Posted by Taimoor Zaffar on September 15, 2014, under General

Now a days, many game server owners complain about their servers getting hacked.

No matter how much strong RCON password you choose, your server can still be hacked.

Antivirus Protections and Firewalls are of no use in this case!





Symptoms:

If you own a Counter Strike 1.6 Server, you should have faced weird problems like:

Your server’s name getting changed.

All your players getting redirected to some strange servers.

RCON Password getting changed.

Strange admins appearing in your admin list.

Strange plugins running on your server.

If you find any of the above symptoms, it means your server is insecure!





Problem A:

The most commonly used technique to hack a server is by hacking any of the Server Admins

If someone knows the password of any admin having Full Access Flags , they can hack your server (They will be able to change your RCON Password, Server Name, Password Protect it, Make Admins, etc)

, they can hack your server (They will be able to change your RCON Password, Server Name, Password Protect it, Make Admins, etc) This happens when your admins visits the server of the hacker

Remember that the value of _pw variable is visible to the Server Owner (Will cover that in an other post)

variable is (Will cover that in an other post) Another way is by hacking the computer of server admin using a RAT or simple keyloggers.



Solution / Fix

To prevent your server from being hacked, never ever give full access flags to the admins. Only give acdeijuvw Access Flags and tell your admins to follow below rules strictly: