Server Security Update

Admins · #1 12-23-2004, 09:07 PM

All servers have been restarted to make it more secure. Staff (RCs) can only login if they have the right ip range and if the ip range contains less than 2 stars. Only the Admin-Playerworld account is allowed to have "*.*.*.*" as ip-range, when he/she logins for the first time. If your server had insecure ipranges before, you will need to fix it.
It is also possible now to not allow other people (hackers) login into your account as client if you set the ip range of the account on the website, we will soon post more information about that.

xAndrewx · #2 12-23-2004, 09:13 PM

Wooot Thanks :d!!
Very nice ;D

URBANLEGEND · #3 12-23-2004, 09:35 PM

Very nice stefan, Stay on top of security :P

Lance · #4 12-23-2004, 09:59 PM

Less than or equal to two stars, you mean?

Slash-P2P · #5 12-23-2004, 10:09 PM

A step ahead in the right direction. Finally.

Spark910 · #6 12-23-2004, 10:31 PM

Good good!

protagonist · #7 12-23-2004, 11:36 PM

Quote:

Originally Posted by Lance

Less than or equal to two stars, you mean?

I think he means less than two stars, like you can only have one star. Just because my IP range isn't working now, and I think it had two stars in it.

Lance · #8 12-23-2004, 11:51 PM

Quote:

Originally Posted by protagonist

I think he means less than two stars, like you can only have one star. Just because my IP range isn't working now, and I think it had two stars in it.

I don't think so, because I just set a local IP range for someone with 2-star IPs in it and it worked just fine (and he said all servers were restarted).

protagonist · #9 12-24-2004, 12:20 AM

Quote:

Originally Posted by Lance

I don't think so, because I just set a local IP range for someone with 2-star IPs in it and it worked just fine (and he said all servers were restarted).

Ohh ok, good.

Spark910 · #10 12-24-2004, 01:29 AM

Is anyone having any problems with this?
Some e-mails I have gotten report the Admin-Playerworld account is having issues with it, and wont let them on. Is this the same for anyone else?

LordMatt · #11 12-24-2004, 01:51 AM

This would lock me out of RC forever. My ip always starts off 172. and after I log off AOL or shut down my computer and come back on....the numbers after 172 change. This makes it so that I can never have a set IP. :-\

anim8999 · #12 12-24-2004, 04:58 PM

Quote:

Originally Posted by Stefan

It is also possible now to not allow other people (hackers) login into your account as client if you set the ip range of the account on the website, we will soon post more information about that.

From what I heard they use trojans on the persons computer and log onto graal using the victims ip and account. So hackers will still beable to get on if that is how they are doing it.

Salaisuus · #13 12-24-2004, 05:40 PM

Quote:

From what I heard they use trojans on the persons computer and log onto graal using the victims ip and account.

Yes, or as I have experience they use much simpler ways to get passwords from people.

Here is a chat I just had on my server:

Opposite (24.12.2004 17:24:16):

Hey

---
Opposite (24.12.2004 17:25:04):

hi

---
You (24.12.2004 17:25:45):

hoi

---
Opposite (24.12.2004 17:25:46):

Answer please.

---
You (24.12.2004 17:26:35):

?

---
Opposite (24.12.2004 17:26:51):

Dude. I need to fix some Servers, because they are insecure. I need your
Admin Account for just 1 second to get ur save. After I'm done you can change
it. You will get a Account from me which is Gold as Save.

---
You (24.12.2004 17:27:32):

oh sure, hold on a second

---
Opposite (24.12.2004 17:28:24):

Ok.

---
Opposite (24.12.2004 17:29:23):

Got it?

---
Opposite (24.12.2004 17:30:50):

??

---
You (24.12.2004 17:31:18):

Yes, I got your account name and IP now. Thank you for waiting.

---
Opposite (24.12.2004 17:31:54):

So. If you want Errors you can just wait.
Stefan updated the new GServer. Did you Download it from Setup ?

---
Opposite (24.12.2004 17:32:20):

So your Playerworld might restart sometimes, yesterday right ?

---
Opposite (24.12.2004 17:34:54):

you see my tag? I am Scripter for GraalOnline..-_-

---
You (24.12.2004 17:35:35):

Yeah, thats why you need my account

---
Opposite (24.12.2004 17:36:56):

Ok.
I will explain you what to do. And you will do it Ok? Nothing more..?

---
You (24.12.2004 17:37:47):

Sure, right, sure.

---
Opposite (24.12.2004 17:38:13):

Ok.
say /stats and give them to me.

---
You (24.12.2004 17:39:11):

Sounds fair

---
Opposite (24.12.2004 17:39:35):

Just copy the Stats to me. Nothing more.

---
You (24.12.2004 17:40:15):

Sure Mr. Scripter, why not

---

...And after that he finaly realised that Im not about to give him my password.

Sadly that must be the way most people get "hacked".

Its propably against the forum rules for me to post hes account name here or something... He had a tag (Scripter)...

Hrm Slash, does your guild have any kind of anti hacker policy? (Not that you can call that guy a hacker realy...)

anim8999 · #14 12-24-2004, 06:36 PM

Well alot of private servers are ran by noobs so I wouldn't be surpised if he got someones account.

Graal needs to get ahold of itself, it seems like the hackers are really giving them a hard time. I went on some playerworld today and saw that the levels were replaced and had like **** swastikas, profanity and porn in them all.. The NPC Server even sent me like 50000 pms of a letter to the "manager" of that server saying why it was attacked and the attack was just a "christmas present".

BTW who runs graal? Some 16 year old?

TESTRETIS · #15 12-24-2004, 06:47 PM

Quote:

Originally Posted by LordMatt

This would lock me out of RC forever. My ip always starts off 172. and after I log off AOL or shut down my computer and come back on....the numbers after 172 change. This makes it so that I can never have a set IP. :-\

^ What he said.

Doahh_p2p · #16 12-24-2004, 07:01 PM

Make an IP log

Slash-P2P · #17 12-24-2004, 07:41 PM

Quote:

Originally Posted by Salaisuus

...And after that he finaly realised that Im not about to give him my password.

Sadly that must be the way most people get "hacked".

Its propably against the forum rules for me to post hes account name here or something... He had a tag (Scripter)...

Hrm Slash, does your guild have any kind of anti hacker policy? (Not that you can call that guy a hacker realy...)

Are you on drugs?

Theres a difference between fraud and being incredibly stupid.

If the tag (Scripter) was illegal, don't you think it would be disbanded?

If anyone in my guild is using the tag to pretend to be any staff member of Graal Online or just a staff member on a PW, forum PM me with some proof and I will remove and ban the member.

'Anti-Hacker Policy'? It's hard to tell who is going to go crazy and try to delete servers just from looking at an account name and a little comment saying 'plz let me in i can script'.

Don't bring me into your problems with stupid people.

thesaiyan · #18 12-24-2004, 09:41 PM

Quote:

Originally Posted by Doahh_p2p

Make an IP log

The rclog.txt logs the IP of every RC connected to the gserver?

Spark910 · #19 12-24-2004, 09:48 PM

Quote:

Originally Posted by thesaiyan

The rclog.txt logs the IP of every RC connected to the gserver?

Often the logs get destroyed (far too big to open), so it would be good if it logged the IPs when they logged off to a log not on the playerworld.

URBANLEGEND · #20 12-24-2004, 09:53 PM

Quote:

Originally Posted by anim8999

BTW who runs graal? Some 16 year old?

No, a 38 year old runs graal. He name is Stephan Portha a.k.a. Unixmad.

http://forums.graalonline.com/forums/member.php?u=2

anim8999 · #21 12-24-2004, 09:58 PM

Quote:

Originally Posted by URBANLEGEND

No, a 38 year old runs graal. He name is Stephan Portha a.k.a. Unixmad.

http://forums.graalonline.com/forums/member.php?u=2

I heard some bad things about him......

Salaisuus · #22 12-24-2004, 10:23 PM

Quote:

Are you on drugs?

No.

Quote:

If the tag (Scripter) was illegal, don't you think it would be disbanded?

Yeah, I do. But I didnt say it was illegal.

Quote:

Don't bring me into your problems with stupid people.

I more of tought it as your problem and graal problem.
Just tough youd like to know.
Personally I think the lad is funny, he popped up again for more intresting chatter:

Opposite (24.12.2004 18:14:06):

dude
was someone with my account online here ?

---
You (24.12.2004 18:15:16):

Yes, Someone with the same exact IP as you

---
Opposite (24.12.2004 18:15:25):

did he use my scripter tag ?

---
You (24.12.2004 18:15:48):

Yes "he" did

---
Opposite (24.12.2004 18:16:16):

damn this was jellyfish
when i log on again here ignore me ok?

---
You (24.12.2004 18:16:54):

I always do

---
Opposite (24.12.2004 18:17:21):

good
if u dont know him
jellyfish is the leader of this stupid anti unixmad gang so be carefull

thesaiyan · #23 12-24-2004, 10:25 PM

I especially love it when they play dumb.

Amagius · #24 12-24-2004, 11:00 PM

Well, Jellyfish is one of the head honchos over at the Anti-Unixmad site. Sadly it falls to shambles once he logs on with the same IP.

GrowlZ1010 · #25 12-25-2004, 12:51 AM

Just as a little aside, the following IP range should be valid for all AOL users, as it encompasses every IP that AOL owns in the 172.*.*.* block:

172.128.*.*,172.129.*.*,172.130.*.*,172.131.*.*,17 2.132.*.*,
172.133.*.*,172.134.*.*,172.135.*.*,172.136.*.*,17 2.137.*.*,
172.138.*.*,172.139.*.*,172.140.*.*,172.141.*.*,17 2.142.*.*,
172.143.*.*,172.144.*.*,172.145.*.*,172.146.*.*,17 2.147.*.*,
172.148.*.*,172.149.*.*,172.150.*.*,172.151.*.*,17 2.152.*.*,
172.153.*.*,172.154.*.*,172.155.*.*,172.156.*.*,17 2.157.*.*,
172.158.*.*,172.159.*.*,172.160.*.*,172.161.*.*,17 2.162.*.*,
172.163.*.*,172.164.*.*,172.165.*.*,172.166.*.*,17 2.167.*.*,
172.168.*.*,172.169.*.*,172.170.*.*,172.171.*.*,17 2.172.*.*,
172.173.*.*,172.174.*.*,172.175.*.*,172.176.*.*,17 2.177.*.*,
172.178.*.*,172.179.*.*,172.180.*.*,172.181.*.*,17 2.182.*.*,
172.183.*.*,172.184.*.*,172.185.*.*,172.186.*.*,17 2.187.*.*,
172.188.*.*,172.189.*.*,172.190.*.*,172.191.*.*

Attatched is a convenient text file with all that on one line. Please, PLEASE, PLEASE read the below disclaimer before you even think about doing anything at all with this!

Quite why anyone could think that this 767-byte nightmare is better than 172.*.*.*, I'm not sure. The two are functionally identical, since the above range gives everyone from AOL access, as does 172.*.*.*. I don't even know if the RC can store almost a kilobyte of IP ranges for a single user.

Oh, well!

Disclaimer: GrowlZ is one of the people who will have to sort this whole sorry mess out in the unlikely event that it goes wrong, and so, if he finds you using it, he will probably have to hate you. Neither GrowlZ nor any other member of the PWA should be construed as supporting or even liking this plan in part, whole, or in any way whatsoever. This IP range is provided in the hope that it is useful, but without warranty or even implicit suitability for any purpose. If this IP range is a) too big for your server to understand, b) too insecure to use safely, or c) not inclusive of other secret America Online IPv4 addresses, GrowlZ and any organisations he may be affiliated with accept no responsibility if your server breaks because of it. NO responsibility whatsoever. NO RESPONSIBILITY WHATSOEVER. YOU HEAR ME?! Any copyrights or legal privileges that GrowlZ may have had over the huge IP range (insofar as that it may qualify as personal expression under the Berne Convention) are hereby waived to whatever degree GrowlZ may do so. All liability for the use of this hideous IP range is transferred to you, the Valued Customer, to whatever extent your jurisdiction allows. Use it at your own risk. This post was mostly intended to make the point that expecting all AOL users to share any fixed range other than 172.*.*.* is kinda unfair and very, very impractical. Have a really lovely day.

LogicBot · #26 12-25-2004, 02:21 AM

I've talked to Jellyfish before. He has a lot of issues with unix. Says he's a dictator, that he makes sure that other games like Graal get shutdown and sues them and all of this stuff.

He can script like mad though.