To King Li ( Important may help :) )x

[medoomen]

i found a topic in Forigener forum that some pservers owners ask for help in same problem u face so some experts replyed on them and Some guy called Dr Abd El Fattah who actually expert in c+ and that stuff helped them by some solution that maybe will help u :)... i know that u r good and its ok to accept help doesnt mean that u r not good enough to solve alone
anyway... what i found is

Cool [Few-Steps] To FiX your Server Security !

Hello ,

We hear Today many server down/crash due of some kinds of attack due of the servers masters(admins) haven't skills/exp in protection/security

Anyway in Security u must use ur mind first Before everything else , even if u don't got any skills in protection or so .

Here's a few steps You must Done to make your server Something secure :

1 - Add to your Firewall blocked Ports for all modules, I mean to block all ports of modules like GS shard global etc in firewall (black-list) exept ports of gateway/downloadserver/agentserver

2 - Add ports to your firewall (Open-ports) for Gateway/downloadserver/Agentserver {>>>> TCP ports only <<<<}

3 - don't ever open UDP ports for those modules Gateway/downloadserver/Agentserver

4 - add block UDP ports for Gateway/downloadserver/Agentserver in firewall

Oky You Now FiX the Crach of modules like gateway or GS or or or ,
Now the Rest Few Steps Of the Most security to your server :

1 - Change your dbs names, like change account db name also shard and log .
2 - close the remote use of sql server so only local connections could access to sql server .
3 - @Billing URL must be at ur local , so set at IIS the name or ip of website to 127.0.0.1 and set any port , also this port block it in your firewall .
4 - At last don't ever Open your cert. ports , Block it in your Firewall .

At last today isa I will release a New cert. which got protection module to prevent the injection from SMC on db . (So you could freely open GlobalManager TCP ports without any problems)

----------------------------------------------------------------
At last How to do those steps , i think they are easy enough and google will FTW always ^ _ ^
Anyway any step you don't understand just ask me Here

Quote:
Small summery :
Every module u launch the firewall gives it's access as access so the module port opened , Now HOW UR GAMESERVER CRASH due of attack on UDP Port of GS . So you must block the both ports of GS TCP and UDP from firewall as i say in the past posts .
----------------------------------------------------------------
Thread Updated :

The Most Important Part ,
If you use 2 dedi servers or more for 2 agents or more ,
So you are open farmmanager Ports ,
Oky after mints of hacking farmmanager security i find out that by small access to farmmanager from it's ports you could shutdown the SR_GameServer , shard and agent too
Also you could let the farmmanager send packets to GS which will make overflaw also could gives packets to shard and agents but GS is the mostly easy to take overflaw from stupid wrong packets send from FarmManager

Solve :

1 - Open TCP Port only for farmmanager in your Firewall
2 - block TCP and UDP ports for farmmanager in your firewall except to 1 ip this ip = ur other machine ip .

I think it's very clear now ,

Hope i help ,
Quote:
Also thanks to the guy who help me with his dedi servers > That guy isn't memeber at Epvp .
Have a good day

[Hurricane]

الله الموفق !!

[wesamzxo]

ايوه ما انا قلت فى موضوعى ان فى طرق بتتفدى الحجمات بنسبه 80% و يمكن اقل بس ده على حسب
نوع الهجمات و مصدرها من واحد محترف ولا مبتدئ
المعلومات الى انت قلتها حلوه بس عمرها ما هتعدى على صاحب سيرفر

تحياتى

[medoomen]

مش شرط انك good coder انك يكون عندك خبره كويسه فى الحمايه
و بعد تسريب Vsro Test Files و اى حد سهل يعمل سرفر من غير اى خبره فى اى حاجه XD و اكيد كلنا شوفنا فى كام Pserver Now

[S1MPlLy]

Rageهتفتح امتا يا جدعان

[V.I.P9]

يارب الgm يعرف مين بيهجم على السيرفر :furious::furious::furious:

ويحل المشكلة دية

[ahmed cairo]

يا عم بيهاجم مين ده حوار اصلن هو مش عارف يصلح اللعبه

[medoomen]

اقتباس:

المشاركة الأصلية كتبت بواسطة ahmed cairo عفوا ,,, لايمكنك مشاهده الروابط لانك غير مسجل لدينا [ للتسجيل اضغط هنا ]

يا عم بيهاجم مين ده حوار اصلن هو مش عارف يصلح اللعبه

no its attack on server.. and not only dwo but its not ddos and not from jg fw

[فارس الاسلام]

هوا من الاخر لازم يحط حمايات تمام هوا لسه سيلك الرود العاديه حصل معها نفس الموضوع دا من شهر او اكتر اللى عندهم حمايات الدنيا وانت سرفير برفيت الموضوع صعب جدا

[ropin8080]

GL

[BrokenSword]

لازم حماية

[treasman]

ربنا معاه

[BrokenSword]

معاك ربنا