Hi

I am part of a clan from australia on game arena. Our teamspeak server which is on a win xp system was exploited last night by an unknown person. another clan's teamspeak server which was set on a rented linux shell, was exploited not too long ago too with similar attacks.

last night 29th march, a person going by the name of guest came onto the server, used a flood bot to join/part the server with clones, they also removed all our CA rights. an SA was idle on the server and nothing happened to him, ie his SA rights wernt taken away.

i have been looking into this for about a week or so now, i havent been able to find any direct information regarding this. i have read about securing the server by limiting access rights to users and this has been done.

the main thing i have been looking for is a patch to fix this exploit. if this exploit is not known by the developers i am happy to do some more research in this to find it out.
if someone can use bruteforce to crack a password, can it be set to ban the ip after 3 attempts?

it is becoming a real problem for us and we need to get it fixed so we can go on with our gaming.

if there is anything that can be done please help me.

thanks :)

Is your server the latest version? ( Check the downloads section for that )

And also check the 3rd party application forum, especially the topics for TS2PerlMod, AFD ( Anti Flood Daemon ) and the like. These 3rd party program's block alot of flooding attempts.

Is your server the latest version? ( Check the downloads section for that )

And also check the 3rd party application forum, especially the topics for TS2PerlMod, AFD ( Anti Flood Daemon ) and the like. These 3rd party program's block alot of flooding attempts.

That would include the beta version. I would recommend upgrading to them.

last night 29th march, a person going by the name of guest came onto the server, used a flood bot to join/part the server with clones, they also removed all our CA rights. an SA was idle on the server and nothing happened to him, ie his SA rights wernt taken away.


Take a min to add guest, guest1 to your badnames.txt file in the server directory as well as any other form of guest that some kid might think of. This will force them to use another name, it may discourage some of the lil hacker wannabes, it will say "Bad Logon (name and/or passowrd)" when they try to logon with guest.

Also dont forget to turn all the logs on in server.ini by replacing the 0's with 1's, this will help you get there IPs in the event that you may want to track them down.

This will not by any means stop them, but there a lot less people attepting stupid crap on my servers.

hi

thankyou so much for your replies,
i have noticed we can upgrade to the beta version, we will also add the anti flood and add 'guest' to bad names.
one question re bans/badnames, do wild cards work? ie 'guest*' and i will check to see that all loging is turned on.

once again thankyou, i and others really appreciate your help :D

hi

thankyou so much for your replies,
i have noticed we can upgrade to the beta version, we will also add the anti flood and add 'guest' to bad names.
one question re bans/badnames, do wild cards work? ie 'guest*' and i will check to see that all loging is turned on.

once again thankyou, i and others really appreciate your help :D

Nope, just names and numbers. ie guest1 guest2 ...... so on and so forth, I went to 100 just to be sure. Speakin of which, I just had some rectal itch named DGMurdockIII jumped on one of my servers and started screaming. I guess thats all he could do, not much esle he could do but be annoying.

i made a generator that will generate guest1, guest2, etc etc. it doesnt write to a file, it just prints up in the dos prompt and the buffer runs out at about 290 but feel free ot use it, saves typing out line after line.
just compile it in devc++ as a C project

#include <stdio.h>
main()
{
int a,b;
printf("Enter the name you want to use: ");
scanf("%s",&a);
printf("Enter end figure: ");
scanf("%d" ,&b);
int count;
count=0;
printf(" \n");
while (count < b)
{
++count;
printf("%s",&a);
printf("%d" ,count);
printf(" \n");
}
printf(" \n");
printf("Press any key to exit ");
while (!kbhit()) {};
}

Concerning disallowing "nickless" joining of the server:
Just adding "Guest1" to the badnames.txt should be sufficient. Of course somebody can then go ahead and name himself e.g. Guest1337, but the server will not ever auto-assign *ANY* nick-name once Guest1 is on that list because the server will only even try and assign a Guest2 (or higher) as nick-name if Guest1 is already taken, which should never occure once Guest1 is a badname.

Concerning disallowing "nickless" joining of the server:
Just adding "Guest1" to the badnames.txt should be sufficient. Of course somebody can then go ahead and name himself e.g. Guest1337, but the server will not ever auto-assign *ANY* nick-name once Guest1 is on that list because the server will only even try and assign a Guest2 (or higher) as nick-name if Guest1 is already taken, which should never occure once Guest1 is a badname.

Very true for auto assigned nicks, unfortunatly I see people often login as guest26, 44, 69, 99. Since this is done via default login name it is just like adding any name to bad_names.txt. Just a personal preferance. Its like pullin weeds to me, you have to find the ones that dont grow in the big patch, the ones in spots where most folks dont look, those are the most annoying. :cool:

I just wish that I could add wildcards to bad_names.txt to add to names like peins, cock or anal, this morning I had a guy named penisnase login and start trouble, last night some guy name analrocket did the same thing.