[quake3] Re: Rcon DoS
0000spam at gmail.com
Sun Dec 3 18:40:27 PST 2006
Maybe adding the ability to allow rcon commands only from certain IP
block would help. Similar to banips, but like a whitelist, who can use
rcon and other remote features.
On 12/3/06, Thilo Schulz <arny at ats.s.bawue.de> wrote:
> On Sunday 03 December 2006 23:19, Thilo Schulz wrote:
> > If this limitation really is in there, your concern is a valid one. I will
> > take care of it in the next few days.
> We've discussed this "DoS" stuff in IRC. This limit is imposed to prevent the
> bruteforcing of rcon passwords that can be done easily using udp. At the
> moment, I don't see any easy way of removing that rcon limit without
> affecting security. Server admins should run their servers in "screen" to
> administrate their servers or use game-based administration features. Rcon is
> flawed by design.
> Thilo Schulz
More information about the ioquake3