5

I have quite good hardware in my PC and an optic fiber connection. I opened a CS:GO (Counter Strike Global Offensive) server on it, and made it public. The IP for connecting to this server is my public IP address.

I set a strong password to the router admin (24+ characters), and I made sure that I have no risky/unwanted ports open. So in short, except for DDoS attacks, is this setup risky in any way?

Anders
  • 64,406
  • 24
  • 178
  • 215
CsgoHost
  • 51
  • 1

1 Answers1

8

The biggest risk is probably a 0-day or simply an unpatched vulnerability in the server software of CS:GO.

Against a 0-day you are rather helpless. You can give the user running the CS:GO process as little permissions as possible. If your server gets compromised, the attacker can only act with the permission of this user, as long as he doesn't exploit a local privilege escalation as well. Being the victim of such a 0-day is not very likely, but it always is a residual risk when exposing a service to the internet.

To avoid getting compromised via an unpatched vulnerability, well, patch your CS:GO server regularly. Find out where users are informed about new patches and vulnerabilities and monitor these sources. If you cannot patch immediately, consider shutting the server down until you get to patch it.

In case you do not offer the server 24/7 and mostly play yourself, shut the server down, when it is not needed. Reducing the attack surface also means reducing the time the service is available.

Demento
  • 7,249
  • 5
  • 36
  • 45
  • thank you so much! i checked and my server is up to date and i will keep up and check regularly for new updates. about limiting permissions, is simple software restriction policy would do a good work in this term? beyond 0-day, is there any other attacks i'm vulnerable to? – CsgoHost Apr 06 '20 at 20:25
  • 2
    As an example, [Zero-Days in Counter-Strike Client Used to Build Major Botnet](https://threatpost.com/zero-days-counter-strike-botnet/142823/) – nickdew Apr 06 '20 at 20:56
  • 1
    You can also consider hosting the server on a VM for an added layer of insulation – rdmptn Apr 14 '20 at 22:04
  • @rdmptn I second that. A VM is a great protection from 0-days on the server software, since VM escapes are relatively rare – Ryan Amos Apr 17 '20 at 17:59
  • There is a brand new issue concerning CS:GO, that may require immediate attention: https://twitter.com/BafDyce/status/1253035403470307328 – Demento Apr 22 '20 at 19:29