For SRCDS on Linux:
By default there are almost no instructions for installing SRCDS. Just getting it running can be an adventure for some. Getting it to run securely is a completely different problem. Many don't realize that security is even an issue. However running an insecure game server can really ruin your day or even your whole clan if you're not careful.
An example. While many individuals use special plug-ins for administration, many use RCON. RCON is a remote console capability that is only protected by a password. If someone can find your password (or if an admin decides to do something malicious) there is no end of problems they can cause. RCON has an "exec" capability where it can run a script on remote host. It also has a "save" capability where it can save a file to the server's filesystem.
These commands run with the permissions of the account running the SRCDS process. I've seen a number of posts on the internet recommending users run SRCDS in as root in order to avoid issues with permissions. If you do this, then any user with RCON access can overwrite any file on your system rendering it unusable. Not good.
This guide will help you deploy a secure SRCDS server on Linux. Each step will be described in detail and the risk of not performing each step will be discussed as well. Security is not an absolute, and it is also not a necessity for some. This guide will hopefully help you decide how far down the security rabbit hole you want to go.
NOTE: This is a work in progress. Pardon the dust.
Contents |