如何保护你的服务器hlds截止到2015年12月29日。
本帖最后由 css 于 2016-1-3 19:57 编辑29.12.2015 - 100% Protected !
到此日期百分之百受保护了!
Protocol version 48
Exe version 1.1.2.7/Stdio (cstrike)
Exe build: 13:12:29 Aug 29 2013 (6153)
正常加载的模块!
Currently loaded plugins:
description stat pendfile vers src loadunlod
[ 1] dproto_EF RUN - dproto_i386.so v0.9.548ini Start Never 双协议
[ 2] LocalizeBug FixRUN - localizebugfix_mv2.4 ini Start Never 本地初始化漏洞修复
[ 3] FakeDetector RUN - fakedetector_mm_v2.1.3 ini Start Never 假人检测
[ 4] AMX Mod X RUN - amxmodx_mm_i386.v1.8.3-dini Start ANY
[ 5] WHBlocker RUN - whblocker_mm_i38v1.5.620ini Chlvl ANY 透视阻断
[ 6] MySQL RUN - mysql_amxx_i386.v1.8.3-dpl4 ANY ANY
[ 7] FakeMeta RUN - fakemeta_amxx_i3v1.8.3-dpl4 ANY ANY
[ 8] Ham Sandwich RUN - hamsandwich_amxxv1.8.3-dpl4 ANY ANY
[ 9] CSX RUN - csx_amxx_i386.sov1.8.3-dpl4 ANY ANY
Fun RUN - fun_amxx_i386.sov1.8.3-dpl4 ANY ANY
Engine RUN - engine_amxx_i386v1.8.3-dpl4 ANY ANY
CStrike RUN - cstrike_amxx_i38v1.8.3-dpl4 ANY ANY
12 plugins, 12 running
Latest: 最新版本
dproto_0_9_548.zip
localizebugfix v2.4
FakeDetector v2.1.3
dproto.cfg
metamod p-1.21p37 Linux / Win
whblocker_1_5_620.zip
Oldest:老版本
localizebugfix v2.3
FakeDetector v2.1.2
whblocker_1_5_597.zip
---------------------------------- OLD PROTECTIONS WITH DESCRIPTION(no longer needed这些不再需要了) ---------------------------------------
Exploit SpawnMalfunction
Consequences: The server drops the error SZ_GetSpace: overflow without FSB_ALLOWOVERFLOW set on Server Reliable Datagram
Solution: Dproto
Exploit UnUTF8Chars
Symptoms: Connections bizarre players. Flood console messages about what "Values ??must be valid utf8 text" read more here
Solution 1: (Orpheu, temporary): utffix.rar
Solution 2: Install the latest version Dproto
Extras: Probably only subject to the latest build HLDS 6xxx
Exploit FragmBuf
Symptoms: Connecting the player. Server error falls SZ_GETSPACE: Overflow without FSB_ALLOWOVERFLOW set on net_message
Solution 1: Install dprotolatest version (0.9.391 and higher)
Solution 2: metamod plugin from PRoSToTeM @: Version for Linux and Windows: FragBufFix.zip
Solution 3: amxx plugin to Orpheus: fragmentnc
New Fake Players
Symptoms: Connecting a large number of players (usually generated with nicknames). Fakes spawn have their ping and SteamID. Just scored server fakes.
Solution 1: A simple plug ban at a connection longer than X players from one IP (banip_fakes.sma).
Solution 1: Dproto 0.9.475 or above
Solution 2: Fake Detector 2.0by Asmodai
Decision voceflood: Voice Packet Limiter or off vtc
Protection from # in their names and chat
Symptoms: simultaneous client hangs many players with a start. Often accompanied by Reliable Channel Overflowed.
Solution: fast_fix_hashsign.sma
Decision2: localizebugfix 2.0
darcode.com exploit
Symptoms: bot connects to the server and then the server crash
Solution: turn off the jump directly from the server resources (sv_allow_dlfile 0), with all the necessary resources should be fast loading.
Exploit Buffer Overload v2
Symptoms: server hangs / decreases flooding in the console Ignoring invalid custom decal from *
The decision (on Asmodai): Linux / Win cf_fix.zip
The solution (from PRoSToTeM @): Linux / Win
Solution 2: Dproto0.9.491 or above
HLDS Amplification attack
Symptoms: On the server request is sent to the spoofed sender ip, causing an even greater response packet that can be used for DDOS-attacks.
Recommendation (for dproto least version 0.9.509): Align value ServerInfoAnswerType 0. This will reduce the amplification factor. But players will not be able to connect with old patches through serverbrowser.
Recommendation: Set Dproto 0.9.546 and above it during the attack automatically switches to a new type of response to reduce the amplification factor.
The decision: Rules for iptables
Exploit Buffer Overload v3
Symptoms: bot connects, all enhanced ping server hangs until the boat leaves.
The decision (on s1lent): Linux / Win
The solution (from PRoSToTeM @): Linux / Win
Solution 2: Dproto 0.9.519 or above
Exploit Buffer Overload v4 (patched v3)
Symptoms: the server comes to the boat and the temporarily freezes.
Solution: Fake Detector by Asmodai (at least version 1.4)
;win32 addons\nbex\nbex.dll
win32 addons\dproto\dproto.dll
win32 addons\localizebugfix\localizebugfix.dll
win32 addons\fakedetector\dlls\fakedetector_mm.dll
win32 addons\whblocker\whblocker.dll
win32 addons/podbot/podbot_mm.dll
win32 addons/http_resources_manager/dlls/http_resources_manager_mm.dll
win32 addons\sxei\dlls\sxei_mm.dll
win32 addons\amxmodx\dlls\amxmodx_mm.dll
;win32 addons\cf_fix_mm\cf_fix_mm.dll
;win32 addons\ifuf\ifuf.dll
;win32 addons\cef\cef.dll
;win32 addons\FragBufFix\FragBufFix.dll
;win32 addons\fullupd_patch\fullupd_patch.dll
win32 addons\RegMaster\RegMaster.dll
win32 addons\MasterServer\MasterServer.dll
;win32 addons\FloodBlock\dlls\floodblock.dll ;270124
;win32 addons/floodblocker/floodblocker.dll
;win32 addons\gm_block_mm\gm_block_mm.dll
;win32 addons\upatch\upatch.dll
;win32 addons\bsploaderfixer\bsploaderfixer_mm.dll
;win32 addons\console_variables_manager_mm\console_variables_manager_mm.dll
;win32 addons\Cmessage\CMessages_mm.dll 阻断队伍信息导致1局后就观察
;win32 addons\bot_played_time_faker\bot_played_time_faker_mm.dll 这是神马玩意???你想表达什么?给个翻译啊,一点看不懂 本帖最后由 btlive 于 2016-1-4 10:29 编辑
localizebugfix v2.4
FakeDetector v2.1.3 !!这些可以不用安装的!应为dp548已经有了。安装了会不会多此一举?
whblocker_1_5_620.zip这个也会不会多此一举? css 发表于 2016-1-2 14:21
;win32 addons\nbex\nbex.dll
win32 addons\dproto\dproto.dll
朋友可否共享,对于单机建房有用吗。用于1.5 不知道谁发了个 防 ddos 的 swds。dll 虽然看不懂 但是 好像很牛逼的样子! 现在正版平台又开始升级了,出现语音不能兼容,希望得到解决。 好东西 分享一下插件啊 css 发表于 2016-1-2 14:21
;win32 addons\nbex\nbex.dll
win32 addons\dproto\dproto.dll
分享一下插件啊
页:
[1]