eqemu hardening
I'm familiar with Linux and mysql hardening and I've found a few threads here that deal with that, but, are there any steps to take to harden eqemu, specifically?
I disabled auto account creation after finding a couple dozen accounts created and then looked in my log files and noticed that somebody was probing the server. Are there any other steps you might recommend? |
Literally the same steps you'd take to secure your OS/Database.
It's just binaries running that connect to a database.... It's the same as running anything on that system. |
It's odd, but I have several names in the "account" table, after having already deleted many that were on there and yet only 2 names on the "loginserver_server_account" table.
Is this normal behavior? |
I'm running the server on a Linux box and was thinking about changing the default permissions to:
find . - type d -exec chmod 700 {} \; find . - type f -exec chmod 600 {} \; Will that affect anything on the eqemu side? Will it stop the server from running? EDIT: Okay, I figured out that the eqemu_config.json is the reason that people can create accounts, they can create an account on the loginserver for eqemulator and then see my server and then login to my emulator. I had never tried that before and just did so a few minutes ago, and, sure enough, I saw the account created in the DB. |
| All times are GMT -4. The time now is 08:26 AM. |
Powered by vBulletin®, Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.