Atlantic Roleplay Community Boards Forum Index Atlantic Roleplay Community Boards
Roleplay Community Forums for the Atlantic Shard

FAQFAQ SearchSearch CalendarCalendar LinksLinks WikiWiki  RegisterRegister
RulesBoard Rules MemberlistMemberlist UsergroupsUsergroups RSS FeedRSS Feed PortalPortal 
  ProfileProfile Log in to check your private messagesMessages Log inLog in

Advanced Anti-Hacking Techniques

Post new topic Reply to topic Atlantic Roleplay Community Boards Forum Index -> Support and Feedback
View previous topic :: View next topic
Author Message
Keats
Visitor


Joined: 09 Nov 2005
Posts: 2

PostPosted: Sat Nov 12, 2005 6:20 pm Post subject: Advanced Anti-Hacking Techniques Reply with quote

I thought I would repost this for everyone to read, it builds on Kuja's post with some new information that is needed to combat more advanced hackers and institute airtight security policies.

Virus Scanners

First and foremost, let's speculate on how people are being hacked. I know most of you have stated that you have run your antivirus and antispyware programs. If this is an unknown virus, or a customized keylogger, or even an elaborate rootkit (highly unlikely), detections of this sort are dependent on two factors, I will elaborate on both.

The accuracy of your virus scanner can vary from brand to brand, these ranges are from 50% to 100% on most published tests, assuming your scanner is configured properly (see below), it could be missing a virus sitting on your system. In the field I have seen people running Norton, or even Mcafee, as it idles away, all the while a newer variant of a Trojan is propagating in the background with full permissions. Something I would like everyone who has been hacked to do is to run a virus scan by Kaspersky Antivirus. Kaspersky and Nod32 have the highest detection rates, usually idling at 99.5-99.9%, Kaspersky tends to fall into the upper echelons of this statistic.

Secondly, all virus scanners must be properly configured. I won't go into detail on each individual vendors settings, however make sure you use the update utility built into your scanner to update your definitions, as well as making sure you have the latest version of that scanner. Next, if your virus scanner has the option to enable "Heuristics" (Detections based on a set of rules that define whether or not something is a virus purely by how it is constructed/behaves). If there is this option make sure it is checked or set to high. Also, make sure your scanning options are always set to high, or maxed out, some scanners will sacrifice detection rates for speed on real time scanning, make sure you are as protected as you can be.

I will touch on individual files briefly for a moment... if you received a file, even one that you trust that your virus scanner flags as safe, you have the right to question that judgment, and for security concerns I would recommend this webpage that scans individual (or zipped) files to be scanned by ten leading anti virus scanners. Please note that even this does not ensure that the file is safe, on the WebPages statistics two unknown viruses are submitted every day to the scanner. You can find Jotti's Malware scan here: https://virusscan.jotti.org/

Anti-Malware Applications

The above applies for anti-spyware products and anti-Trojan products, I will list applications that I trust and that are user friendly enough for most of you to configure and run. I have tested almost all anti virus, anti spyware and anti Trojan products on the market, these are the best of breed.

Kaspersky (Not free, Anti-Virus) https://www.kaspersky.com/
Nod32 (Not free, Anti-Virus) https://www.eset.com/
Malwarebytes (Free, Anti-Spyware) https://www.malwarebytes.org/
Spybot Search and Destroy (Free, Anti-Spyware) https://www.safer-networking.org/dl/
Webroot Spysweeper (Not free, Anti-Spyware) https://www.webroot.com/

Passwords and Email

Not infected? Let's go onto the next guess. There have been reports of the Ultima Online account retrieval system sending out passwords to hundreds of UO players. This leads me to believe that somewhere in the dark nether regions of the community, someone may have developed a program to generate a valid UO account name, or perhaps harvest some sort of account information. This of course would require them to know your email. I will touch on a possible scenario on how this is happening, as well as two key issues on how to prevent this scenario.

Now then, assume at the worst case, there is a program that can detect a valid UO username, and also find their email (unlikely, however UO has a spotty security record). Since it seems no passwords have been hacked, and it requires the hacker to harvest them from an email address, we will assume they can't get that information. So now a hacker knows your email address and username, the last wall of protection is your password. Passwords should look like someone is posting an unspaced run on sentence with blocked out swear words in it.

In normal terms, 10-30 characters, uppercase/lowercase letters, numbers, and symbols, removing patterns in words helps as well, do not use actual words if possible. An example would be.... StsUglUftIfnEEk1234$$. Note, I used actual words "Keen fitful gusts" spelled backwards to help me remember, keeping the first letter capitalized, and each subsequent vowel is capitalized, ending with a series of numbers, then symbols. Unless the hacker has a cluster, a supercomputer or decides to make the next SETI-type project hacking into your PC, then you should be very secure. The hacker CAN use brute force to crack simple passwords, this is how the majority of corporate servers are hacked, and any email address you use can suffer the same fate. Two final points, if your email service asks you for a "secret question" and answer, fill this out with random letters/numbers as well, a hacker can gain access to your account through this method the same way they can gain access through your password. Treat this as a password and perform the same precautions. Finally, make sure your email and Ultima password both follow these guidelines. I'm aware that the Ultima password system does not allow for symbols, therefore you should increase the size of the password to compensate.

Next, let's say your email is safe. The hacker is someone in the community, therefore they can easily find and locate people's email addresses. By searching Google on community member's usernames and locations, I can already find some possible emails, not to mention the factor of social engineering, and obtaining your email through chatting or trust. Now, this comes down to whether or not you use your public email for your UO account. This fix is simple, use an email address that NO ONE but you knows about for your UO account. Don't give it to anyone, don't even blurt it out after a few drinks with your gaming buddies at an Ultima meetup, keep it secret.

Finally, some email addresses in theory are more secure then others, Gmail, Yahoo, and web based mails are theoretically the least secure, however I have yet to see someone hack a web based email with no prior knowledge of an email username, or anything short of exceptional hacking abilities. Next we have ISP based email addresses, these are technically more secure then web based mail, it all comes down to the security of your ISP and the skill of the hacker. Finally, a few of you may wish to check out a service called "Hushmail". Many people in politically repressed countries and those seeking privacy use this service to communicate freely without their ISP or anyone else's consent, this only applies to messages that are encrypted to and from the sender to and from the receiver, it's natural non-disclosure and security practices give it an advantage over traditional web based email systems however, you can read more of the technical details on their webpage. https://www.hushmail.com/

Network Attacks and Firewalls

Let's do some more speculation, let's say this fellow is a professional hacker, or at least knows how to run a proper port scan or hack a system by obtaining an IP. The defense against this is twofold.

First, make sure you have a software firewall running, and it is up to date. Zone Alarm beta version 0.1 doesn't count as up to date, if it even counts as a firewall anymore. Most older firewalls have security bugs which can be exploited by someone knowledgeable, so it is imperative to use a proper firewall (I recommend Zone Alarm) or if you have problems configuring firewalls, Zone Alarm is the most user friendly. Now, the MOST important piece of protection against novice and professional hackers is a hardware based firewall, which is present in routers. A hardware based firewall is next to impossible to break into, and any one who can hack one, will be after much larger prizes then your UO account, most probably bank accounts and missile launch codes. If you have DSL or Cable or any high speed connection, please buy a router. For those who currently have routers, update your firmware (this is outlined in your user's manual). This is an update you download from the vendor's webpage that allows you to update your routers control system to the newest version, plugging security holes and other issues. I won't get too much into this, a Google search will herald many results on how to perform a firmware upgraded properly (this can be dangerous if not done correctly).

Updates

Have all that you say? Lets move on to the next theory, or rather, protective measure. Please update all your programs, for those who use mIRC and ICQ, this applies to you ESPECIALLY. IRC is by far the most exploited client I have seen to date, make sure this guy is updated to the newest version the second it peaks it head out of the developers dungeon. Next, make sure all other Internet applications and standard applications are up to date, and Windows Update is run. Windows Update is by far the most important, make sure all critical updates are applied. As some of you are reading this, I want you to run Windows Update right now, and see how many of you missed the two updates that were issued this Tuesday for Windows XP. If you did, make sure you check on the second Tuesday of each month AT LEAST for updates (this is the day of Microsoft's monthly patches).

I won't cover the basic Anti-Hacking rules, as they are already outlined in the Anti-Hacking 101 post by Kuja, read over those and abide by them, such as not opening unsafe file extensions and unknown/known emails with attachments.

Extended Information

If you need further information about any of the products or strategies I have listed here, please refer to the product web page or post a question in this post.

If you can check off everything on this list, then you can sleep safe knowing that your accounts and information are protected.

Further Advanced Protection

HijackThis is perhaps the best tool to discover unknown or known viruses/spyware on a system and determine their activities and location. For anyone who feels that they can effectively troubleshoot their PC and knows what BHO stands for, should use this to determine any possible infection on their system. This tool can also be used under the supervision of a competent user. This can be located here:

https://github.com/dragokas/hijackthis/

As a final note, many of you should consider switching to Firefox as your primary browser as a way to filter out spyware and viruses from surfing, Firefox has cured several people I have recommended it to of their constant spyware re-infections. Internet Explorer has a nasty habit of being less secure and more targeted by malware writers.
Back to top
View user's profile Send private message
Display posts from previous:
Post new topic Reply to topic Atlantic Roleplay Community Boards Forum Index -> Support and Feedback All times are GMT - 4 Hours
Page 1 of 1

Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Ultima Online, ORIGIN, and the Ultima Online and ORIGIN logos are trademarks of Electronic Arts Inc. Game content and materials copyright 1997-2020 Electronic Arts Inc. All rights reserved.