Digital Paint Discussion Board
Fairness Enforcement => Cheater Reports and Bans => Topic started by: tartjagger on September 28, 2009, 09:15:43 AM
-
A number of my regulars got pretty pissed off last night when a player called DANtypeR started exploiting an error in my server config that left some admin commands including tban open for all players to use.
Now I know there is an argument that it shouldn't have been possible to use this command, but equally just because it was available does not mean that he was justified in spoiling the game for a number of other people. I do not want him back on my server, I have banned his IP, is it possible to ban him by MAC address? It has been suggested I ban him by subnet, but that may affect other people.
What do other people think, is this acceptable behaviour?
Here's the edited log from last night:
[22:49:55] DANtypeR connected [92.41.92.55:9117]
[22:50:01] Rcon from 127.0.0.1:39864:
rcon ********* say Visit our website on www.tartsdirtyden.wetpaint.com
[22:50:01] DANtypeR entered the game (build 27) [92.41.92.55:9117]
[22:50:01] cmd: DANtypeR getscores 0
[22:50:01] cmd: DANtypeR getscores 8
[22:50:01] cmd: DANtypeR global_login ec3e6269e60001a7fb8568dc1e447987
[22:50:04] 7:00 left in match.
[22:50:04] *johngamer (Carbine) eliminated *MOBIUS1 (Carbine).
[22:50:05] *Mart[1001] (Carbine) eliminated *{dUk}penguin1234 (Carbine).
[22:50:06] *Mart[1001] (Carbine) eliminated *killerkingkong (Carbine).
[22:50:10] cmd: killerkingkong say "lol"
[22:50:10] [ELIM] killerkingkong: lol
[22:51:13] cmd: DANtypeR tban 6 60[22:51:13] killerkingkong was kicked
[22:51:13] killerkingkong disconnected.
[22:51:13] Round started...
[22:51:28] cmd: DANtypeR tban 5 60
[22:51:28] [tDTA]ROSES was kicked
[22:51:28] [tDTA]ROSES disconnected.
[22:51:28] Client 6 is not active
[22:51:54] cmd: killerkingkong say "why was i kicked"
[22:51:54] killerkingkong: why was i kicked
[22:51:54] cmd: DANtypeR tban 7 60
[22:51:54] johngamer was kicked
[22:51:54] johngamer disconnected.
[22:51:56] Round started...
[
[22:52:18] cmd: killerkingkong say "i just got kicked"
[22:52:18] [ELIM] killerkingkong: i just got kicked
[
[22:52:28] cmd: DANtypeR say "wot is happening??"
[22:52:28] [OBS] DANtypeR: wot is happening??
[22:52:30] {dUk}penguin1234 connected [********************]
[22:52:31] 5:00 left in match.
[22:52:34] cmd: killerkingkong say "?"
[22:52:34] [ELIM] killerkingkong: ?
[22:52:51] cmd: DANtypeR kck 6
[22:52:52] cmd: {dUk}penguin1234 getpings 0
[22:52:53] cmd: DANtypeR kck 6
[22:52:54] cmd: DANtypeR kck 6
[22:52:54] cmd: DANtypeR kck 6
[22:52:54] cmd: {dUk}penguin1234 getpings 0
[22:52:55] cmd: DANtypeR tban 6 60
[22:52:55] killerkingkong was kicked
[22:52:55] killerkingkong disconnected.
[22:53:04] cmd: DANtypeR tban 2 60
[22:53:04] Mart[1001] was kicked
[22:53:04] Mart[1001] disconnected.
[22:53:04] Client 6 is not active
[22:53:04] Client 7 is not active
[22:53:05] killerkingkong connected [*****************]
[22:53:06] cmd: DANtypeR getpings 0
[22:53:07] Round started...
[22:53:08] newbie(1) connected [*******************]
[22:53:09] cmd: DANtypeR getpings 0
[22:53:10] cmd: DANtypeR tban 5 60
[22:53:10] {dUk}penguin1234 was kicked
[22:53:10] {dUk}penguin1234 disconnected.
[22:53:10] Client 7 is not active
[22:53:10] killerkingkong entered the game (build 23) [*****************]
[22:53:10] cmd: killerkingkong getscores 0
[22:53:10] cmd: newbie tossgren
[22:53:13] cmd: killerkingkong say "wtf"
[22:53:13] [ELIM] killerkingkong: wtf
[22:53:17] Mart[1001] connected [******************]
[22:53:20] Mart[1001] entered the game (build 27) [******************]
[22:53:20] cmd: Mart[1001] getscores 0
[22:53:21] cmd: Mart[1001] global_login ##############################
[22:53:22] cmd: Mart[1001] getpings 0
[22:53:22] cmd: killerkingkong say "i got kicked again"
[22:53:22] [ELIM] killerkingkong: i got kicked again
[22:53:26] cmd: Mart[1001] say "me too"
[22:53:26] [ELIM] Mart[1001]: me too
[22:53:41] cmd: Mart[1001] say "seems like someone got admin commands and thinks it's funny"
[22:53:41] [ELIM] Mart[1001]: seems like someone got admin commands and thinks it's funny
[22:53:42] cmd: DANtypeR say "how do i join"
[22:53:42] [OBS] DANtypeR: how do i join
[22:54:11] cmd: DANtypeR getpings 0
[22:54:13] cmd: DANtypeR tban 6 60
[22:54:13] killerkingkong was kicked
[22:54:13] killerkingkong disconnected.
[22:54:14] cmd: DANtypeR getpings 0
[22:54:15] cmd: Mart[1001] getpings 0
[22:54:16] cmd: DANtypeR tban 5 60
[22:54:16] Mart[1001] was kicked
[22:54:16] Mart[1001] disconnected.
[22:54:16] Client 6 is not active
[22:54:17] cmd: newbie <pr c76e706531f04da6ddddcb4682cab380f74e330d5491398698b3ac2fecaf9de5bf0b
[
[22:54:44] cmd: killerkingkong say "newbie are you kicking everyone"
[22:54:44] killerkingkong: newbie are you kicking everyone
[22:54:47] Round started...
[22:55:27] Round started...
[22:55:31] cmd: DANtypeR getpings 0
[22:55:31] cmd: newbie getpings 0
[22:55:34] cmd: DANtypeR getpings 0
[22:55:35] cmd: DANtypeR tban 0 60
[22:55:35] newbie was kicked
[22:55:35] newbie disconnected.
[22:55:35] Client 5 is not active
[22:55:35] Client 6 is not active
[22:55:37] cmd: LUIZNSG tossgren
[22:55:39] *killerkingkong got the *Blue flag!
[22:55:45] cmd: DANtypeR getpings 0
[22:55:47] cmd: DANtypeR tban 1 60
[22:55:47] Client 0 is not active
[22:55:47] killerkingkong was kicked
[22:55:47] killerkingkong disconnected.
-
how can someone use this cmd without login?
-
DANtypeR started exploiting an error in my server config that left some admin commands including tban open for all players to use.
-
ah ok ty
-
i think that deserves a global ban for a few weeks (:
-
for DANtypeR or for tartjagger? :)
-
dan. as he was the one using the error for his enjoyment.
-
for DANtypeR or for tartjagger? :)
I like your style, fancy being an Admin? LOL
-
Its not an exploit. Just dumb.
@AsThor:
When you add a new Command to the command.txt and make it wrong, you can use tban and some other cmd's without login.
-
But the commands shouldn't react like that. 1 faulty one should only affect itself, not other commands that can potentially annoy the hell out of people on the server if someone finds out.
-
I agree that a software fix would seem to be the ultimate solution, but I'm sure it's nowhere near the top of the things to do list, so let this be a reminder to anyone configuring a server that you need to be careful setting up the commands.txt file.
More importantly I think we should show the antisocial idiots that exploit mistakes like this that it is not clever or funny to go spoiling the game for other people?
-
If you can't properly protect your server against people like that, then it is your fault, and not theirs. They in no way deserve a global ban, or even a ban from your server. The lesson is, if you're going to try to run a respectable server, take the time to set it up right.
-
So this dude got the rcon, and was able to do stuff by making other people speak when they weren't?
GENIUS.
-
no, kyuuchi, he didnt use rcon, just the local commands.
-
From these logs, I don't think rcon was stolen. Looks like it's just a script/watchdog running from the same server that is routinely sending console chats. This guy had access to tban and other commands with oplevel 0 because of a bad commands.txt.
-
If you can't properly protect your server against people like that, then it is your fault, and not theirs. They in no way deserve a global ban, or even a ban from your server. The lesson is, if you're going to try to run a respectable server, take the time to set it up right.
So your saying that the guy who did this is completely innocent and that its all tartjagger's fault?
-
So your saying that the guy who did this is completely innocent and that its all tartjagger's fault?
AS a server owner/oiperator, it is HIS responsibility to make sure things are taken care of, especially when it comes to configs and commands.
-
the point here is that he knew what he was doing yes tart made a mistake in the commandtxt but still this guy didnt just come on and wonder what would this do he must no what he was doing he didnt just randomly type tban in the command and tban about 7 players out of the server
he typed it cos he knew what it would do
and i bet he went around every server trying this as well to find a server that wasnt set up right to take advantage if this was your server you wouldnt be talking like this u would ban him and want him banned or told off for doing that
-
AS a server owner/oiperator, it is HIS responsibility to make sure things are taken care of, especially when it comes to configs and commands.
The problem was fixed within half an hour of me being notified.
So you're saying it's acceptable for anyone to go out and deliberately look for ways to spoil the game for other people? Well not on my server it isn't, he's banned.
-
AS a server owner/oiperator, it is HIS responsibility to make sure things are taken care of, especially when it comes to configs and commands.
Nope - doesn't look like that's what I said at all.
It's a HUGE responsibility to run a server. Ask XB or Superman, or wait! Even myself.
You had a player that found a security vulnerability and exploited it. Your fault for not setting it up correctly. His fault for exploiting it.
it's fixed.
it runs.
water under the bridge.
Now quit putting words in my mouth.....
-
If you leave a pie alone under an open window and come back the person who took it is wrong, but you're an idiot for leaving the pie alone.
Pie is awesome....why...why would you ever not eat it? :|
-
Pie is awesome....why...why would you ever not eat it? :|
You can't have your cake and eat it..
Oh, wait, does that just apply to cake? Such a shame :(
We're only at stage one of analogies, usually (http://dplogin.com/forums/index.php?topic=12161.msg122106#msg122106) there's one (http://dplogin.com/forums/index.php?topic=11994.msg121029#msg121029) about murder (http://dplogin.com/forums/index.php?topic=12047.msg121252#msg121252) by now (http://dplogin.com/forums/index.php?topic=13832.msg137470#msg137470).
Don't give someone an ax if you don't want them to cut your tree down, then again, they could very well be trying to find out if a tree makes a sound when it falls in a forest and no one is around to hear it (since you've labeled them a nobody, they have to make use of it somewhere!)
I think Knack pretty much covered everything by the way.
-
Since every one has a little story, here is mine.
A poor person drops some money. Do you be a bad citizen and exploit the poor person? OR Are you a good citizen and TELL the poor person about the money and give it back?
(no offence tartjagger :) We all know you are rich:D)
- Taking what isn't yours without permission is STEALING.
Although tartjagger made a mistake, it shouldn't have been exploited.
-
I think someone should put a poll on this topic...
You had a player that found a security vulnerability and exploited it. Your fault for not setting it up correctly. His fault for exploiting it.
Pretty much agreed. Though the security vulnerability is more of a mistake. Exploiting errors isn't a mistake.
My story:
The government is responsible for a weapons surplus warehouse. For 10 minutes the warehouse isn't guarded because there was a mix up in guarding duty times. A civilian walks into the warehouse by accident. He finds no-one there and takes a few guns. He then gets angry at a few people and starts firing. Once he starts firing he doesn't stop.
Who's fault? Many people will blame the government and the guards. Yes. But the person?
No. It's just too hard to resist taking free equipment. As for the killing - maybe he had a mental condition...
It's everyone's fault, but are you going to blame everyone equally?
-
These stories are horrible, and completely stupid. This is a game, some one had fun and tbanned a bunch of people because the server allowed it to happen. I would have done that, it's hilarious, plus the server owner would flip out. At lease Fuzz ball had the first murder story. DP is not real life kiddies, even though you'd all like to believe it is.
-
These stories are horrible, and completely stupid.
Hence why they should be encouraged for entertainment value :D