Forum

Page 14 of 16 FirstFirst ... 41213141516 LastLast
Results 196 to 210 of 234
  1. #196
    Join Date
    February 2017
    Posts
    3
    I have the same problem. Serveruery messages to all online members every few minutes. It started a few days ago and its driving me crazy.

    Message used to be:
    "Server": Monitor your TS3 server or game server, custom your banner and more stats : *AdLink removed*

    Now the message is:
    "Server": Create you FREE TeamSpeak 3 Server : [*AdLink removed*

    I hope Teamspeak revokes ****.com their license. Damn spammers. New looking for a fix to get rid of them.
    I am running 3.0.13.4 on linux in Azure.
    Last edited by Chris; February 16th, 2017 at 09:19 AM. Reason: removed ad links

  2. #197
    Join Date
    February 2017
    Posts
    5
    Quote Originally Posted by JoccE View Post
    Hi everyone.

    I have had the same issue with the advertisement from ranksr as most other people here.
    I ended up just blocking the IP range in my iptables

    I've tried to contact the ranksr team but they just ignore and delete the messages even when threatened with legal actions.
    The server itself is hosted Canada from a hosting company called cogecopeer1 and I've sent them an abuse email and will try to contact them though their mail/live chat support in the morning.

    Canada have a pretty good anti spam law that should fit right in here.
    You can report all spam services that don't have an option to "Unsubscribe".

    Final solution should never be "Well just block them in your iptables".

    I will come back with a report once i've contacted their hosting company if anyone is interested.
    Where are the iptables?

  3. #198
    Join Date
    February 2017
    Posts
    5
    Quote Originally Posted by Chris View Post
    One of the following is true:
    - You're not logged in
    - You're not logged in as the correct user
    - Your permission are seriously screwed up.
    Chris,

    I dont think its my permissions, Multiple people are having the same issue.

    By @numma_cway
    "Well, then they obviously know your "serveradmin" password or can execute "gm" for some other reason. See log for more details.
    -Its given to me I have it...

    Lastly ? How do we see the log to see the issues? <<--- And would this help? I dont know I ask you guys

    "missing required parameter".
    <--- The problem

  4. #199
    Join Date
    March 2015
    Posts
    12
    Quote Originally Posted by Roose View Post
    Chris,

    I dont think its my permissions, Multiple people are having the same issue.

    By @numma_cway
    "Well, then they obviously know your "serveradmin" password or can execute "gm" for some other reason. See log for more details.
    -Its given to me I have it...

    Lastly ? How do we see the log to see the issues? <<--- And would this help? I dont know I ask you guys

    "missing required parameter".
    <--- The problem
    + 1, I didn't change the server permissions for server query admin and guest since first launch, executed the suggested putty commands received ok status back for each, and this guy is still able to spam me as well.

    I even disabled server query login for guests and I wasn't able to personally log on myself to my test server query guest account.
    Yet he was able to continue spamming.

    He has now added another IP to his spam farm.
    I have no way to test what he is doing as I mentioned before.
    As I am not able to send messages, but he somehow still is.

    This is the master list of his IP's that I know (I'd suggest just hard blocking):
    Name:  4c42758334bc5db1de513ee86aacc5d0.png
Views: 319
Size:  10.5 KB

    From a usability standpoint, a server admin on the regular client should be able to ip ban a server query user, especially a guest.
    Not sure if there is some round about technical issue or underlying teamspeak hardship.
    But there is no legitimate reason why you shouldn't be able to ban this guy right from the client... So frustrating.

    Warfront1

  5. #200
    Join Date
    December 2015
    Posts
    3
    If you're hosting on a Linux server just add this to your IP tables.

    I only need queries to be able to performed from 1 external IP and localhost

    iptables -A INPUT -p tcp --dport 10011 ! -s xx.xx.xx.xx -j DROP

    Where xx.xx.xx.xx is the external IP that should be allowed to connect to the server.


    If you're using a newer system that uses firewallD instead, there is a nice GUI you can use to block incoming traffic to port 10011
    Windows should also have this feature in the firewall server.

  6. #201
    Join Date
    September 2012
    Posts
    6,080
    Quote Originally Posted by Roose View Post
    Chris,

    I dont think its my permissions, Multiple people are having the same issue.
    So you're saying that the server, saying you don't have permission to do what you're trying to, is wrong?

    Quote Originally Posted by Roose View Post
    "missing required parameter". <--- The problem
    That is referring to when you're trying to ban a query client from what I can see in this thread. Banning query clients is expected to give an error.

    Quote Originally Posted by warfront1 View Post
    I have no way to test what he is doing as I mentioned before.
    As mentioned before enable query logging, then show the log after he came back to spam.


    Quote Originally Posted by warfront1 View Post
    From a usability standpoint, a server admin on the regular client should be able to ip ban a server query user, especially a guest.
    Not sure if there is some round about technical issue or underlying teamspeak hardship.
    But there is no legitimate reason why you shouldn't be able to ban this guy right from the client... So frustrating.

    Warfront1
    query clients are treated differently from regular clients thus regular bans don't affect them. Whether this is good or not is arguable.
    Last edited by Chris; February 16th, 2017 at 09:43 AM.
    When sending PMs please make sure to include a reference link to the thread in question in the body of your message.

  7. #202
    Join Date
    February 2017
    Posts
    1

    Random IPs/Ports connecting/disconnecting even after server password change

    Hello,

    My TS3 server has recently been getting random logins that happen consistently and frequently throughout the day. These are logins and then immediate disconnects from the same ip using different ports every time making it impossible to ban. Below is a log showing some of what is happening:

    Code:
    <07:43:07> "Unknown from 94.23.235.222:22454" connected to channel "Lobby"
    <07:43:07> "Unknown from 94.23.235.222:22454" disconnected (disconnecting)
    <07:46:53> "Unknown from 37.59.31.160:54563" connected to channel "Lobby"
    <07:46:54> "Unknown from 37.59.31.160:54563" disconnected (disconnecting)
    <07:46:57> "Unknown from 94.23.235.222:40335" connected to channel "Lobby"
    <07:46:57> "Unknown from 94.23.235.222:40335" disconnected (disconnecting)
    <07:49:50> "Unknown from 138.68.64.36:51640" connected to channel "Lobby"
    <07:49:51> "Unknown from 138.68.64.36:51640" is now known as "Server"
    <07:49:53> "Server" dropped (connection lost)
    the 94.23.235.222:PORT shows up the most frequently all day long
    the 37.59.31.160:PORT shows up not as frequently but still consistently enough all day long
    the 138.68.64.36:PORT shows up about once every 10-20 min, changes it's name to Server and then spams a message to a few users within the TS, normally the highest ranked user, or Alphabetically highest ranked.

    This has been ongoing for a few weeks now and I have done many things to stop it, from adding the name Server to the banlist to see that would stop the intrusion with no luck. I have a TSviewer block on the mainpage of my website that I recently disabled all the guest virtual server query permissions that allow TSviewer to display the TSserver on a website and that seemed to have stopped the spamming, but it did not stop these IP's from logging in. My most recent change involved me changing the virtual server password, and literally 2 min later the ip's logged in still as if not phased.

    At this point I am at a loss, we obviously can't allow this "Server" user to spam forever, I just don't know how to combat this.

    Thanks for the help!

  8. #203
    Join Date
    September 2012
    Posts
    6,080
    Quote Originally Posted by RoHAdmin View Post
    Hello,

    My TS3 server has recently been getting random logins that happen consistently and frequently throughout the day. These are logins and then immediate disconnects from the same ip using different ports every time making it impossible to ban. Below is a log showing some of what is happening:
    Those are query connections, not regular clients.
    The first IP is tsviewer.com
    The second IP is from ts3index.com
    Both of which are scanning servers.

    The third one is just a regular old spammer. You can prevent them from messaging by restricting permissions as indicated here.
    These are just annoying but happen more or less frequently. More frequently again recently, since some kid who violates licenses is trying to gain visibility.

    Quote Originally Posted by RoHAdmin View Post
    This has been ongoing for a few weeks now and I have done many things to stop it, from adding the name Server to the banlist to see that would stop the intrusion with no luck. I have a TSviewer block on the mainpage of my website that I recently disabled all the guest virtual server query permissions that allow TSviewer to display the TSserver on a website and that seemed to have stopped the spamming, but it did not stop these IP's from logging in. My most recent change involved me changing the virtual server password, and literally 2 min later the ip's logged in still as if not phased.

    At this point I am at a loss, we obviously can't allow this "Server" user to spam forever, I just don't know how to combat this.

    Thanks for the help!
    As mentioned those are query clients, they aren't affected by regular bans or passwords, since they aren't real clients, and with databases created since 3.0.11 cannot do much.
    When sending PMs please make sure to include a reference link to the thread in question in the body of your message.

  9. #204
    Join Date
    September 2007
    Location
    Liverpool, England
    Posts
    14

    Server being perma spammed

    Hi my teamspeak 3 server has been getting spammed all week now with the below message (or some variant of each day)...

    "Server": Create you FREE TeamSpeak 3 Server : *Removed AdLink*
    "Server": Create you FREE TeamSpeak 3 Server : *Removed AdLink*
    "Server": Create you FREE TeamSpeak 3 Server : *Removed AdLink*
    "Server": Create you FREE TeamSpeak 3 Server : *Removed AdLink*
    "Server": Create you FREE TeamSpeak 3 Server : *Removed AdLink*


    The user calls himself server but does not show in ts & in the logs the user has no ip so i cant ban/block the vermin,
    any help please? hopefully without putty or some other crap?

    Thanks



    I must add TS2 was far simpler & easier to maintain & more secure as i never had any issues in over a decade,
    i have never found TS3 to be as straightforward or enjoyable to maintain
    Last edited by Chris; February 17th, 2017 at 01:38 PM. Reason: removed links

  10. #205
    Join Date
    March 2015
    Posts
    12
    Quote Originally Posted by Chris View Post
    So you're saying that the server, saying you don't have permission to do what you're trying to, is wrong?


    That is referring to when you're trying to ban a query client from what I can see in this thread. Banning query clients is expected to give an error.


    As mentioned before enable query logging, then show the log after he came back to spam.




    query clients are treated differently from regular clients thus regular bans don't affect them. Whether this is good or not is arguable.
    Click image for larger version. 

Name:	62c87e6445f7d8b99f1dd04fabb8d9d8.png 
Views:	113 
Size:	20.6 KB 
ID:	15029

    I have him IP blocked, but I can remove him from the IP block and test out things to help get to the bottom of this issue.

    Warfront1

  11. #206
    Join Date
    September 2007
    Location
    Liverpool, England
    Posts
    14
    Teamspeak need to fix this security hole & stop these spamers with an update, its affecting to many peaople...

    So far its easier to close my ts3 server & just use my old ts2 server

  12. #207
    Join Date
    June 2008
    Posts
    18,414
    That's no security issue.
    It's a problem with the permissions on your server.
    We gave you a way to fix this.

    All this was explained in post #1.
    When sending me private messages: Please make sure to include reference link to your forum thread or post.

    TeamSpeak FAQ || What should i report, when i open a client thread?

  13. #208
    Join Date
    September 2007
    Location
    Liverpool, England
    Posts
    14
    Quote Originally Posted by dante696 View Post
    That's no security issue.
    It's a problem with the permissions on your server.
    We gave you a way to fix this.

    All this was explained in post #1.
    Ok so it's not a security hole, but if the permissions were set better by default rather than us having to piss about with putty due to spammers, why not fix the permissions in a patch as its affecting so many users, surely default permissions need to be set better to start with.


    Again didnt have this issue with TS2, plus it was easy to admin, TS3 is a ballache, my time should be focused on gaming not playing with putty to stop spammers annoying my users all day, the issue is my server is 8yrs old or so & ive never had to login to the server with putty & probably dont have the login, so most liekly have to wipe & start again...
    Last edited by forze; February 17th, 2017 at 09:26 PM.

  14. #209
    Join Date
    September 2012
    Posts
    6,080
    Quote Originally Posted by forze View Post
    Ok so it's not a security hole, but if the permissions were set better by default rather than us having to piss about with putty due to spammers, why not fix the permissions in a patch as its affecting so many users, surely default permissions need to be set better to start with.
    They could've been yes, but we're just regular old humans ourselves and make mistakes here and there. Back when this loophole was first found, we fixed it and the default permissions do not allow this since server 3.0.11. The changelog also mentioned the extra permissions we're using and why. The forum announcement of that version also included them. I don't exactly remember why we didn't update existing databases with those new permissions, but it was a decision that was made and there was a reason for it. In any case everyone had the chance to be informed and update their permissions. It doesn't affect any database that was created with an up to date server as of September 2014.


    Quote Originally Posted by forze View Post
    Again didnt have this issue with TS2, plus it was easy to admin, TS3 is a ballache, my time should be focused on gaming not playing with putty to stop spammers annoying my users all day, the issue is my server is 8yrs old or so & ive never had to login to the server with putty & probably dont have the login, so most liekly have to wipe & start again...
    Sure do hope you updated your server within those 8 years. If you don't have it you can read the documentation or look here for ways to get it back without starting from scratch.
    When sending PMs please make sure to include a reference link to the thread in question in the body of your message.

  15. #210
    Join Date
    February 2017
    Posts
    3
    Fort the time be´ng i just keep dropping the IP ranges that ranksr.com is using for their spam messages with iptables.

    sudo iptables -A INPUT -s 209.15.243.67 -j DROP
    sudo iptables -A INPUT -s 209.15.243.68 -j DROP
    sudo iptables -A INPUT -s 209.15.243.69 -j DROP
    sudo iptables -A INPUT -s 138.197.79.53 -j DROP
    sudo iptables -A INPUT -s 138.68.64.36 -j DROP
    sudo iptables -A INPUT -s 209.15.237.194 -j DROP
    sudo iptables -A INPUT -s 209.15.237.195 -j DROP

    I hope teamspeak revokes their license! (ranksr.com)




    sudo iptables -A INPUT -s 209.15.237.195 -j DROP

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. How to send chat messages to Server Query
    By JamieG193 in forum Tools / Web Based
    Replies: 3
    Last Post: July 5th, 2013, 11:02 AM
  2. [Resolved] (not possible) How do I send out pokes to a defined usergroup?
    By Pluvrr in forum General Questions
    Replies: 1
    Last Post: August 28th, 2011, 04:50 PM
  3. send text messages to everyone
    By constrych9 in forum General Questions
    Replies: 5
    Last Post: February 8th, 2011, 07:01 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •