Last night it became known that there is a major problem with HLDS that leads to easy security compromises through such addons as StatsME, AdminMod, and ClanMod. These compromises generally require someone to have rcon-level access (either directly or through the mod), although that's not always the case. Currently it is being recommended on several news sites to set your rcon_password to "" so that users with rcon cannot use it against the server; this does not entirely fix the problem, but you may want to do it as a stopgap.
As soon as Valve releases a security update to HLDS, we will be loading it onto all the servers.
Security holes
- Edge100x
- Founder
- Posts: 12948
- https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
- Joined: Thu Apr 18, 2002 11:04 pm
- Location: Seattle
- Contact:
-
- New to forums
- Posts: 4
- Joined: Thu Aug 15, 2002 8:19 am
- Location: Alaska
- Contact: