Server password hack?

[vash 0]

I tend to keep my dedicated server running, just to see what kind of traffic gets generated. On my server, I have a heavily modified config file that has password changes and a different map rotation than the default.

Yesterday, I look at my server and see that a few maps have been loaded that aren't in my config file (as it sits now, there is only one map in the config file). The missions do exist on the server, but they aren't listed in my .cfg file.

So, I ask, is there a hack for the admin password? I have changed the password again (done this three times since it has happened as often) and probably will do it more often. If someone had my admin password, they can change the maps, but the only person who has it is me and my brother (he doesn't even know how to enter the password or change the mission).

Or, is this "normal"? I don't know how someone could change the mission, without having the password, but is there a method? I figure if the missions aren't layed out in the config file, no one should be able to go any other mission without having the admin password and changing it manually.

Also, is there a way to get more logging from the clients? If I could read a log file of everything the client types in a chat window/line, then I would have at least some level of knowing what someone did to change the map. As it sits now, I don't see any file that has the information of what has gone on.

Any information would greatly be appreciated.

vash

[Espectro (DayZ) 0]

The clients can vote for an admin ie:

#vote admin Espectro

If enough people does this, I would get logged in as admin.

Whenever the admin tryes to log in, the user-voted admin will get instantly logged out, and the "pure" admin will take over.

Hope that would answer your question

[Placebo 28]

Moving to MP

[vash 0]

Well, that would explain it. This sounds like a really bad idea to me: voting a person to be the admin.

Is there a way to disable the ability to vote? I see the voting threshold, if I take it out, will the ability to vote be disabled?

Could there be a way to at least log the # commands? The logging feature would be so good, especially with the previous 1.40 crash. All I'd want is the logging of:

1. The IP address the person came in from.

2. Their unique id at the time.

3. All text typed into the console/chat window.

4. Time stamps would be nice.

If I had that information, I wouldn't have had to start this thread.

vash

[Hudson 0]

It is rather simple to disable voting. Set the threshold to over 100%. Tested, works a charm  

[MitchSchaft 0]

Just to let you guys know. When someone votes an admin and then the real admin comes and logs in, the voted admin still has some powers. I've run tests on it. The voted admin still has the ability to kick people, except for the real admin. Something to think about. I have this line in my server.cfg to keep people from being admin:

voteadminplayers=99;

[MitchSchaft 0]

You can test it yourself on my server: 24.33.13.90

[suchey 0]

the voted admin should not have the power to change your cfg file...access to the actual box the server is running from is required for that as far as I know.

[Iax 0]

I think its pretty stupid of you to remove the vote admin.

Often due to lag out and other crap the server needs an admin, and if you have no voting, then its stupid.

[Hudson 0]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (Iax @ Jan. 12 2002,23:18)</td></tr><tr><td id="QUOTE">I think its pretty stupid of you to remove the vote admin.

Often due to lag out and other crap the server needs an admin, and if you have no voting, then its stupid.<span id='postcolor'>

What is even more stupid is some of the people that play OFP. You run a DS and let the booger eatin morons get voted admin, then they can ruin you DSs rep in a couple of hours. Disabling the vote is not stupid, allowing the player with a maturity level of my nephew to admin on a server is.

[Hudson 0]

And here is you another reason...

http://www.flashpoint1985.com/cgi-bin....52;st=0

Just goes to show the caliber of players that you find out there from time to time.

[MitchSchaft 0]

Exactly. I'd rather run into problems with lag issues and no admin, than dickheads and have an admin.

[zovirl 0]

</span><table border="0" align="center" width="95%" cellpadding="3" cellspacing="1"><tr><td>Quote (MitchSchaft @ Jan. 12 2002,00:59)</td></tr><tr><td id="QUOTE">Just to let you guys know.  When someone votes an admin and then the real admin comes and logs in, the voted admin still has some powers. I've run tests on it. The voted admin still has the ability to kick people, except for the real admin. Something to think about. I have this line in my server.cfg to keep people from being admin:

voteadminplayers=99;<span id='postcolor'>

what does voteadminplayers do anyway? I can't find that in any of the documentation...maybe I'm just not looking in the right place

[MitchSchaft 0]

however many players it takes to vote an admin. Set it high if you don't want anyone to vote. I'm not 100% that this is a real command:).

[ninelives 0]

voting is good, i have a server and my voting trashold is 0.33.

voting is good, imagine someone is laming around, someone calling someone gay. voting admin can kcik his behind.

voting is good, imagine he/she can choose a mission.

voting is good.