Author Topic: Hub HACKED  (Read 8823 times)

0 Members and 1 Guest are viewing this topic.

Offline [ES]latinmusic

  • Triple Ace
  • **
  • Posts: 236
  • Karma: +1/-0
(No subject)
« Reply #25 on: 26 November, 2003, 02:24:01 »
phaty i was not telling norton is bad, i only say that kerio is better than norton, also is very difficult to configure it, at last waht firewall people are going to use is only a matter of taste :)

PtokaX forum

(No subject)
« Reply #25 on: 26 November, 2003, 02:24:01 »

Offline plop

  • Forum God
  • ****
  • Posts: 2 464
  • Karma: +37/-0
(No subject)
« Reply #26 on: 26 November, 2003, 03:23:00 »
Quote
Originally posted by (uk-kingdom)pH?tt?
Well i totally disagree with you, maybe you aint got it in you to set norton up, its pretty simple, i think its a pretty easy wizard its a simple click click click and your off, then if a program attempts to access net in or out, then you will be asked to make a rule for this program, if anyone connects to you succesfully and its a threat to your computer it will ban their ip, norton is/and will remain the best firewall in my experience, it has the biggest database going, uses little memory, doesnt pop up with annoying warnings, it will simple flash in the tray
ok visnetic is complex.
i have setup norton a lot of times for other ppl so yes i know it (same for nearly every other firewall around).
if a program tryes 2 acces the net and you won't allow it then it's or a program wich shouldn't be there or a service wich shouldn't be running  etc...
visnetic also bans ip's automaticly after x connects (port connect scan not only pings).
if a connection is dangerous it should be blocked before it can be made (default deny -  no rule no acces).
and what happens if norton crashes???
yes everything goes open, visnetic has the great option 2 block everything if the firewall is not running/crashed (it never crashed on me and i have a couple friends who reguarly try 2 hack me).
does norton use less then 6MB memory ??
visnetic doesn't popup anything and doesn't flash, it logs everything wich is blocked and can even email the log files.

Quote
Originally posted by (uk-kingdom)pH?tt?
norton also protects data from being passed over the internet for example if you have a password, and you dont want it to be said on msn or such then you block it, and it will warn you that you are about to send crutial data online and recommend blocking, norton is the best, i do not have to say no more ;)
most you say here is the work of a webfilter not a firewall.
look here for more info about that.

now 2 give an example about my setup, i'm behind a gateway, if i would run norton on that how is it gone know wich program is sending data from the workstation??
in my case norton and any other application based firewall is useless, and a firewall on the workstation is useless 2 as it's hidden by the NAT router in the gateway.
now also comes the fact that the router in my modem can set a default ip, any inbound connections on ports wich are not routed are send 2 this.
now comes the trick, that ip is not used by any computer.
visnetic has the boring job of only protecting the routed ports.

*sorry if you find me anoying, i'm a crazy guy trying everything 2 get the best.
in the end it is like latinmusic says a mather of taste, just something you like doesn't have 2 be better then something you don't like.
for example why do ppl use windows instead of BSD, because it's easyer, but BSD is way better.

plop
http://www.plop.nl lua scripts/howto\'s.
http://www.thegoldenangel.net
http://www.vikingshub.com
http://www.lua.org

>>----> he who fights hatred with hatred, drives the spreading of hatred <----<<

Offline pHaTTy

  • Forum Legend
  • ***
  • Posts: 1 916
  • Karma: +5/-1
(No subject)
« Reply #27 on: 26 November, 2003, 03:30:06 »
looooooooooool well if you want to be picky then :P

do you know what a gateway is? :P

everyone that has a no-ip addy has a gateway friend ;)

now for you just to know, i use norton, i am behind a proxy, and have not been hacked whilst running norton, it always blocks the intrusion, and yep it depends on ur taste but i still say no matter what NORTON RULES

did you know norton is the only firewall, and av working agenst the MO3 virus atm ;)

altho being behind a proxy aint all its set out to be, anyone that try connecting to your no-ip addy is a threat, not to mesnion its got to be run from another comp, but its great!!!
Resistance is futile!

Offline plop

  • Forum God
  • ****
  • Posts: 2 464
  • Karma: +37/-0
(No subject)
« Reply #28 on: 26 November, 2003, 03:38:15 »
Quote
Originally posted by BlazeXxX
Grrrrr no man ! I want to know which one is hacked.. the server or the hub soft.. :( pls don't get me wrong.. i am just sitting here helpless.. :(
icecube doesn't have brute force pw protection so if he used the hub he most likely used that or 1 of you op's had a way 2 easy pw.
try running testdrive for a couple day's or a script wich binds the operator account 2 his ip (make it log if the ip doesn't match).
if you want i can do a scan on you 2 check for any errors in the firewall config, if so you might be able 2 send that log 2 the folks who set it up and have them fix it free of charge as they made mistakes on that.
for that send me a pm and whill arange something.

plop
http://www.plop.nl lua scripts/howto\'s.
http://www.thegoldenangel.net
http://www.vikingshub.com
http://www.lua.org

>>----> he who fights hatred with hatred, drives the spreading of hatred <----<<

Offline plop

  • Forum God
  • ****
  • Posts: 2 464
  • Karma: +37/-0
(No subject)
« Reply #29 on: 26 November, 2003, 03:51:52 »
Quote
Originally posted by (uk-kingdom)pH?tt?
looooooooooool well if you want to be picky then :P

do you know what a gateway is? :P

everyone that has a no-ip addy has a gateway friend ;)

now for you just to know, i use norton, i am behind a proxy, and have not been hacked whilst running norton, it always blocks the intrusion, and yep it depends on ur taste but i still say no matter what NORTON RULES

did you know norton is the only firewall, and av working agenst the MO3 virus atm ;)

altho being behind a proxy aint all its set out to be, anyone that try connecting to your no-ip addy is a threat, not to mesnion its got to be run from another comp, but its great!!!
yes i know all that and i don't need no-ip i got a domain.
btw why would you install that virus????
i thought you were a linux user were is open office.
every1 connecting 2 my no-ip addy has 2 connect on a routed port otherwise it's no threat.
but ok you win but i'm right.  lol
lets stop this useless battle.
you love norton i hate it.

plop
http://www.plop.nl lua scripts/howto\'s.
http://www.thegoldenangel.net
http://www.vikingshub.com
http://www.lua.org

>>----> he who fights hatred with hatred, drives the spreading of hatred <----<<

Offline BlazeXxX

  • Lord
  • ***
  • Posts: 375
  • Karma: +3/-0
(No subject)
« Reply #30 on: 26 November, 2003, 11:37:17 »
Thx plop :) I will get them to give me access again and see whats happening den.. Also decided to upgrade to TD version..

I am using Kerio and yes its indeed a good firewall, if its configed properly.. But if u are newbie like me, and the server access is remote.. You will surely get logged out of server after u restart to apply the changes.. It happend to me , while norton asks u about the current running program's access b4 it restart :)

So for newbies, Norton is best.. For Professionals i wud prefer Kerio :)

Latezz,
BlazeX

Offline pHaTTy

  • Forum Legend
  • ***
  • Posts: 1 916
  • Karma: +5/-1
(No subject)
« Reply #31 on: 26 November, 2003, 17:18:37 »
Hmmm for pros i still wudnt use Kerio sorry looool

Norton rocks still, in my records, when was being a pro about clicking a few buttons loooooooooool

one of my personal favories is eSafe nice little firewall and keeps you pretty safe, but i wud recommend this one to someone knowledgable to firewalls, "not a pro" :P
Resistance is futile!

Offline Modul4

  • Junior Member
  • **
  • Posts: 10
  • Karma: +2/-0
(No subject)
« Reply #32 on: 26 November, 2003, 17:48:04 »

Offline [T-G-T]M@sto

  • Triple Ace
  • **
  • Posts: 194
  • Karma: +6/-0
(No subject)
« Reply #33 on: 26 November, 2003, 21:25:30 »
Try see this information:
Detaljer: Indtr?ngen: Portscan
Angriber: tcc2.dyndns.dk(80.197.219.116)
Risikoniveau: Mellem
Mindst 11 porte blev pr?vet.
Edited 02-12-2003 (by a mistake - all solved)
« Last Edit: 02 December, 2003, 13:17:04 by [T-G-T]M@sto »
The Ghost Riders - tgr.dyndns.org - The Best Danish Hub

Offline BlazeXxX

  • Lord
  • ***
  • Posts: 375
  • Karma: +3/-0
(No subject)
« Reply #34 on: 02 December, 2003, 12:55:07 »
Thx Guys For all your help ! Finally they tracked that looser out.. It wasn't a hacker, it was some traiter.. He had access to the Data Center and he was repairing my server for them... he is not a pro, but pro's friend and he allowed acccess to his remote computer through the msn remote system.. So the server or firewall lets his ip in, and as he had access to data center.. he erased the last login's ip  :(  I screamed at them, that if they don't find the hacker , i am returning the bloody server..

Now they finally traced him out and blocked all the unncessary ports.. now only 411 is open for ptokax :)

So IceCube or TD4 didn't have Anything to do with this hacking concept.. Sorry if i wasted anyones time  ?(

Byezz,
BlazeX

Offline plop

  • Forum God
  • ****
  • Posts: 2 464
  • Karma: +37/-0
(No subject)
« Reply #35 on: 02 December, 2003, 13:03:40 »
Quote
Originally posted by BlazeXxX
Thx Guys For all your help ! Finally they tracked that looser out.. It wasn't a hacker, it was some traiter.. He had access to the Data Center and he was repairing my server for them... he is not a pro, but pro's friend and he allowed acccess to his remote computer through the msn remote system.. So the server or firewall lets his ip in, and as he had access to data center.. he erased the last login's ip  :(  I screamed at them, that if they don't find the hacker , i am returning the bloody server..

Now they finally traced him out and blocked all the unncessary ports.. now only 411 is open for ptokax :)

So IceCube or TD4 didn't have Anything to do with this hacking concept.. Sorry if i wasted anyones time  ?(

Byezz,
BlazeX
nothing's wasted, and good 2 hear that they found the cause and solved it.

plop
http://www.plop.nl lua scripts/howto\'s.
http://www.thegoldenangel.net
http://www.vikingshub.com
http://www.lua.org

>>----> he who fights hatred with hatred, drives the spreading of hatred <----<<

Offline BlazeXxX

  • Lord
  • ***
  • Posts: 375
  • Karma: +3/-0
(No subject)
« Reply #36 on: 03 December, 2003, 00:15:40 »
Thx plop for ur kindness :)

Offline MovieMaster

  • Junior Member
  • **
  • Posts: 18
  • Karma: +0/-0
,,
« Reply #37 on: 19 August, 2004, 19:03:53 »
I hate hackers and crackers. They only mess things up.

Offline Corayzon

  • Lord
  • ***
  • Posts: 464
  • Karma: +1/-0
(No subject)
« Reply #38 on: 20 August, 2004, 14:32:42 »
whats wrong with crackers?

Offline Corayzon

  • Lord
  • ***
  • Posts: 464
  • Karma: +1/-0
(No subject)
« Reply #39 on: 20 August, 2004, 14:46:36 »
yo all,

all this seams a little strange, i mean, there is a good few reasons behind how this can be done from a unsurcure hub.

maybe u have no logs because one connection managed to force your hub to connect to itself say 20 times quickly:- theirfor making ptokax ban all the users in the hub from hammering.

i for one, can say i writin lots of destructive stuff, and sometimes, its the most simple exploits that cause the largest problems with sockets processing filesharing protocol.

i say, aslong as you have any form of socket listening publicly in ur internal network, your liable to attack.

noza

Offline Corayzon

  • Lord
  • ***
  • Posts: 464
  • Karma: +1/-0
(No subject)
« Reply #40 on: 20 August, 2004, 14:47:57 »
< plop,

i dont agree with how u sort hackers and crackers! im not gonna say anything, execpt, how many cracked apps u have ;)

*** give it a think

Offline pHaTTy

  • Forum Legend
  • ***
  • Posts: 1 916
  • Karma: +5/-1
(No subject)
« Reply #41 on: 20 August, 2004, 16:55:22 »
i agree noza, anything that accepts large amount of connections publically, for a service etc, will always be vulnerable to attack, hence i left dc, no point wasting me bandwidth i dont use it lol :D

-/pha
Resistance is futile!

PtokaX forum

(No subject)
« Reply #41 on: 20 August, 2004, 16:55:22 »