Securing a Windows Quake 2 server

imrazor · May 5, 2022, 2:44am

Mostly so I can play whenever I want to with a friend, I’ve set up a Quake 2 server on a Windows VM on ESXi 7. It is exposed to the Internet 24/7, so the question becomes what would be the best way to secure this thing at 1) the quake server level, 2) Windows level and 3) Network/firewall level? And I guess I should ask if there’s anything special I should do in ESXi to help keep it secure as well.

To the mods: this post touches on several different areas, so please feel free to move it if necessary.

KenPC · May 5, 2022, 5:41am

keep the windows vm, esxi server up to date and only allow the ports you need for your server and the vm/host updated.

You could look into placing the host on a DMZ so if it were compromised it wouldn’t open up your internal network

risk · May 5, 2022, 5:43am

and make snapshots/backups after updates, restore from snapshot regularly and indiscriminately

(you’re basically building a honeypot)

imrazor · May 5, 2022, 6:46am

I’ve got a free license for ESXi that does NOT include vSphere, which makes updates a pain. Any suggestions on the easiest way to keep ESXi up-to-date?

I have forwarded only the ports for Quake 2 from my dd-wrt router, so I guess that’s a good start. The rest of the network is behind the built-in NAT and firewall on dd-wrt.

KenPC · May 5, 2022, 8:36am

I forgot the free one doesnt let you do that.

Four0Four · May 5, 2022, 5:46pm

Easiest way I found was the VMware ESXi Patch Tracker blog. Just click the imageprofile name and it will give you the ESXi shell commands to download the update directly from VMWare and install.

Exard3k · May 5, 2022, 5:50pm

Uhhh…I remember running the dedicated server in many LANs “back in the days”. Good someone out there still keeps the fire going!