Hosting a server - security issues/exploits to worry about?
Hi all,
I used to play tribes a few years ago and was recently dismayed to find I couldn't log in again when I happened across my copy of tribes - so was over the moon to hear about tribesnext. Great stuff, keep it up
Ok I have a server for worky-type stuff and I've been wondering about setting up a T2 server. The machine is a reasonably generous spec and more than I actually need for work so I figured it would be a good way to enjoy that spare capacity
My question is - Are there any known exploits, buffer overflows or other security issues of that type associated with running a tribes server? I'm not talking about opening port whatever on the firewall, more in the software itself.
I guess it could be run as a low-privelidged user or something for starters.
I have other (ecommerce) sites on the server (win2003std) and wouldn't really want to have to explain to my clients why me running a games server allowed someone access to the box...
I had a search and didn't see any particular mentions of security other than in-game (people cheating stylee) rather than intruder access to the box, hence the post.
Thanks in advance ;D
LD50
I used to play tribes a few years ago and was recently dismayed to find I couldn't log in again when I happened across my copy of tribes - so was over the moon to hear about tribesnext. Great stuff, keep it up
Ok I have a server for worky-type stuff and I've been wondering about setting up a T2 server. The machine is a reasonably generous spec and more than I actually need for work so I figured it would be a good way to enjoy that spare capacity
My question is - Are there any known exploits, buffer overflows or other security issues of that type associated with running a tribes server? I'm not talking about opening port whatever on the firewall, more in the software itself.
I guess it could be run as a low-privelidged user or something for starters.
I have other (ecommerce) sites on the server (win2003std) and wouldn't really want to have to explain to my clients why me running a games server allowed someone access to the box...
I had a search and didn't see any particular mentions of security other than in-game (people cheating stylee) rather than intruder access to the box, hence the post.
Thanks in advance ;D
LD50
Comments
Of course, the risks of forwarding a port on your firewall are also present, but, as far as I know, there are no known security exploits.
I would strongly recommend not running it on the same operating system as one hosting ecommerce. At least isolate it with a virtualization layer like VMware.
ok vmware sounds like it could be a good option though - would it be better on a linux or windows vm? I guess the upside is I can set up and test the server locally on my dsl and then upload to the main box once it's looking about right.
thanks for the prompt and complete info too guys - much appreciated
That should also mean I can give someone else admin access for tribes (e.g. in case of problems setting up) without having to hand over full admin control of the server.
Theoretically if my bw and cpu holds up I could create more users for additional servers too I guess, plus it's all running "native" so shouldn't see any VM-slowdown either.
we'll see...\o/
sun virtualbox (free), old windows 2000 pro license from dead laptop (effectively free), extra IP on the server (non-sequential to my websites' current ips), bit of ipsec - job done! a legit T2 server for a total cost of £1 (for the extra IP) \o/
It runs a free ftp software (black moon ftp 10 user limited jobbie) and RDP for direct remote access, which also means I can give someone else admin access if needed. There's no write access at all from the VM to the server and only read-access on a specific shared folder. I'm happy with that in terms of secure isolation
The server is called "_baserape_" and will be up and down for a bit while I get to grips with the admin stuff and test the bw usage, figure out how to install mods etc. If you see it I'd be interested to know what sort of ping you get.
I'm probably going to be switching hosts soon so am happy to abuse the hell out of the bandwidth as long as it doesn't affect the performance of my commercial sites.
It's on a 10mbit "virtual pipe" but from expeience I know it blatantly bursts quite a bit faster than that so should be a pretty decent setup. Ping from here is 20ms and on the lan is 3ms so not bad start
cheers for the help guys and the folks who PM'd...time for some shootin!