Jump to content
MaxCheaters Official Group at Discord
--> Place your ad text here <--
  • 0

Roles & Features For L2 On Win 08

NeverHide

Asked by NeverHide,

 Share

Question

NeverHide Newbie

NeverHide

Posted
Posted (edited)

Hi kind peeps, I'm new to this, so the first suggestion I'm inclined to hear is whether its important to pick certain Win Server 08 Roles and/or Features for the optimal functionality of L2Off platform. Basically I'm curious if there are programs that would enhance the Live Server experience in any meaningful way. Thanks in advance

Edited by NeverHide
Link to comment
Share on other sites

8 answers to this question

Recommended Posts

  • 0
tk422 Newbie

tk422

Posted
Posted

I can't speak for VG pack specifically but you should not need to install any additional roles onto the machine.

Just make sure you have all the latest updates and security patches for MSSQL and the OS.

MS seems to only release SQL updates purely as service packs so just grab the latest.

Install all the .Net's manually though, then just grab the updates and security patches though WU.

 

General security advice:

- Disable Windows Firewall and get a real piece of gear to handle protection. Mikrotik is great though there is a bit of a learning curve if you're not familiar with networking.

- Block all inbound ports to the server except Auth and L2Server.

- Allow RDP access but only from specific IP's. Better yet use NAT to change the port to something silly.

- Log all outbound connections from the server.

- Do NOT run the registration system on the machine. Run it somewhere else and filter / proxy the connection.

Link to comment
Share on other sites
  • 0
xeL Apprentice

xeL

Posted
Posted

Yet undecided, leaning towards Vanganth IL ext, I'm currently playing around with his older release. 

You don't need to install much beside vc++ redist 2005/2008/2010. It works fin on win8 or winserver 2012. Recomanded is win2k8 for more stability.

Link to comment
Share on other sites
  • 0
NeverHide Newbie

NeverHide

Posted
  • Author
Posted (edited)

Many thanks to both of you folks.

 

@tk422, I'm grateful for your insight regarding network security. Concerning the last peace of advice about registration system, are you only talking about web account manager, or something from the server files as well?

Edited by NeverHide
Link to comment
Share on other sites
  • 0
tk422 Newbie

tk422

Posted
Posted

The best case scenario would be this:

- Write a rest API that runs on the same network as your game server(s) that handles / abstracts the various potentially dangerous tasks.

    ( Account Creation, Activation, Item Delivery, etc)

- Open the port the API runs on to your webserver but set the scope to ONLY talk to your web server's IP.

- The web server should only talk to your rest API. Never to anything sensitive.

 

Player > Web Server > API > Scary L2 Shit :P

 

 

Assuming the API is resilient and secure enough you now have a very minimal attack surface.

I wouldn't go crazy with SSL between the API and the web server. No one can touch the traffic anyway

... unless your web server gets haxxed. :D

 

 

Definitely set up notifications and make sure to keep very comprehensive logs.

Link to comment
Share on other sites
  • 0
NeverHide Newbie

NeverHide

Posted
  • Author
Posted

The best case scenario would be this:

- Write a rest API that runs on the same network as your game server(s) that handles / abstracts the various potentially dangerous tasks.

    ( Account Creation, Activation, Item Delivery, etc)

- Open the port the API runs on to your webserver but set the scope to ONLY talk to your web server's IP.

- The web server should only talk to your rest API. Never to anything sensitive.

 

Player > Web Server > API > Scary L2 Shit :P

 

 

Assuming the API is resilient and secure enough you now have a very minimal attack surface.

I wouldn't go crazy with SSL between the API and the web server. No one can touch the traffic anyway

... unless your web server gets haxxed. :D

 

 

Definitely set up notifications and make sure to keep very comprehensive logs.

Thats pretty clever, but the problem is, I don't know s**t about REST API  :poker face:  Thanks for your input anyway.

Link to comment
Share on other sites
  • 0
xeL Apprentice

xeL

Posted
Posted (edited)

Thats pretty clever, but the problem is, I don't know s**t about REST API  :poker face:  Thanks for your input anyway.

Just stay with account manager/registration manager out of server . Host in another place. As tk422 say , is pretty risky to host on same pc because can be many injections trough sql or other. Beside that . Never open port 2012 on outside. Is cached admin port.    :)

Edited by xeL
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to question listing


×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock