hacker safe protection
the server i worked for was recently hacked and destroyed by a recently banned group of users
to prevent this from happening i have come up with an idea that could help prevent this from happening to anyone else
basicly it works the same as a bank pin
when a staff member logs in they are a player
then they enter there 12digit pin # and there acess level is raised to the designated rank
the pin and rank are specified in the script which is located on the host comp
the pin is conected to the players serial so no random player can guess it, if they put in a pin belonging to somone else it will return the same message as if the pin didndt exist
when the user logs out it automaticly sets the user back to player so when they log back in they have to re enter the pin
the pin, because its only located in the script would be protected from methods like bruteforce, the only way to change a pin would be serverside which only the admin (and anyone who has remote acess) has acess to
staff gets 3 chances to put the right pin in, if they fail there account is flaged and locked until the admin changes the pin and password
it if possible would also ban that ip that tried to guess the pin
this would be a great safeguard against those who get past the client password
the server i worked for was recently hacked and destroyed by a recently banned group of users
to prevent this from happening i have come up with an idea that could help prevent this from happening to anyone else
basicly it works the same as a bank pin
when a staff member logs in they are a player
then they enter there 12digit pin # and there acess level is raised to the designated rank
the pin and rank are specified in the script which is located on the host comp
the pin is conected to the players serial so no random player can guess it, if they put in a pin belonging to somone else it will return the same message as if the pin didndt exist
when the user logs out it automaticly sets the user back to player so when they log back in they have to re enter the pin
the pin, because its only located in the script would be protected from methods like bruteforce, the only way to change a pin would be serverside which only the admin (and anyone who has remote acess) has acess to
staff gets 3 chances to put the right pin in, if they fail there account is flaged and locked until the admin changes the pin and password
it if possible would also ban that ip that tried to guess the pin
this would be a great safeguard against those who get past the client password
