|
|
|
|
|
|
|
|
|
 Posted: Tue Aug 12, 2008 1:19 pm
Byaggha Might be a scripted takeover - I've gotten a bunch of notices that basically amount to someone banging their head against my passwords on both mules and this account in the last few months, and I suspect a scriptkiddie is trying to jack old accounts because of it. I suspect - and this is just my thinking on it - that they run scripts to try and brute force passwords, and they either get lucky with them or get temporary account locks. So far they haven't cracked my mule (Kotiya seems to get it most frequently) and I have notified Gaia of the numerous attempts only to be told that until I actually get hacked, they can't do anything. *shrug* But yeah, I am thinking scriptkiddies and bots, so they don't actually have to do the work themselves, they just wait for the accounts to roll in while they're sleeping. The likelihood of a brute force script working on Gaia are slim. You get IP banned when you make too many failed attempts on a password, and that's what the scripts do. You can avoid such problems by having a long, complicated password. No words, just a combination of lowercase and uppercase letters and numbers. I don't know if this site lets you use symbols like & and #, but if it does, consider using those as well. Write the password down (don't save it to your computer) until you can memorize the key locations. All of my passwords are location memorized like that, and I've never been hit. Hell, I can't even remember my passwords sweatdrop I couldn't tell someone them for the life of me, I would have to type them to know it because the pattern of movements are what are memorized to me.
|
 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 1:23 pm
Besides - if you suspect a script kiddie, try letting one of the admins know, tell them that you've been getting repeated notices of attempts at your account, and see if anyone else you know has as well. If they do, the admins could look into the ping rates. If there's any that are higher than usual, and are consistently getting IP banned for periods of time (not hard to tell because then the pings would stop for that period of time, and then would start up again, or would continue trying and just not succeeding), they can probably find the person.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Violet Song jat Shariff Crew
|
Posted: Tue Aug 12, 2008 1:33 pm
Oh no Nuri! I'm sorry to hear that crying . One of my real life friends just got his gaia account hacked too. I hope you can get your account and all your items back.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 2:42 pm
error[dot]exe Besides - if you suspect a script kiddie, try letting one of the admins know, tell them that you've been getting repeated notices of attempts at your account, and see if anyone else you know has as well. If they do, the admins could look into the ping rates. If there's any that are higher than usual, and are consistently getting IP banned for periods of time (not hard to tell because then the pings would stop for that period of time, and then would start up again, or would continue trying and just not succeeding), they can probably find the person. I have, Error. Repeatedly. I've told them dates and times of auto account block messages I've gotten from the system for the various accounts I hold, listing them all and asking them if there was a way to track this person from the site and block them...they told me what I posted here: There's nothing they can do until I get hacked. Period. They said just make a long strong password and hope, effectively.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 3:04 pm
errorOSBdotCSBexe The likelihood of a brute force script working on Gaia are slim. You get IP banned when you make too many failed attempts on a password, and that's what the scripts do. That's, sadly, not the case. If I ran a script trying to BFI my way to passwords, I'd first run it through TOR. Every attempt to BFI the password would, first, reroute the IP address to a new one of the many thousands of IP addresses TOR has at its disposal. errorOSBdotCSBexe You can avoid such problems by having a long, complicated password. No words, just a combination of lowercase and uppercase letters and numbers. I don't know if this site lets you use symbols like & and #, but if it does, consider using those as well. Write the password down (don't save it to your computer) until you can memorize the key locations. All of my passwords are location memorized like that, and I've never been hit. Hell, I can't even remember my passwords sweatdrop I couldn't tell someone them for the life of me, I would have to type them to know it because the pattern of movements are what are memorized to me. Actually, I use Firefox and its password keychain to save all passwords, so you can make them as complicated as you like. Nyom nyom, disempowering the self biggrin
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 3:09 pm
Nuri, have you filled out a hacking report and do you want me to freeze your account as much as I can while you wait for a response?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 3:44 pm
Celeblin Galadeneryn Tea and Cu? Disagree? Never.Where is that quote from Rommy?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 4:41 pm
I'd say, keep an eye out on your main account. If someone has hacked in, they could do whatever they want on it, including the urge to troll and let's not hope, porn troll.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 5:11 pm
I'm sorry to hear that! I hope they don't get in. Have you tried making a longer, more complicated password, as others have suggested?
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 5:34 pm
TeaDidikai Celeblin Galadeneryn Tea and Cu? Disagree? Never.Where is that quote from Rommy? Found it! Quote: Tea: Do you know where Reagun’s Infodump might be? Rommy: No clue. Outside my sphere, darling. Tea: ~scampers back through the posts, trying to find a time when she & Reagun were at each other's throats~. Rommy: Or as we like to call it: Tuesday.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 6:43 pm
Deoridhe Nuri, have you filled out a hacking report and do you want me to freeze your account as much as I can while you wait for a response? That was the first thing I did, and that would be wonderful. Thank you!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 6:51 pm
Byaggha error[dot]exe Besides - if you suspect a script kiddie, try letting one of the admins know, tell them that you've been getting repeated notices of attempts at your account, and see if anyone else you know has as well. If they do, the admins could look into the ping rates. If there's any that are higher than usual, and are consistently getting IP banned for periods of time (not hard to tell because then the pings would stop for that period of time, and then would start up again, or would continue trying and just not succeeding), they can probably find the person. I have, Error. Repeatedly. I've told them dates and times of auto account block messages I've gotten from the system for the various accounts I hold, listing them all and asking them if there was a way to track this person from the site and block them...they told me what I posted here: There's nothing they can do until I get hacked. Period. They said just make a long strong password and hope, effectively. That's... depressing. Sysadmins should have more power than that confused CuAnnan errorOSBdotCSBexe The likelihood of a brute force script working on Gaia are slim. You get IP banned when you make too many failed attempts on a password, and that's what the scripts do. That's, sadly, not the case. If I ran a script trying to BFI my way to passwords, I'd first run it through TOR. Every attempt to BFI the password would, first, reroute the IP address to a new one of the many thousands of IP addresses TOR has at its disposal. Here's the difference, Cu. You and I aren't script kiddies. A lot of kids that get their hands on programs they don't understand and yet feel the need to go on power trips? Don't even know what TOR is, let alone how it works. Nice try though blaugh Quote: errorOSBdotCSBexe You can avoid such problems by having a long, complicated password. No words, just a combination of lowercase and uppercase letters and numbers. I don't know if this site lets you use symbols like & and #, but if it does, consider using those as well. Write the password down (don't save it to your computer) until you can memorize the key locations. All of my passwords are location memorized like that, and I've never been hit. Hell, I can't even remember my passwords sweatdrop I couldn't tell someone them for the life of me, I would have to type them to know it because the pattern of movements are what are memorized to me. Actually, I use Firefox and its password keychain to save all passwords, so you can make them as complicated as you like. Nyom nyom, disempowering the self biggrin I'd consider it, but I'm poor. sweatdrop
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 6:55 pm
SpaceTerminal Destiny I'd say, keep an eye out on your main account. If someone has hacked in, they could do whatever they want on it, including the urge to troll and let's not hope, porn troll. Yeah, I'm watching -- nobody has logged in on it since this morning, which makes me happy, but I'm also more nervous about say this guild. If I lose stuff, I'll be upset over the amount of money from donation items I have. Everything else I can re-buy, not a huge deal really. But they do something to this guild, it's not just effecting me at that point, and I'd be seriously pissed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Tue Aug 12, 2008 11:07 pm
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Wed Aug 13, 2008 4:47 am
*hugs for Nuri*
*angry glares at mysterious hacker monkeys*
Tea: Cosy sounds like fun!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
