Announcement

Collapse
No announcement yet.

WTF TW tries to hack me

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • WTF TW tries to hack me

    WTf is going on:

    Protocol: IP (inbound) ; Remote address: server.trenchwars.org (66.36.230.41):5400
    Local address: <computerID of mine> (my IP):xxxx

    This remote computer (server.trenchwars.org) attempted to connect to your computer on a port commonly used by a remote access Trojan horse.
    .: ExquisiteHosting.com
    .: Website, Reseller & A. Hosting


    Roxy :
    zzz

  • #2
    I have had those reports 2. Not for long time though.

    Comment


    • #3
      Wtf has that to do with staff, like we are hacking you or something
      Retired SSCU Trenchwars Head Sysop

      1:24> they'd rather add afks than me
      24 is in for Freq 1 as a Warbird.
      1:M_M God> gg

      help: (renzi) (Public 33): is it possible for a washing machine to cause a wireless connection to lag?

      Candy King, -C4L-

      Comment


      • #4
        Maybe staff is working on something, dealing with hackers or maybe some in staff is abusing server ? or whatever. Staff has direct contact with Dock> and Priitk so they can find out whats going on.
        .: ExquisiteHosting.com
        .: Website, Reseller & A. Hosting


        Roxy :
        zzz

        Comment


        • #5
          What program gave you that report?

          Comment


          • #6
            Priitk's gone bad!
            EvoLd> Roboqueen died again?
            cool koen> :)
            PRiMORDiAL> pfft
            cool koen> not because of a bug
            EvoLd> Lol
            Treachery> meh
            EvoLd> why then?
            PubAceR> women in power dont last
            EvoLd> LOl
            toaster oven reviews

            Comment


            • #7
              Two possibilities:

              a) On the client side, ports above 1024 are randomly assigned for TCP/UDP connections or reception of datagrams. There are lots of trojans out there that use UDP on various ports above 1024. It may just be a coincidence that your computer was using a randomly assigned port for data transfers with the TW server that happens to be associated with a trojan.

              You x'd out the local port and your firewall program doesn't specify what type of trojan it is. Can't tell you much more.

              b) (less likely) PriitK is running a program on the computer that probes for trojan-infected clients. Not necessarily to exploit them, but to notify the user that he/she is infected? To make sure that staffers don't get their shit stolen. Dunno.
              'vet' is the new 'newb'.
              sit ez vet, sit.

              Comment


              • #8
                It was probably just shitty firewall software. When I had ZoneAlarm before it used to say that Kazaa was trying to send an email every time I started it.
                sdg

                Comment


                • #9
                  Your message doesn't mean that the Trench Wars server is trying to hack you lol, it simply means that when your Continuum client accessed the servers to play, it randomly picked the wrong port to play or something.

                  When your router and the remote server try to talk to each other, they must choose a random port on-the-fly so you may connect and thus enter the game. I guess it randomly picked port 5400 where trojan horses usually lie and then your computer (or whatever gave you the message) noticed this and gave you a warning just to be safe.

                  Comment


                  • #10
                    Well, I just posted it to be make sure. You never know
                    .: ExquisiteHosting.com
                    .: Website, Reseller & A. Hosting


                    Roxy :
                    zzz

                    Comment


                    • #11
                      I got a friend of mine to investigate the continuum client.. at first he was concerned and thought that the client could act like a RAT (Remote Access Trojan).

                      But highly doubt PrittK would risk implement RAT code into the continuum client... since it would tarnish his reputation as a software developer... and also would be reported.

                      My friend checked/searched many security advisories... like places like... www.packetstorm.com and there was nothing...

                      As far as I know I trust that the Continuum client doesn't create a hole for some SMOD player to peek into my system.

                      Many people who are ignorant of the technical side of Internet Applications.... get extremely paranoid....

                      However if Prittk was evil... which I doubt he is... probably a nice guy.... it would be a cool way to get many many IP addresses and have access to everyones client side data.

                      But I highly doubt it.... don't worry...

                      Also if any software developer did this, it would be highly illegal and would come under the Computer Criminal Code.... they would pay highly... not just in fines or sentence, but with their reputation (which is not good).

                      Anyhow, my friend is a white hat hacker and started a local 2600 chapter in the Vancouver area back around 1995.. I trust his judgement that this Continuum client is safe. I feel ok about it...do you now?

                      Comment


                      • #12
                        Originally posted by WiseCherub

                        However if Prittk was evil
                        i doubt many evil people spend hundreds of dollars/month of their own money running a server for a free game
                        1: Pasta <ER>> lol we are gona win this bd talking about porn on our squadchat


                        1:EpicLi <ZH>> but should i trust you, you are mean to the ppl
                        1:trashed> wha
                        1:EpicLi <ZH>> you will hack into my computer and steal my child porn
                        1:trashed> i am a very nice person actually.
                        1:trashed> i do not steal other's child porn
                        1:trashed> i download my own

                        sigpic




                        1:turmio> i was fucking certain that the first time she would touch me i would come

                        Comment


                        • #13
                          I did not say Prittk was evil.... just what if....

                          As for a motive... if someone did pay hundreds/thousands, they might wana get something out of it.

                          On other places on the internet, information is worth money to marketers....

                          SubSpace has a young crowd, so there is market potential to advertise or collect emails..etc..

                          Not saying the above is true, just a possibility.

                          So I re-state, I did not judge Prittk.... and don't think he would do this.. just saying there is a possibility... cause us humans always have something up our sleaves..heh..

                          Comment


                          • #14
                            Just looks like your firewall software is freaking out because it sees traffic on port 5400 (the port that TW uses, it's not random).

                            No big deal your firewall software must know of a trojan that uses the same port, but since the traffic is coming from server.trenchwars.org you have nothing to fear.. you should be able to add that hostname or port 5400 to an authorized list so it won't bother you anymore.

                            For those of you who are unaware PriitK removed all the original backdoors that VIE themselves built into the subgame server and subspace client a long time ago... they had some vicious stuff in there (basically gave a sysop full access to your PC). But that was all removed by PriitK himself when he took over subgame development. Your firewall software is just being paraniod as it sees data being transfered on a nonstandard port.

                            -Spam
                            Who got the boombeef?

                            Comment


                            • #15
                              probably yes, but I didnt have the problem before so was just checking. Though my threadname sounds childish
                              .: ExquisiteHosting.com
                              .: Website, Reseller & A. Hosting


                              Roxy :
                              zzz

                              Comment

                              Working...
                              X