Super Web Admin
Super Web Admin
I've just been looking at the Console Log for our server, and I noticed that there was a "SWA: Connection from" entry from an IP address that shouldn't be there. Does anyone know whether this means that the person was able to successfully connect to the server including supplying a working password, or just that a TCP connection was established, and that they may have been rejected if the submitted password was incorrect?
It's a worry. For one thing the listen port is completely non-standard. Perhaps this is easy to enumerate with the right tools though.
Thanks in advance.
It's a worry. For one thing the listen port is completely non-standard. Perhaps this is easy to enumerate with the right tools though.
Thanks in advance.
Re: Super Web Admin
Try here: http://www.unrealadmin.org/forums/showthread.php?t=8046
Maybe the answer is in the topic somewhere?
Or you can try to ask the same there?
Maybe the answer is in the topic somewhere?
Or you can try to ask the same there?
Retired.
Re: Super Web Admin
Thanks I'll head over and check that thread out. Looking more closely, I see there are now dozens - maybe hundreds of such entries in the past couple of months. Mostly IPs from China and India. I suppose they're probably just scanning for vulnerable web servers, but I'd like to know for sure.
Re: Super Web Admin
billybill wrote:I'm not sure this mod was ever secured. It posed some security risks on earlier versions. Maybe I'm wrong but you don't hear much about it... so maybe I'm right
Re: Super Web Admin
Those will be most likely background noise. As you said the IPs are from china, i think russia is also well shown.
You can ignore this, but if you got a firewall you can simply setup a rule to ban those countries. I did this some time ago, since that day i had no more spam in my blog etc..
You can ignore this, but if you got a firewall you can simply setup a rule to ban those countries. I did this some time ago, since that day i had no more spam in my blog etc..
Re: Super Web Admin
Thanks guys; it's a GameServers box so I don't think I have any say in the firewalling administration. The SWA thread on UnrealAdmin didn't mention the connection messages, but since nothing untoward has happened to the server, I've come to the same conclusion - that these are random scans and not a specific attempt to gain access to the server via SWA.
Re: Super Web Admin
Yes, I can confirm on my forums and servers the bots from Russia and Ukraine are very busy right now and have been for almost a month now. They hit many times a day and I also saw a "record" user post somewhere on these forums that 212 users was online at the same time here recently, this can only be bots ... no offence, but not even ut99,org would be able to attract 212 players at one day. So ..... yes, my guess would be that you don't have to fear that what you see is aimed specificly at your gameserver, but it's most like just random bots hitting everything with a pulse.....
Retired.
- papercoffee
- Godlike
- Posts: 10466
- Joined: Wed Jul 15, 2009 11:36 am
- Personal rank: coffee addicted !!!
- Location: Cologne, the city with the big cathedral.
- Contact:
Re: Super Web Admin
This makes senseTheDane wrote:no offence, but not even ut99,org would be able to attract 212 players at one day.
Poor Shade.
But I noticed recently that our forum is having issues ...some "server not responding" thing.
A 50x error message (don't remeber the last number)
- UnrealGGecko
- Godlike
- Posts: 2926
- Joined: Wed Feb 01, 2012 11:26 am
- Personal rank: GEx the Gecko
- Location: Kaunas, Lithuania
- Contact:
Re: Super Web Admin
Got it too... Error #500 I believepapercoffee wrote:A 50x error message (don't remeber the last number)
My work for UT99: Counter-Strike VP, MaleOne+ (now updated), FemaleOne+ and the FemaleTwo220 voicepacks DM-XC-NaliTreeV2 (from the 2012 Xmas Contest mappack), DM/DOM-20AC-CastleGeorgeV3 (from the 20th Anniversary Contest mappack), DM-UFFO, DM-WreckingBall, (NEW!) CTFM-Sundial
my small spec of files at Google Drive
List of console converted maps, models & more!
- Hook
- Inhuman
- Posts: 754
- Joined: Tue Apr 22, 2008 11:21 pm
- Personal rank: UT99 Promoter/Admin
- Location: Minnesota USA
- Contact:
Re: Super Web Admin
I've noticed a slow down also on my sites - and here also a bit - hmmmm
=Hook=(Member# 626)
HUTP Active Forums: https://hooksutplace.freeforums.net/forum
HUTP UT99 Community Portal: https://hooksutplace.freeforums.net/
OR: https://hermskii.com/hook/ut99_hutp/
UT99 Server -> CROSSBONES Missile Madness {CMM}
* Newest Versions of: PRO-Redeemers | PRO-SNIPER-Redeemers | PRO-SEEKER-Redeemers <-(the Original)
and Now with FOOD FIGHT and Frying Pan arena !!!
IP: 68.232.181.236:7777 <-(NEW IP to come)
UT99 MH Server -> {CMH} CROSSBONES Monster Hunt (MH) by Mars007 (The Original) - IP: 108.61.238.93:7777
HUTP Active Forums: https://hooksutplace.freeforums.net/forum
HUTP UT99 Community Portal: https://hooksutplace.freeforums.net/
OR: https://hermskii.com/hook/ut99_hutp/
UT99 Server -> CROSSBONES Missile Madness {CMM}
* Newest Versions of: PRO-Redeemers | PRO-SNIPER-Redeemers | PRO-SEEKER-Redeemers <-(the Original)
and Now with FOOD FIGHT and Frying Pan arena !!!
IP: 68.232.181.236:7777 <-(NEW IP to come)
UT99 MH Server -> {CMH} CROSSBONES Monster Hunt (MH) by Mars007 (The Original) - IP: 108.61.238.93:7777
- papercoffee
- Godlike
- Posts: 10466
- Joined: Wed Jul 15, 2009 11:36 am
- Personal rank: coffee addicted !!!
- Location: Cologne, the city with the big cathedral.
- Contact:
Re: Super Web Admin
UnrealGecko wrote:Got it too... Error #500 I believepapercoffee wrote:A 50x error message (don't remeber the last number)
Those damn hacker apes ...A server admin told me once he set up a honeypot for hackers. it was a low secured part of the server filled with corrupted files and malware labeled as important stuff, only accessible from outside when you hack the server.Hook wrote:I've noticed a slow down also on my sites - and here also a bit - hmmmm
The hacking attempts decreased sharply afterwards.
- papercoffee
- Godlike
- Posts: 10466
- Joined: Wed Jul 15, 2009 11:36 am
- Personal rank: coffee addicted !!!
- Location: Cologne, the city with the big cathedral.
- Contact:
Re: Super Web Admin
You can also use them for a DDos attack ...but I mean bots not explicit spambots.TheDane wrote:There is a great difference between hacking and these spambots?!?!?!