alientrap-forum-archives

[flea]

Hi,

I am having some problems with my server, and I was wondering what logging options are available to me.

First thing that I noticed is that server.log is not time-stamped. Is there a config var that can add a timestamp to server.log.

Second, is there a way to log "tell" commands? I believe it might be an attack vector someone is using.

Third, are there any other logging options? Have ppl written scripts for additional logging? Is there a wiki you can point me to on server administration?

Last, map downloading works for me (curl points to my vps), but other players are still getting 'all black' maps. Is there a good way to test this?

Thanks,

flea

[mand1nga]

First thing that I noticed is that server.log is not time-stamped. Is there a config var that can add a timestamp to server.log.

Yes, try this

Code: Select all

timestamps 1
timeformat "%Y%m%d%H%M "

Second, is there a way to log "tell" commands? I believe it might be an attack vector someone is using.

As far as I can tell, no

Third, are there any other logging options? Have ppl written scripts for additional logging? Is there a wiki you can point me to on server administration?

It depends on what you are looking for. do you need extra information ? or scripts for parsing the server output ?

Last, map downloading works for me (curl points to my vps), but other players are still getting 'all black' maps. Is there a good way to test this?

It seems they can't access to your web server, or some maps aren't stored there. You can debug this telling them to download one of these maps from your web server using a browser.

I hope it helps

Cheers

[esteel]

Tell is not logged as its supposed to be for PRIVATE talk. However in the development version its now also flood protected like the other chat commands. Maybe thats what you mean by attack?
Also are you sure the download works for you if you delete the file from your client? If that works, maybe you did not put the external address for your download location in the config, or others just can't get the file from there?

[flea]

Tell is not logged as its supposed to be for PRIVATE talk. However in the development version its now also flood protected like the other chat commands. Maybe thats what you mean by attack?
Also are you sure the download works for you if you delete the file from your client? If that works, maybe you did not put the external address for your download location in the config, or others just can't get the file from there?

Hi, thanks for replying. I am glad that tell is flood protected now as certain persons were using it to harass.

As to the download problem, it appears that *NIX variants, particularly of the debian kind need libcurl installed before they can download maps. So now the common answer to
Q: "Why is it all black?"
A: "apt-get install libcurl"

As for "attack", one of our local developers has found an buffer overflow exploit that can be used to rewrite the server's rcon password, I expect he will send you code soon.

Regards,

Flea.

[divVerent]

He should send that info NOW, as an overrun is really an URGENT issue.

To me it looks like your "local developer" is a malicious hacker and first wants to break into some servers.

[tundramagi]

I wonder if grsecurity, which will crash the program when the program tries common buffer overflows (writing to non executable stack, accessing memory incorrectly (well it just deny those) etc) mitigates this new attack.

Also, grsec logs everything (especially crashes etc), so with it and the firewall logs, if anyone trys an overflow against my server I'll have their information .