O
old.Gombur Glodson
Guest
- Thread starter
- #61
You give in, waaay to easily Damini.
D
Damini
Guest
- Thread starter
- #62
Cadire's been on these forums since the beginning of time, way longer than I've been here.
Unlike any of you young upstarts and ruffians and general miscreants.
Unlike any of you young upstarts and ruffians and general miscreants.
O
old.Gombur Glodson
Guest
- Thread starter
- #63
I survived the assault on the general forum and made it back alive to tell about it!
Im a vet
C
Cadire
Guest
- Thread starter
- #64
Aye, I've lived (and died) in the General Forum also. Anyone who can get out, with a modicum of sanity intact, deserves lots of TLC.
Thanks Damini dear, you'll always be my favourite Drama Queen
:kiss2:
Thanks Damini dear, you'll always be my favourite Drama Queen
:kiss2:
D
Damini
Guest
- Thread starter
- #65
You got away lightly Cadire. I was going to give you the title "Bumface" to match your avatar, but I got guilt at the last minute
O
old.k70
Guest
- Thread starter
- #66
Get a bouncer, problem solved.
M
~Mobius~
Guest
- Thread starter
- #67
I logged into my acct after 1 day away and i had 2 new wpns as well as about 100g more.
nerf nice hackers.
nerf nice hackers.
P
[PS]Riddler
Guest
- Thread starter
- #68
Originally posted by kemor
Guys, if you think you got your account hacked in some way, do this:
- stop using IRC, ICQ, etc. That's like letting the door of your house open when you go to work...
- change your account password every week (or more if you feel like it). The process is simple and instant.
- stop giving your account access to friends/guildmates.
- be VERY careful when playing from a net cafe. Sometimes some clever guys install keyloggers and the like on the computers. Be sure to check with the owner of the net cafe and to talk to other users. Net cafes are really great to play games like DAOC, but there is a risk as well.
- be sure to have a firewall installed and an up-to-date virus checker. I'm sure some computer pro will give everyone some good links for cheap and nice ones (right?
- if you have done everything above, then report in RightNow with time/date when YOU usually play and time/date when you think someone else played. However, be very careful if you report in Rightnow and shared your account. Once we start investigating, we WILL find out that you shared your account and you know our policy about that
Just for the record, I don't see what that could change. By saying this, you are implying that we (GOA) are source of the problem. Sorry but we can't really check your computers and make them safe, that's simple fact. We give you tools to change your account information, we give you customer support so you can report the problems...the rest, is up to you.
I changed my password every week, i use a firewall, i contacted RightNow (and didnt get an answer fyi), and i dont use irc often, dont go to netcafes, dont save my pwd on my computer, delete all emails off GOA. And i still got hacked. Just for the record if you read this kemor i still havent got my 1P+ back or my vault contents.
B
bongos
Guest
- Thread starter
- #69
HeheOriginally posted by n3wbie
:sleeping:
T
Turamber
Guest
- Thread starter
- #70
With all due respect this analogy is flawed. The issue in this thread is one of security, not of maintenance.
There are many, many computer and internet users who have computers that work fine - but they don't understand all the terminology, don't understand all the technology or exploits either!
Would you think it alright for a joy rider to steal and wreck your car just because you didn't fit an immobiliser? Did you deserve your car to be stolen?
Of course not.
Hackers are breaking the law. It is wrong. It is immoral. We should not put up with their anti-social behaviour, or their apologists who really should spend more time at school and less time mentally masturbating by taking advantage of the ordinary computer user.
A
andrilyn
Guest
- Thread starter
- #71
Real Hackers (No scriptkiddy) are really smart fyi, most of them are top of the class.
But its wrong to do ill agree with that.
O
old.Gromnir
Guest
- Thread starter
- #72
To be a hacker aka a guy who is really good at programming you have to ahve more then two braincells. To be a scriptkiddie it only takes 1 braincell *click download script/virus/scanner/worm* *click install if needed* *click port scanne* *click run programme that dose all the cracking for me* *bip bip bip bip welcoem to mister X's computer fell free to fuck it up* *click click click click now im bored* *click on the little X and leave a cool leet msg so that mister X knows hes puter was owned by a kiddie*
S
Stinko
Guest
- Thread starter
- #73
A firewall does JACK SHIT if someone is sniffing your traffic. And yes, it IS easy to sniff unencrypted traffic (like DAOC traffic) for login-passwords.
J
Jood
Guest
- Thread starter
- #74
ZA aint Great, but it does have the added advantage of blocking unwanted outbound trafick, Trojans, spyware, M$ updates
all the evuls
S
SilverHood
Guest
- Thread starter
- #75
I use ZA pro.... never had a problem,
People trying to portscan me happens on a daily basis though.
Most ports are closed / stealthed
If anyone hacks me, it will most lieky be my own fault.
People trying to portscan me happens on a daily basis though.
Most ports are closed / stealthed
If anyone hacks me, it will most lieky be my own fault.
R
Roo Stercogburn
Guest
- Thread starter
- #76
Originally posted by rynnor
Hmm a tip that has been given before is to delete the mail that you get initially with your subscription and game logon and passwords (obviously write it down first
Mail systems like hotmail often get hacked and leaving that email about not only gives access to your DAOC login but also via the account section of the DAOC website to your payment details.
Another way to do it is to view messages in your web browser, but then use something like Outlook Express to download them to an offline folder afterwards. I created a folder in Outlook Express where I keep anything vaguely important. Hotmail stuff that I want to keep gets moved from online to offline and I can always refer back to it when I want to.
Nothing is more secure than deleting it though in case your PC does get hacked
D
Damon_D
Guest
- Thread starter
- #77
Aye print + delete . Hackers are welcome to visit me at home for my PW , be sure to pay your life-insurence....
K
k9awya
Guest
- Thread starter
- #78
haha
fool !
N
nemesisgm
Guest
- Thread starter
- #79
Kemor is not spouting crap at all Fatgit heres how it works. I am a professional Network Security Consultant. I have designed countless computer network security protocols and systems for Banks, Insurance Companies and Blue Chip businesses.
IRC is one of the weakest and easiest internet medium to allow simple and direct access to the home users machine.. Your IP address and email details if given are provided by built in mechanics of the medium. Now theres a million and one trace route and ISP gate worms on the internet available or written by people who have nothing better to do with their life than try and ruin other peoples livelihoods for fun. Once Said idiot has traced your Ip and has assertained weather or not you have a firewall, which firewall if you do and how easy it is to get through.. btw don't use zone alarm, its a rather poor package which requires all of 30 seconds to punch a whole through which 99% of usres wouldn't even begin to look for let alone notice.
Now once the poor guy whose acount who they are attempting to hack logs off and next logs in simple broadcast worms or mini programs placed quitely in the background that can read every mouse click, every keystroke the users makes and logs it on the hackers computer for their future use. There are even some more advanced forms of Shadowing programmes more commonly found in the thin client world of computing that allow the to shadow your pc's desktop and duplicate everything on there.. read your email for you, access every file and document you have on your pc whilst its online.
In the end of the day... such actions will give the nerds who wish to do so pretty much all they want and without protecting yourself from such attacks you have no right to accuse someone else of causing the problem. IRC does little for the game play of daoc.. let alone for the safety of your machine should somone of my level of knowledge of such topics or close to to it, heck half of what i know on the suubject wish it.. I could place files and doucments on your pc, without you even knowing, I could pull out files you've deleted all whilst you sit on irc or daoc and play about.
Protect yourself and don't ridicule someone who obviously kows more regarding the situation than yourself. Kemor is exactly right in the comments he's made.
Durgi.
P.S. For those wishing links and information regard first class and simple firewall software feel free to personal message me here and I shall provide you with information and links to reasonable priced firewall software, that though not full proof is tough enough to turn your average hacker away.
G
GReaper
Guest
- Thread starter
- #80
If you seriously knew what details IRC gives to a user, then you would not be saying this. IRC does not require a users email address whatsoever, there is nowhere in the protocol which requires to specify an email address.
If you wish to introduce yourself as a professional, could you perhaps not spread false facts?
R
Riddler
Guest
- Thread starter
- #81
Preliminary Internet connection refused!
This is extremely favorable for your system's overall Windows File and Printer Sharing security. Most Windows systems, with the Network Neighborhood installed, hold the NetBIOS port 139 wide open to solicit connections from all passing traffic. Either this system has closed this usually-open port, or some equipment or software such as a "firewall" is preventing external connection and has firmly closed the dangerous port 139 to all passersby. (Congratulations!)
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
ph33r
This is extremely favorable for your system's overall Windows File and Printer Sharing security. Most Windows systems, with the Network Neighborhood installed, hold the NetBIOS port 139 wide open to solicit connections from all passing traffic. Either this system has closed this usually-open port, or some equipment or software such as a "firewall" is preventing external connection and has firmly closed the dangerous port 139 to all passersby. (Congratulations!)
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.
ph33r
I
ImLestat
Guest
- Thread starter
- #82
He does actually say "email details if given", meaning if you entered it. Last time I fired up Mirc (using it very sparingly) it was possible to enter your email address when connecting (not REQUIRED though if i remember correctly). I'm pretty sure that's what he is talking about. However, the IP address is what is important here. Let's say that there is some pr0n wannabe hacker out there that just feels like he wants to break into someones comp and possibly steal their Daoc login/pw. Now where would he go to most easily find a gathering of players, and where he can get their IP's? Well, as I see it off the top of my head you can go to two places, boards like this one, and Irc. I'm sure it's perfectly possible to grab IP's off these boards, but not without at least some little bit of hacking involved. Of course the IP's aren't necesserily the current ones here either, because many people have ISP's with dynamic IP addresses. The other option, Irc, offers a way more convenient way of getting the current IP to a person, and also a current one (as long they are both connected at the same time). Irc in itself doesn't hand out the tools to break in, it's just a convenient way (for the hacker) to find his victims. Since some of those that post here are fond of analogies I'll try to do one myself:
Consider your computer as a house. You may of course have installed all different sorts of alarms and safety devices to keep everyone out (firewalls and the like). You are somewhat safe usually, you might get a few burglars driving by at night checking your house out if you are unlucky. Now using Irc would be like hanging up a note with your address at the local mall or something (Edit: Actually it's not the LOCAL mall, it's a WORLDWIDE mall.). Anyone at the mall can find your address and swing by you, good and bad ones alike. And if you post your address like that, be certain that your rates of bypassing burglars will increase. Of course, in the end it all comes down to the security of your house, but posting that address just increases the risk that someone at some point will be able to bypass it.
F
fatgit
Guest
- Thread starter
- #83
Actually, only SOME irc clients require email address, and who puts their real email addy/name into mIRC ?
Many IRC clients dont require anything, other than your nick.
Yes, IRC makes it a bit easier to get you're IP (assuming you don't use a bouncer), but as I posted previously, there are other ways to get someones IP - not as easy I grant, but possible.
The point is, telling people not to use IRC is as stupid as telling people not to use a PC incase someone steals it and gets your pass off the hard drive.
IRC is not the problem, the problem is ill informed people spouting crap, trying to frighten other ill informed people that can't follow most ISP's recomendations and use a firewall.
Again, I will point out that GOA send sub details in a plaintext email, for someone with a little knowledge, it wouldn't be hard to write an email worm that looks for emails grom goa and sends them to someone else, if this happens, will Kemor tell us all to stop using email, rather than use a decent email client and virus scanner?
Rather than explain the basic steps to take for protection on IRC, he tells people its eeeevil and not to use it, which, as I pointed out, is total bullshit.
S
Stinko
Guest
- Thread starter
- #84
Why this talk about firewall this, firewall that?
I feel the biggest security flaw in Daoc is the (probably) unencrypted traffic with Usernames and password. Just put a sniffer up and wait for someone on the same un-switched network to log in on Daoc. There you go, you got both Password and Usernam, without the hazzle of trying hacking into one others computer?
Go to a Internet café and put the sniffer up and you probably got 5 account detalils on short time.
This metod will even give you mail account details (if using POP3), telnet session details and so on.....
I feel the biggest security flaw in Daoc is the (probably) unencrypted traffic with Usernames and password. Just put a sniffer up and wait for someone on the same un-switched network to log in on Daoc. There you go, you got both Password and Usernam, without the hazzle of trying hacking into one others computer?
Go to a Internet café and put the sniffer up and you probably got 5 account detalils on short time.
This metod will even give you mail account details (if using POP3), telnet session details and so on.....
N
-Nxs-
Guest
- Thread starter
- #85
Well said, You'll end up doing more damage by giving false advice to undereducated computer users than good.
G
GReaper
Guest
- Thread starter
- #86
Email address is not a built in mechanic of the IRC medium. It is a feature of one IRC client (mIRC) and perhaps a few others. There is nowhere in IRC protocol to specify an email address - therefore it is not a feature of the medium. Where do I give my email address in BitchX or irssi?
IRC requires a nickname, a 'real' name and an ident, it will also show your IP. Nothing else is required.
IRC requires a nickname, a 'real' name and an ident, it will also show your IP. Nothing else is required.
N
-Nxs-
Guest
- Thread starter
- #87
Everyone would do well to listen to GReaper's advice - he knows what he's on about, a top gizza.
Nerf DAOC for windows... BUFF DAOC for linux.
P
pudzy
Guest
- Thread starter
- #88
rofl
O
old.windforce
Guest
- Thread starter
- #89
ARP cache poisoning... who needs unswitched networks
fact: IRC is a risc
in a way that every service a computer exposes is a risc
i particular like the ickle hardware boxes like netgear etc.
(nerf bitchX)
V
VidX
Guest
- Thread starter
- #90
Leaving your PC logged into IRC will give anyone on it your IP address unless using NAT or a shell account. Through this it is very easy to get ALOT of info from someones PC, and if you know how, hack into it.
You can do anything once you have someones IP address if you know how. Firewalls and AV software are really only a way of making it harder to hack into a system, not impossible.
Most AV software will usually pick up any Trojans on your PC as long as the software is up to date. A nice AV program is PCcillin by Trendmicro, and, as mentioned above, ZoneAlarm is a nice basic firewall, but to be safe I would go for something a bit more advanced, like Tiny Personal Firewall which allows you to specify alot more detail in the rules you apply to the firewall.
As for the people who hack your PC... why would a general hacker possibly go to the effort of hacking into your PC just to play DAoC and give away your equiptment? And how would they know how to do that unless they have played the game before?
The only reason I can think is that there is someone who is idling on one of the main IRC channels, most likely #daoc.prydwen, who is using information gathered from the channel to gain access to peoples accounts and play around.
And imo, the people who are doing this aren't being punished enough. It is illegal to gain unauthorised access to any computer system, no matter what way or what is done. If you feel that your system has been hacked directly, you have a right to pursue this, and who ever did it should be punished to the fullest. Yeah, sure, they only hacked into your PC to get your password to log in and hand your equiptment out. But they have shown they are capable of doing far worse, and they have already committed a crime.
If anyone manages to hack into my PC, they better watch it, because I will ensure that they are taken to court for it, no matter what country they are in or whatever laws, or lack of, they think they can hide behind. And any company that holds records of this happenning can be asked to provide these details by a judge.
We all know that kr0n was responsible for Brannors account being hacked, but he is still allowed to play the game, though using a different account, but GOA still know he is playing. Yet do nothing about it. Personally I would delete his account again, and again, and again, until he gets the hint. Though, legally, Brannor has every right to press charges against kr0n for obtaining personal information by illegal methods and abusing that information.
GOA need to make sure they make a bigger example of this, and if it means they take out people who account share, then so be it.
As far as I know, the only people who would have access to my passwords would be my flatmates, and only through actually physically using my PC from archived mail.
The only way to be sure is make sure you have AV and firewall software installed and running, and change your passwords on a regular basis, same as any normal PC user should do with all passwords.
You can do anything once you have someones IP address if you know how. Firewalls and AV software are really only a way of making it harder to hack into a system, not impossible.
Most AV software will usually pick up any Trojans on your PC as long as the software is up to date. A nice AV program is PCcillin by Trendmicro, and, as mentioned above, ZoneAlarm is a nice basic firewall, but to be safe I would go for something a bit more advanced, like Tiny Personal Firewall which allows you to specify alot more detail in the rules you apply to the firewall.
As for the people who hack your PC... why would a general hacker possibly go to the effort of hacking into your PC just to play DAoC and give away your equiptment? And how would they know how to do that unless they have played the game before?
The only reason I can think is that there is someone who is idling on one of the main IRC channels, most likely #daoc.prydwen, who is using information gathered from the channel to gain access to peoples accounts and play around.
And imo, the people who are doing this aren't being punished enough. It is illegal to gain unauthorised access to any computer system, no matter what way or what is done. If you feel that your system has been hacked directly, you have a right to pursue this, and who ever did it should be punished to the fullest. Yeah, sure, they only hacked into your PC to get your password to log in and hand your equiptment out. But they have shown they are capable of doing far worse, and they have already committed a crime.
If anyone manages to hack into my PC, they better watch it, because I will ensure that they are taken to court for it, no matter what country they are in or whatever laws, or lack of, they think they can hide behind. And any company that holds records of this happenning can be asked to provide these details by a judge.
We all know that kr0n was responsible for Brannors account being hacked, but he is still allowed to play the game, though using a different account, but GOA still know he is playing. Yet do nothing about it. Personally I would delete his account again, and again, and again, until he gets the hint. Though, legally, Brannor has every right to press charges against kr0n for obtaining personal information by illegal methods and abusing that information.
GOA need to make sure they make a bigger example of this, and if it means they take out people who account share, then so be it.
As far as I know, the only people who would have access to my passwords would be my flatmates, and only through actually physically using my PC from archived mail.
The only way to be sure is make sure you have AV and firewall software installed and running, and change your passwords on a regular basis, same as any normal PC user should do with all passwords.