Malicious security breach...

CraiG^ · Mar 21, 2014

BoomBoom said:
It is most likely a inside job or a very bad choice of password.

If the database is hosted on the same server only local access should be permitted and the port should be closed.

If it's external then it should be set for only X IP to connect to it.

It's inevitable to happen when you have more than one person who access the server.

Dictatorship works with Mir

Newcomer that speaks sense.

+1

holly · Mar 21, 2014

BoomBoom said:
It is most likely a inside job or a very bad choice of password.

If the database is hosted on the same server only local access should be permitted and the port should be closed.

If it's external then it should be set for only X IP to connect to it.

It's inevitable to happen when you have more than one person who access the server.

Dictatorship works with Mir

Probably why P69 has gone on for so many years.

BoomBoom · Mar 21, 2014

Yep, there are lots of servers that have been online for a long long time that only have one owner. Greed kicks in eventually, especially with this server where I would imagine they are making a decent profit with all the EXP potion sales. Someone feels they should be getting more than what they are given.

Also the database hasn't been released? To me that says the "hacker" is most likely trying to extort some money.

I would be interested in hearing how it was accessed.

Vane · Mar 21, 2014

Blank said:
It's pretty standard for a database leak to have ID, Password, Email Address & DoB fields all in one location.

So yes, if you've used the same password elsewhere you'll be wanting to change them & make note in future that even gigantic corporations have experienced these sorts of database losses/thefts & are under constant attack, so you should always use different passwords for all services when possible.... and using the same password for a private server of any kind hosted by someone you don't know that has no legal or professional obligation to keep your information secure is right up there with eating yellow snow & pissing into the wind. (This is a global rule, nothing against Sam)

Thx for the response.

Samuel · Mar 21, 2014

I am still alive all and have yet to close my eyes... I am feeling good about changes done, I am going to do some testing and make sure and then potentially look at putting the server back up (hopefully I have done enough)...

Will keep you all informed if I haven't gone postal by then.

Sam

Surreal · Mar 21, 2014

Samuel said:
I am still alive all and have yet to close my eyes... I am feeling good about changes done, I am going to do some testing and make sure and then potentially look at putting the server back up (hopefully I have done enough)...

Will keep you all informed if I haven't gone postal by then.

Sam

Good to know! Don't work too hard man, everyone needs their sleep!

Any more information on the attack itself?

luofee · Mar 21, 2014

yea take a break sam and good jop.

DiabloVodkaShot · Mar 21, 2014

luofee said:
yea take a break sam and good jop.

pfft no beak:P

stagg · Mar 21, 2014

sam for all ya hard work ill take ya levlin when server up

deano13 · Mar 21, 2014

Samuel said:
I am still alive all and have yet to close my eyes... I am feeling good about changes done, I am going to do some testing and make sure and then potentially look at putting the server back up (hopefully I have done enough)...

Will keep you all informed if I haven't gone postal by then.

Sam

Any idea when your going to send out the new passwords? Also you have two other team members, why ain't they helping lol?

Tist · Mar 21, 2014

They prob have diff roles, npc scripting, maps etc. They prob all don't know about networking / hacking / programming and prob only Sam has contact with hosts.

Jicaa · Mar 21, 2014

deano13 said:
Any idea when your going to send out the new passwords? Also you have two other team members, why ain't they helping lol?

Maybe they are? or maybe it will end up just like AceM2 where Sam does everything :P

DeadGirl · Mar 21, 2014

deano13 said:
Any idea when your going to send out the new passwords? Also you have two other team members, why ain't they helping lol?

Because sams the one that has access and does that side of things?

Dun · Mar 21, 2014

I think Nemo is out on a hot date tonight.

Vemm · Mar 21, 2014

any update plz?
is there any chance to launch the server tonight?
i know u need to sleep but if u awake kindly tell us anything

Search

Search

Malicious security breach...

CraiG^

Legend

holly

LOMCN Veteran

BoomBoom

Dedicated Member

Vane

Dedicated Member

Samuel

Mir Chronicles Dev

Surreal

Dedicated Member

luofee

LOMCN n00bie

DiabloVodkaShot

LOMCN VIP

stagg

LOMCN Veteran

deano13

Golden Oldie

Tist

Dedicated Member

Jicaa

Pooslice

DeadGirl

Dedicated Member

Dun

Dedicated Member

Vemm

Dedicated Member