/Plugins Command

Discussion in 'Bukkit Discussion' started by Vincent Alexzander, May 16, 2011.

Thread Status:
Not open for further replies.
  1. Greetings,

    Two friends and I are playing on a private server. We invited some random individuals from another SMP server to join us in a survival campaign. The other players had told us about what plugins we were running and suggested we hide the plugins from displaying with the /plugins command.
    When questioning why, the reply was nothing we enjoyed hearing.

    My quest to find a plugin or alteration to prevent users from using the /plugins command has ultimately failed. Three days have now passed and a hacker had come into our server and messed several things up. We create backups every hour, however recently applied the white-list.txt method.
    This hacker somehow gained privies to the plugin we have "AdminCmd" and the server log said something along the lines of "AdminCmd flushing permissions for myusernamehere" and several others.

    We have world guard applied with craftbook and bukkit 766 recommended build. Not sure how this happened but we need to hide the /plugins command from others using it so people don't know what our plugins are.

    Any and all information in assisting us is gratefully welcomed, and thank you in advance folks.
     
  2. Offline

    niccholaspage

  3. Offline

    AgentKid

    Look at niccholaspage's post for how to block the command, but can you post your entire server.log to pastebin or something like that so that we can see all the messages in more detail?
     
  4. Offline

    Phaedrus

    Hiding the /plugins list is akin to security through obscurity. Also known as security for the honest. There are other ways to tell what plugins you have installed simply by trying commands or paying attention to the way things operate.

    You need to install and configure the Permissions plugin. It will allow you to configure user groups that have defined permissions to commands. Almost all plugins provide integration for permissions and publish the permission "nodes" that you must give to the groups or users that give access to a specific range of commands. This allows you to seperate a plugins powerful admin commands from their basic usage commands.

    Furthermore, by creating a default group that every new user is added to by default you can prevent them from using any commands or breaking and placing any blocks. That way they need to be approved and promoted to the next highest group by you before they can do anything. This is basically the concept of GreyListing. Anyone can connect, but they can't actually do anything without being added manually.

    When combined with the whitelist and online-mode=true, no one should be able to get onto your server and do something without your explicit involvement. You can then add things like a command logger so you can track down anyone that has used a command.
    You can check out my server for an example of how that works. I do not block the /plugins command. On the contrary I advertise the plugins I use, because it's the main draw of my server and I want people to use them. I've just gone the next step and secured access to those commands
     
  5. Thank you niccholaspage. +1

    I've removed AdminCmd and I am no longer having difficulties with some other things now. Server log says "[INFO]AdminCmd flushed permissions node for user MYUSERHERE". My guess is some sort of conflict? Odd that it just started happening but was running fine until that hacker came in.

    We've been using the permissions 2.7.* plugin and set default users to allow breaking of blocks in general but worldguard to restrict where you can and cannot dig.
    Since we are a private friends server with invite only, we all know what plugins we have, we just don't want intruders to have potential to find out which ones we have and use all of them against us.


    Well folks, thank you all for your support and assistance in resolving our issue. Thank you again! +3
     
  6. Offline

    Phaedrus

    I don't get it. If you already have a default group, how can someone randomly joining use a command you haven't given to the default group?
     
  7. Offline

    zipfe

    Should his permissions have been done properly, I always wonder why people go for some obscure hacker randomly joining their non-public server, instead of going for easiest, way more probable explanations:

    1) One of the guys you describe as a friend is a douche or was drunk.
    2) Someone used the computer of a white-listed player and logged in, then griefed.

    Just saying, these seem more probable to me. The only way to find out for sure is a plugin like BigBrother etc.
     
    Phaedrus likes this.
  8. Offline

    Plague

    Security by obscurity is a bad idea for true security (data protection and stuff) but a pretty neat one to slowdown script kiddies.
     
Thread Status:
Not open for further replies.

Share This Page