Unknown challenge (128) spam in server console
Unknown challenge (128) spam in server console
My server console is showing a whole lot of "Unknown challenge (128)" messages all from the same IP, but with different ports. This started after I got an email from a friend saying that he hadn't seen my server on the listings for a few days. What's could be causing this?
"For the world is hollow, and I have touched the sky."
Re: Unknown challenge (128) spam in server console
UPDATE: The last Unknown challenge message was almost 3 hours ago, and one of my servers had players about an hour ago.
"For the world is hollow, and I have touched the sky."
Re: Unknown challenge (128) spam in server console
Even though the problem seems to have disappeared, I would still like to know why it happened and how to fix it if it happens again.
"For the world is hollow, and I have touched the sky."
Re: Unknown challenge (128) spam in server console
I have the same messages in my server/log/console and it is still going on.
Unknown challenge (128) from 24.49.26.103:40606. Ignoring IP for 10 seconds.
Unknown challenge (128) from 24.49.26.103:56118. Ignoring IP for 10 seconds.
Unknown challenge (128) from 24.49.26.103:48285. Ignoring IP for 10 seconds.
This is an ip from USA (Virginia), but i had such messages from China and other places in the US as well.
What I noted is:
- The messages are consecutive and affect (in practical all cases) all my servers at the same time
- each time a different port
- according to me these are not regular login attempts that went wrong because of wrong zandronum version, missing wads and the like
Questions I have:
- What the hell are they? They freak me out a bit tbh. Should I be worried and what measures can I take to enforce security of my system?
- To generalize: are there (known) security issues that I should consider when hosting servers on my machines?
- is this related to zan3.0 that has an enhanced logging message system as opposed to 2.1.2. Is it therefore possible that the same events are happening as before, but zan 2.1.2 just did not show messages in log for such events
- is this specifically zandro related, or is it possible that this is affecting other programs/services i'm running at the same time (web server and stuff like that)?
Thank you for helping me out/clarifying some stuff....
Unknown challenge (128) from 24.49.26.103:40606. Ignoring IP for 10 seconds.
Unknown challenge (128) from 24.49.26.103:56118. Ignoring IP for 10 seconds.
Unknown challenge (128) from 24.49.26.103:48285. Ignoring IP for 10 seconds.
This is an ip from USA (Virginia), but i had such messages from China and other places in the US as well.
What I noted is:
- The messages are consecutive and affect (in practical all cases) all my servers at the same time
- each time a different port
- according to me these are not regular login attempts that went wrong because of wrong zandronum version, missing wads and the like
Questions I have:
- What the hell are they? They freak me out a bit tbh. Should I be worried and what measures can I take to enforce security of my system?
- To generalize: are there (known) security issues that I should consider when hosting servers on my machines?
- is this related to zan3.0 that has an enhanced logging message system as opposed to 2.1.2. Is it therefore possible that the same events are happening as before, but zan 2.1.2 just did not show messages in log for such events
- is this specifically zandro related, or is it possible that this is affecting other programs/services i'm running at the same time (web server and stuff like that)?
Thank you for helping me out/clarifying some stuff....
Re: Unknown challenge (128) spam in server console
I am not experienced with this, so what I think will probably be wrong, but I believe this is a modified client trying something that's illegal for the server. I believe this was something that happened before to someone, and it ended up being this exact thing basically. A dev can probably answer this better though.
Re: Unknown challenge (128) spam in server console
Thank you for your reply, but the persistence with which someone with a Chines IP tries to connect to my servers is quite astonishing.....
Re: Unknown challenge (128) spam in server console
Forgot to mention this might also just be a firewall issue, where the user is not able to connect because of it. There is a similar thread here: https://zandronum.com/forum/viewtopic.php?f=39&t=8800
Re: Unknown challenge (128) spam in server console
I repeats not that quick. Only one message each 5 mins or so...Fused wrote: ↑Fri Dec 01, 2017 11:34 amForgot to mention this might also just be a firewall issue, where the user is not able to connect because of it. There is a similar thread here: https://zandronum.com/forum/viewtopic.php?f=39&t=8800