Thread: Recent Malicious Activity

Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 32
  1. #21  
    Donator

    Join Date
    Jun 2014
    Age
    24
    Posts
    153
    Thanks given
    28
    Thanks received
    47
    Rep Power
    44
    thank you for the update on this.
    Reply With Quote  
     

  2. Thankful user:


  3. #22  
    Owner of Dawntained

    Mgt Madness's Avatar
    Join Date
    Oct 2011
    Age
    25
    Posts
    3,383
    Thanks given
    1,422
    Thanks received
    955
    Rep Power
    2134
    Thanks for the advice.

    Hacks are common even with big corporations, take Yahoo as an example
    Reply With Quote  
     

  4. Thankful users:


  5. #23  
    Head Veteran and Respected Member


    Thakiller's Avatar
    Join Date
    Dec 2006
    Age
    23
    Posts
    2,944
    Thanks given
    1,946
    Thanks received
    3,012
    Rep Power
    5000
    If you’re a server owner, you have a responsibility to keep your systems secure. You’re operating in a scene where people will jump onto any exploit they can and the onus is absolutely on you to keep these exploits to a minimum.
    So if the onus is on them, are they gonna be held accountable for hyping up and launching an unsecured server putting their entire playerbase (not to mention our community they advertise on) at risk? I wouldn't trust these people launching a server here ever again lol.
    Reply With Quote  
     


  6. #24  
    Contributor
    Women's Avatar
    Join Date
    Mar 2010
    Posts
    1,857
    Thanks given
    696
    Thanks received
    1,113
    Discord
    View profile
    Rep Power
    4264
    7.1 Malicious Conduct
    Malicious conduct may lead to severe account action. The malicious conduct can vary from denial of service attacks, group/mass spamming, registering an account with intent to cause trouble, and malicious software. This also includes providing software to engage in such acts.
    uwu

    i would assume events like this have happened many times throughout rune-servers history (dunno for sure tho) i'd be interested to know how it was handled in the past, as consistency is important here
    Reply With Quote  
     

  7. #25  






    Omar's Avatar
    Join Date
    Dec 2007
    Posts
    261
    Thanks given
    546
    Thanks received
    697
    Discord
    View profile
    Rep Power
    5000
    Quote Originally Posted by Thakiller View Post
    So if the onus is on them, are they gonna be held accountable for hyping up and launching an unsecured server putting their entire playerbase (not to mention our community they advertise on) at risk? I wouldn't trust these people launching a server here ever again lol.
    Mistakes happen, companies get hacked all the time. In this case, it was a bit of human error, but nothing too egregious. They disclosed the fact that they had been compromised and they were relatively timely about it. I don't think there is any point in punishing them.

    I don't want to start the precedent, really. It'll get messy quick if we start banning people for 0-day exploits in IPB and stuff like that.


    Spoiler for aaaa:



    Reply With Quote  
     

  8. Thankful users:


  9. #26  
    Head Veteran and Respected Member


    Thakiller's Avatar
    Join Date
    Dec 2006
    Age
    23
    Posts
    2,944
    Thanks given
    1,946
    Thanks received
    3,012
    Rep Power
    5000
    Quote Originally Posted by Omar View Post
    Mistakes happen, companies get hacked all the time. In this case, it was a bit of human error, but nothing too egregious. They disclosed the fact that they had been compromised and they were relatively timely about it. I don't think there is any point in punishing them.

    I don't want to start the precedent, really. It'll get messy quick if we start banning people for 0-day exploits in IPB and stuff like that.
    Well, the bigger issue that Scu mentioned yesterday is that it's actually 5 servers that are affected, I figured it was just the 3 posted in the OP of this thread. If it was still in the 1-3 servers affected range, they absolutely should be disallowed from advertising any RSPS here in the future. That's what having responsibilities means, it means you face consequences if you don't carry them out. This situation is more unique than that though it seems.

    But with the number at 5 servers and possibly more we just don't know of, it speaks to there being a larger issue that the RSPS owners were in much less control of than originally thought (IPB exploit they couldn't do anything about or w.e). Makes it harder to ensure the "onus" *really is* on the RSPS owners in a situation like this.
    Reply With Quote  
     

  10. Thankful users:


  11. #27  
    Registered Member
    Join Date
    May 2021
    Posts
    12
    Thanks given
    2
    Thanks received
    1
    Rep Power
    11
    Wow, actually had XLSTART on my computer. Didn't download any of the servers listed though, so even if you didn't log in to these 3 servers you might still wanna check.
    Reply With Quote  
     

  12. #28  
    .

    Raw Envy's Avatar
    Join Date
    Dec 2010
    Posts
    3,031
    Thanks given
    862
    Thanks received
    1,179
    Rep Power
    3021
    Quote Originally Posted by Thakiller View Post
    Well, the bigger issue that Scu mentioned yesterday is that it's actually 5 servers that are affected, I figured it was just the 3 posted in the OP of this thread. If it was still in the 1-3 servers affected range, they absolutely should be disallowed from advertising any RSPS here in the future. That's what having responsibilities means, it means you face consequences if you don't carry them out. This situation is more unique than that though it seems.

    But with the number at 5 servers and possibly more we just don't know of, it speaks to there being a larger issue that the RSPS owners were in much less control of than originally thought (IPB exploit they couldn't do anything about or w.e). Makes it harder to ensure the "onus" *really is* on the RSPS owners in a situation like this.
    Can't really ban people for 0 day IPB exploits like Omar said, this has been happening for years and the individual that does this is still allowed to own and advertise his server. That is the issue here really. Instead of blaming people the onus should be on the community to spread good security information and yeah still on owners of course but still... When I get time I will make a thread regarding this, but for now people can just view what I posted on the first page unless someone else beats me to making a thread.

    Quote Originally Posted by 2Wavy View Post
    Wow, actually had XLSTART on my computer. Didn't download any of the servers listed though, so even if you didn't log in to these 3 servers you might still wanna check.
    OS-Scape is now fully secure and this won't happen again, the hacker is a 1 trick pony so if you're not using IPB or he doesn't manage to hack an account from previous data leaks or bruteforce attempts the servers are fine.
    Last edited by Raw Envy; 08-09-2021 at 11:48 AM.


    Reply With Quote  
     

  13. Thankful user:


  14. #29  
    Registered MrClassic
    MrClassic's Avatar
    Join Date
    Oct 2008
    Age
    13
    Posts
    2,026
    Thanks given
    20,342
    Thanks received
    501
    Rep Power
    5000
    Maybe this could be helpful for people who are new to security. Just plain basic tutorials how to secure your linux server. Because changing permissions of folders and files won't really do much if you haven't properly secured your server.


    You can easily follow these step-by-step!

    https://www.thefanclub.co.za/how-to/...-part-1-basics

    https://www.informaticar.net/securit...-ubuntu-20-04/

    EDIT:

    Also in this tutorial it shows you how to accept more incoming/outgoing IP's, ports, services... If you need it.

    https://www.digitalocean.com/communi...n-ubuntu-18-04
    Last edited by MrClassic; 08-10-2021 at 12:47 PM.
    Reply With Quote  
     

  15. Thankful user:


  16. #30  
    Registered Member
    Join Date
    Aug 2021
    Posts
    2
    Thanks given
    0
    Thanks received
    5
    Rep Power
    0
    Quote Originally Posted by MrClassic View Post
    Maybe this could be helpful for people who are new to security. Just plain basic tutorials how to secure your linux server. Because changing permissions of folders and files won't really do much if you haven't properly secured your server.


    You can easily follow these step-by-step!

    https://www.thefanclub.co.za/how-to/...-part-1-basics

    https://www.informaticar.net/securit...-ubuntu-20-04/

    EDIT:

    Also in this tutorial it shows you how to accept more incoming/outgoing IP's, ports, services... If you need it.

    https://www.digitalocean.com/communi...n-ubuntu-18-04
    You'd think the top servers would be better at the basics!!!
    Reply With Quote  
     

  17. Thankful users:


Page 3 of 4 FirstFirst 1234 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


User Tag List

Similar Threads

  1. Replies: 53
    Last Post: 09-20-2014, 11:03 AM
  2. My most recent
    By Javotoshop in forum Showcase
    Replies: 2
    Last Post: 06-06-2007, 05:27 AM
  3. Replies: 2
    Last Post: 05-28-2007, 02:11 AM
  4. Recent sigs..Rate them.
    By Da grizzley in forum Showcase
    Replies: 2
    Last Post: 05-18-2007, 02:13 AM
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •