TCAdmin  - The Game Hosting Control Panel  

Go Back   TCAdmin - The Game Hosting Control Panel > Total Control Admin Panel > TCAdmin Version 1

Reply
 
Thread Tools Search this Thread Display Modes
  #11  
Old 05-01-2012, 06:48 AM
ViolentCrimes ViolentCrimes is offline
Senior Member
 
Join Date: Apr 2009
Location: Michigan
Posts: 183
Default Re: Hack for source games affecting tcadmin v1 and gamecp

Yes but you are still selling v1 and charging for updates for it correct? Then why has it not been fixed for in your words years?
__________________
Reply With Quote
  #12  
Old 05-01-2012, 01:42 PM
ECF ECF is offline
Administrator
 
Join Date: Oct 2004
Location: Massachusettes
Posts: 6,174
Default Re: Hack for source games affecting tcadmin v1 and gamecp

Is this argument going somewhere? Support is for the software and updates, not to deal with security issues that are caused by mismanagement of your servers, mods etc...

You purchased the software as is and agreed to the terms of service including the support terms when you signed up.

If you are looking for Luis to secure your servers it is not going to happen. If you are unhappy with the software then by all means please move to another software package.
__________________
How many servers is TCAdmin powering?
Reply With Quote
  #13  
Old 05-01-2012, 03:44 PM
Bubka3 Bubka3 is offline
Senior Member
 
Join Date: Dec 2009
Location: New York, NY
Posts: 243
Default Re: Hack for source games affecting tcadmin v1 and gamecp

Restricting DLL is a bad choice. We can't support all the mods and extensions for SourceMod in the world.
Reply With Quote
  #14  
Old 05-01-2012, 04:19 PM
ECF ECF is offline
Administrator
 
Join Date: Oct 2004
Location: Massachusettes
Posts: 6,174
Default Re: Hack for source games affecting tcadmin v1 and gamecp

Well you have 2 choices.

1. Restrict dll, exe etc... and have a safe and happy server.
2. Allow dll, exe etc... and have your server hacked very quickly.

Version 1 was not designed nor coded to run as a user when it was created. Luis has given you the tools to secure your servers. Use them or don't.
__________________
How many servers is TCAdmin powering?
Reply With Quote
  #15  
Old 05-01-2012, 04:43 PM
adamnp adamnp is offline
Senior Member
 
Join Date: Jan 2007
Posts: 1,261
Default Re: Hack for source games affecting tcadmin v1 and gamecp

I have to agree with ECF --

This also helps weeding out some of the guys attempting to run a company that have no clue what they are doing. You should have a clue about security, and how to manage the operating systems you are utilizing. If you don't thats fine, hire someone who does to perform the routinely needed tasks.

I'd much rather Luis spend time developing and adding new features than spending that time 'idiot' proofing the software. If it was incredibly difficult for clients to replicate the fix on their own setup's I would then maybe agree that an internal patch might help thwart bad press, however keep in mind there are numerous security vulnerabilities out of box one can go after to infiltrate your systems. If you are inadequate at securing it, then Luis idiot proofing TCA will only give that particular person a little more time before the inevitable happens.

Kills me when I see clients running webservers under root, etc.... Cut the shit!!! Get a grip!!! DO - SOME - RESEARCH *AND* LEARN!@#!@#!@#!

Not sure why so many are afraid of learning!! Once you know, you don't have to ask or be scared!

Just sayin :P ....but then again, even multi billion $ companies don't take the proper precautions....So -- who knows
__________________



Adam Piatek - Chief Technology Officer / Partner
Ritmo Technology Group, LLC
RitmoHost, LLC

CT Office: (888) 886 - 8740
Cellular : (860) 961 - 9469

Last edited by adamnp; 05-01-2012 at 04:46 PM.
Reply With Quote
  #16  
Old 05-02-2012, 04:28 PM
Bubka3 Bubka3 is offline
Senior Member
 
Join Date: Dec 2009
Location: New York, NY
Posts: 243
Default Re: Hack for source games affecting tcadmin v1 and gamecp

Quote:
Originally Posted by ECF View Post
2. Allow dll, exe etc... and have your server hacked very quickly.
We allow dll. Has our servers been hacked? No.

It's called each server has separate account. If someone is still not utilizing this method in 2012, they are begging to end up on this guys list at hack forums.

As Luis said, its in the welcome email. And the dll is blocked by default. You unlock DLL, then you need to take some security measures.

EDIT: Thinking about it, TCAdmin dll restriction would be bypassed as srcds.exe can write the dll. With TCA2 he would just get access to the persons server, not the whole machine.

Last edited by Bubka3; 05-02-2012 at 04:35 PM.
Reply With Quote
  #17  
Old 05-02-2012, 04:51 PM
adamnp adamnp is offline
Senior Member
 
Join Date: Jan 2007
Posts: 1,261
Default Re: Hack for source games affecting tcadmin v1 and gamecp

Quote:
Originally Posted by Bubka3 View Post
We allow dll. Has our servers been hacked? No.

It's called each server has separate account. If someone is still not utilizing this method in 2012, they are begging to end up on this guys list at hack forums.
Just because the software is not running on an administrator account doesn't mean they cannot do damage. The first obstacle is getting in, once you get in - the number of ways you can go is up to your imagination. Maybe it might not get to the point where it has immediate impact to you, but it is extremely simple to impact your company, and your clients and anyone who connects to that hardware.

On Windows all applications talk with the kernel through the API which gives a malicious person the ability to sniff or monitor or modify a program's API calls (hooking)..... This gives full control over that particular process.

This can obviously be useful for all kinds of fun reasons including!!! :}
Debugging, reverse engineering (Gary's favorite!!), and of course hacking!@!

Just look at DLL redirection as a small example here...

1. It is relatively simple to implement.
2. It allows us to view and modify parameters passed to an API function, change return values of that function, and run any other code we desire.
3. While most other methods require code to be injected into the target process or run from an external application, DLL redirection requires only write access to the target application's working directory.
4. We can intercept any API call without modifying the target (either on disk or in memory) or any system files.

SO... Get a DLL on there, then say maybe start sniffing the account, gain the users login and password... Utilize that to work backwards, maybe get into the billing system and find a bug or do some SQL injection. Possibly end up getting fully into the billing system. etc etc..

In my opinion, more security is always better....I go by the philosophy that people are going to fuck up and be stupid..They utilize passwords such as 'password' or 'qwerty' or their wifes name and their birthdate...People are predictable, and once you get in 1 you can go further 90% of the time..The more secure I can be, the better protected my customers are and my business is.
__________________



Adam Piatek - Chief Technology Officer / Partner
Ritmo Technology Group, LLC
RitmoHost, LLC

CT Office: (888) 886 - 8740
Cellular : (860) 961 - 9469
Reply With Quote
  #18  
Old 05-02-2012, 09:05 PM
Bubka3 Bubka3 is offline
Senior Member
 
Join Date: Dec 2009
Location: New York, NY
Posts: 243
Default Re: Hack for source games affecting tcadmin v1 and gamecp

Even if you do not allow .DLL in TCAdmin, a exploit in srcds can allow a attacker to upload any file they wish into the server.
So really blocking .dll is just an inconvenience, since a security it provides can be bypassed by this exploit.

With that said, if you lock the account it runs with to a folder, I believe they are unable to access anything outside of that.

Last edited by Bubka3; 05-02-2012 at 09:16 PM.
Reply With Quote
  #19  
Old 05-02-2012, 11:50 PM
adamnp adamnp is offline
Senior Member
 
Join Date: Jan 2007
Posts: 1,261
Default Re: Hack for source games affecting tcadmin v1 and gamecp

Quote:
Originally Posted by Bubka3 View Post
Even if you do not allow .DLL in TCAdmin, a exploit in srcds can allow a attacker to upload any file they wish into the server.
So really blocking .dll is just an inconvenience, since a security it provides can be bypassed by this exploit.

With that said, if you lock the account it runs with to a folder, I believe they are unable to access anything outside of that.
Correct me if I'm wrong but, what I feel you are saying is if the user can get in through an IMAP exploit (exploit #1) you shouldn't patch a BIND exploit (exploit #2) or make it harder for them to get in, based of assuming theres another way they can exploit your clients?

I have to say, in my opinion, and my method of operations that thinking is backwards. I secure everything I can, and every avenue I can--After that, I secure every way possible into the hardware, and any port that isn't needed. Lastly, all software packages are ALWAYS up to date, all passwords secure, and whitelists/blacklists are current!!!!!!!!

Secure as much as you can, not as little as you can. While it may be a slighty inconvenient (which can easily become avoidable with TCA's built in features) it surely is more convenient than client information exposure, system infiltration, and souring of your company image should something malicious in nature happen.

I often tell people it's not should an attack take place, its should an attacker take sight.

I agree there are tons of issues, but disagree that there is only a minimal solution.
__________________



Adam Piatek - Chief Technology Officer / Partner
Ritmo Technology Group, LLC
RitmoHost, LLC

CT Office: (888) 886 - 8740
Cellular : (860) 961 - 9469
Reply With Quote
  #20  
Old 05-03-2012, 08:47 AM
Bubka3 Bubka3 is offline
Senior Member
 
Join Date: Dec 2009
Location: New York, NY
Posts: 243
Default Re: Hack for source games affecting tcadmin v1 and gamecp

This is what I am saying:

Since all the accounts are locked to their own folder, the .dll will only be able to access their own folder (This assumes you are using Dimitri security method or TCA v2, user per service method, which I both highly recommend). So yes, I can go block .dll, which will inconvenience everyone, but the security it provides is FALSE. With srcds, the exploit which allows .dll will bypass TCA restricts, as it gets written by srcds.exe, not TCA's FTP or File Manager.

What your saying is, what if the client uploads the bad .dll? Well then you just hacked yourself as you won't be able to access anything outside of the game server root.

What if the someone uses the exploit? Then they get to hack the client's server, and they would probably only end up with access to server files and the rcon password as no one keeps there billing and control panel details in a text file on their server. To prevent this problem, the clients can disabling uploading, and enjoy a safe server.

Last edited by Bubka3; 05-03-2012 at 08:50 AM.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 09:49 AM.


Copyright 2004-2010 Balance Servers