Suggestion about SA rights.

[XStealthOpsX]

I have a good suggestion that I had thought up for awhile or two. Okay, say you got a hacker in your TS, what do you do? Here is a suggestion, whoever owns the TS server can come in, what if that hacker ban's the owner? Well, here's my suggestion, the owner can't be banned. Here's another suggestion, accessing the IP Ban's without going into teamspeak. Go into the server administration panel and you can see the IP Ban's there, just unbant the IP's that were banned from the hacker. Hopefully it won't be as complicated as it sounds . Oh, and another thing, there shouldn't be a limit on the number of letters in a Name, Channel, Subchannel, at least make it up to 20 words .

Thanks for your time,

-Dan

[Brain]

How would you identify the owner?

[DSServers]

how about with a hostmask?

[Brain]

What would be a hostmask? The opposite of a netmask?

[m&m's]

how about a safe ip list noone in the list can be baned .... so you can add ip's of your admins and all ban's go to the safe list first if your ip is listed there it dont get moved to the BAN list ... and ip's can only be added in the webadmin by a superadmin to the safe list ..

why would you need 20 words as channel name ????????????? that is what the channel description is for

[DSServers]

Reason I suggested hostmask is cause..
your hostmask isn't able to be changed.
but your IP address is able to be.

TS2 only allows for fourth octal banning (XXX.XXX.XXX.*)
But what about those that can change their IP Address at the third octal level.
Nailing the hostmask will prevent people from re-entering your server.

Also, using the hostmask in your Example would be good.
what are the chances that someone is going to have the same host
mask as you... their not.. cause the host mask is also based off your IP Address.

VB3 and php forums permit banning by hostmask.
Some security programs permit entry into the server by hostmask.

[XStealthOpsX]

What I ment by the owner is, whoever is running the Teamspeak cant be banned, then there should be a spot where the ban list is at in the administration panel of the server, so you dont need to connect to TS Client and go to the server, because if your banned you cant access the ban list because your bannnnned...........

[m&m's]

What I ment by the owner is, whoever is running the Teamspeak cant be banned, then there should be a spot where the ban list is at in the administration panel of the server, so you dont need to connect to TS Client and go to the server, because if your banned you cant access the ban list because your bannnnned...........

thats why i stated a safe list someone's ip is in it and it cant be banned even by a (SA) , and can only be placed in or removed by the superadmin so even hosting companys can place there customers ip's in the list so there safe from being bann on a paid for server "as long as the customer has a static ip "

[Brain]

Problem is, nowadays very, very few people have static IP addresses. This might only change when IPv6 is introduced. I hope my grandchildren will live to see that day (if I find a suitable Mrs Brain)

[chrismu1]

here is an option:
Have the Superadmin be unban-able and supreme. This is the owner but with a special login that can not be banned,removed or kicked and can broadcast to the entire server.

Also, the banning and unbanning from Admin website would be cool and the option to give/take rights w/o being in ts would be great.

[Brain]

I don't think that's such a good idea. Then people start creating their "superadmin" accounts with passwords such as "dog", "cat", "linux" etc as they already do for their user accounts with server admin privileges...

Also if an attacker is able to submit commands with that person's privileges it would be even worse.

In my opinion a safer approach would be to not allow any serious privileges like kicking, banning etc in the client, especially not using the same login for the client application and the webadministration interface, especially if it is possible that the webadministration interface is susceptible to brute force attacks.

[jasonvw]

What about an override code set like with admin secure (those php nuke webmasters know what i am talking about). it would be two 20 or 30 char. hashes (not changable of course) that a person could use as a login to get past a ban.
For instance: user:Fin238g82334Mdaa34smdfv3h5as56v
Pass: nui5njkscm54df9350328ghdfnd73ad
The number would given to you during install and you could save it. People would loose it, of course but it is better than other methods.

[jasonvw]

or you could use the same identifaction system as in this post

[Android2004]

Problem is, nowadays very, very few people have static IP addresses. This might only change when IPv6 is introduced. I hope my grandchildren will live to see that day (if I find a suitable Mrs Brain)

id agree there, non of our 4 SAs have a static ip

[AceSpace73]

Just have the safe list with unbannable registered names. As long as the program could realize the latest IP that each user comes in with, that IP couldn't be manually entered into the ban list either.

Don't make it overcomplicated with overrides and all of that though. If someone hijacks a TS server, they know that eventually the owner will get rid of them...part of their plan is to fux around with the owner (waste their time n such)...so the easier it is to get rid of them, the less they're going to want to bother doing it.