failed log-ins to the server from a specific IP address. I could log all attempts to access the server, but I know that a failed log-in wouldn't raise a flag (in the firewall log), and each legitimate client accesses the port enough that if I logged all traffic to that port, I'd spend enough time inspecting port traffic that I wouldn't have time for much else.
Here's where log tools come in hand .
You certainly do not need to check through the whole firewall log, just filter the important messages. Some tools allow to get an overview of how many unsuccessfull login attemp in a time period happened.

If TS(3) would offer more log options, I wouldn't be unhappy as well ;)
I also took the value out of the TCPQuery in the system.ini file. Is that enough to close the TCPQuery from others, or should I assign it a value, then block it via the firewall?
Good question, not sure if you can disable the TCPQuery interface by taking out the value in the server.ini.
What does netstate says, is this port still listening ?
Safe way: block it in your firewall !