Pages: [1] 2 3 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Sibane
|
Posted - 2010.01.19 10:27:00 -
[1]
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1125764&page=1#3
Originally by: CCP Fallout Unfortunately, Customer Support has to take preemptive action when accounts have been accessed by IPs frequently used by hackers, even though nothing has been stolen yet
I have one thing to say to you CCP: ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?
|
Serpents smile
|
Posted - 2010.01.19 10:30:00 -
[2]
I think that ranting is not allowed. /me waves byebye...
|
Miiiiiiiiiiiiiiiiiiiiiau
|
Posted - 2010.01.19 10:41:00 -
[3]
Armchair computer expert gives a lecture to the real experts on how the internet works. Should be an interesting read. Since the OP is so well informed about the subject and about the details of CCP's way to combat ISK Sellers, he may want to explain the internet in more detail please.
|
lollerwaffle
Sileo In Pacis THE SPACE P0LICE
|
Posted - 2010.01.19 10:43:00 -
[4]
Originally by: Miiiiiiiiiiiiiiiiiiiiiau Armchair computer expert gives a lecture to the real experts on how the internet works. Should be an interesting read. Since the OP is so well informed about the subject and about the details of CCP's way to combat ISK Sellers, he may want to explain the internet in more detail please.
I heard it's a series of tubes, c/d?
Originally by: salva dore Cloak should not be AFK solution. What do you think?
Originally by: AFK Cloaker
|
Johnette Napolitano
|
Posted - 2010.01.19 10:48:00 -
[5]
You guys seem to give CCP a lot of leeway here, and yet this is the same company that overwrote the boot.ini file of peoples' computers in one of their patches.
Based on the number of accidently banned accounts the last few weeks, the OP has a valid concern.
|
Zartanic
Red Federation
|
Posted - 2010.01.19 10:49:00 -
[6]
'by IPs frequently used by hackers'
Op, you know what that bit means?
|
Furb Killer
Gallente
|
Posted - 2010.01.19 10:54:00 -
[7]
Originally by: Johnette Napolitano You guys seem to give CCP a lot of leeway here, and yet this is the same company that overwrote the boot.ini file of peoples' computers in one of their patches.
Based on the number of accidently banned accounts the last few weeks, the OP has a valid concern.
Which accounts were accidently banned? They are banned on purpose to prevent hackers from gaining access, while not perfect, it is better than hackers getting access. The issue here is that it takes way too long before they are unbanned again.
|
Rashmika Clavain
Gallente Shadows Of The Federation
|
Posted - 2010.01.19 10:59:00 -
[8]
**** me, if my account was being accessed by an IP associated with known hacking attempts I would be happy for my account to be blocked in order to protect it.
If your account is being accessed by an IP associated to hackers, would you want it left for them to take everything you've got? Removed. Please keep your EVE signature related to your EVE persona and not that of a real life politician. Navigator |
Wacktopia
Dark Side Of The Womb
|
Posted - 2010.01.19 10:59:00 -
[9]
Edited by: Wacktopia on 19/01/2010 11:02:15
Originally by: Sibane I have one thing to say to you CCP: ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?
Yes, that's right. Dynamic IP ranges mean that, as a consumer, you could end up with pretty much any IP number series in the entire world. I mean, dividing up IP addresses into ranges and allocating these ranges, and indeed sub-ranges, to organisations and individuals would be crazy. I'm sure that the end consumer IP range is the same as those ranges available to other internet uses.
CCP probably don't reference the equivalent of a DUL before banning an address in case it is dynamically assigned and frequent to change. Yeah, they probably don't do that.
Yeah, you're completely right and bang on the money. Gold star. ---------------------- They're angry there was damage done to their ship. |
Amy Wang
|
Posted - 2010.01.19 11:11:00 -
[10]
Originally by: Rashmika Clavain **** me, if my account was being accessed by an IP associated with known hacking attempts I would be happy for my account to be blocked in order to protect it.
^^ this
Buddy of mine got his account protected by this IP screening and he was quite pleased. It is not that you would lose everything to a hacker if successful, but it will take time to get the stuff back and it might not be everything you lost in the end.
|
|
Chalrynn Illyndar
Navy of Xoc Wildly Inappropriate.
|
Posted - 2010.01.19 11:15:00 -
[11]
Couple hours ago a friend got a laugh about a password recovery mail he was getting thinking it was a phishing attempt just sent out as mass mail to whomever. Closer inspection revealed it was an attempt to try and get access to the account from when he tried the game 3 years ago.
We don't get to see the numbers on things, but "hackers" don't just target people using phishing emails and info gathered from people trying to buy isk from a sketchy website.
|
Rodj Blake
Amarr PIE Inc.
|
Posted - 2010.01.19 11:16:00 -
[12]
Originally by: Sibane http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1125764&page=1#3
Originally by: CCP Fallout Unfortunately, Customer Support has to take preemptive action when accounts have been accessed by IPs frequently used by hackers, even though nothing has been stolen yet
I have one thing to say to you CCP: ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?
I'm no expert, but surely if a hacker has dynamic IP allocation, then the odds are that they won't regularly be using the same IP address?
If so, that's where the "IPs frequently used by hackers" bit comes in.
Dulce et decorum est pro imperium mori.
|
CyberGh0st
Minmatar Ara Veritas
|
Posted - 2010.01.19 11:19:00 -
[13]
Originally by: Furb Killer
Originally by: Johnette Napolitano You guys seem to give CCP a lot of leeway here, and yet this is the same company that overwrote the boot.ini file of peoples' computers in one of their patches.
Based on the number of accidently banned accounts the last few weeks, the OP has a valid concern.
Which accounts were accidently banned? They are banned on purpose to prevent hackers from gaining access, while not perfect, it is better than hackers getting access. The issue here is that it takes way too long before they are unbanned again.
Depends, if I have to wait a few months before I get my account back I may be better of being hacked ...
http://www.mmodata.net Favorite MMO's : DAoC Pre-TOA-NF / SWG Pre-CU-NGE / EVE Online ( Pre-Dust514 ? ) |
Midge Mo'yb
Antares Shipyards Phalanx Alliance
|
Posted - 2010.01.19 11:24:00 -
[14]
Originally by: Wacktopia Edited by: Wacktopia on 19/01/2010 11:02:15
Originally by: Sibane I have one thing to say to you CCP: ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?
Yes, that's right. Dynamic IP ranges mean that, as a consumer, you could end up with pretty much any IP number series in the entire world. I mean, dividing up IP addresses into ranges and allocating these ranges, and indeed sub-ranges, to organisations and individuals would be crazy. I'm sure that the end consumer IP range is the same as those ranges available to other internet uses.
CCP probably don't reference the equivalent of a DUL before banning an address in case it is dynamically assigned and frequent to change. Yeah, they probably don't do that.
Yeah, you're completely right and bang on the money. Gold star.
iirc, ISP's lease address ranges, so you could technicaly only be given an ip in your isps leased range for the area... -----------------------------------------------
|
Pr1ncess Alia
Caldari Perkone
|
Posted - 2010.01.19 11:26:00 -
[15]
WOAH!! Woah there, all this insanely complex technical information is just flying way over my head. Can someone slow down and explain this all in laymen's terms?
Seriously, it's obvious most of you are network engineers of the highest caliber. Definitely 100k+ talent. But slow it down for the rest of us. Dynamic shynamic! FoxyProxyLoxy, all this jibbermaroo has me with a headache. I'm gonna go lay down, try not to splatter any of that IQ juice my way.
I better get out of there before the traceroutes start and people start identifying 'trouble' hops.
|
Wacktopia
Dark Side Of The Womb
|
Posted - 2010.01.19 11:27:00 -
[16]
Originally by: Midge Mo'yb
Originally by: Wacktopia Edited by: Wacktopia on 19/01/2010 11:02:15
Originally by: Sibane I have one thing to say to you CCP: ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?
Yes, that's right. Dynamic IP ranges mean that, as a consumer, you could end up with pretty much any IP number series in the entire world. I mean, dividing up IP addresses into ranges and allocating these ranges, and indeed sub-ranges, to organisations and individuals would be crazy. I'm sure that the end consumer IP range is the same as those ranges available to other internet uses.
CCP probably don't reference the equivalent of a DUL before banning an address in case it is dynamically assigned and frequent to change. Yeah, they probably don't do that.
Yeah, you're completely right and bang on the money. Gold star.
iirc, ISP's lease address ranges, so you could technicaly only be given an ip in your isps leased range for the area...
Yeah, basically: It's extremely unlikely that an end broadband customer will be given the IP address previously used by a hacker. The hilarious irony is that hackers will probably be using hacked, non-consumer proxies to disguise their identity. ---------------------- They're angry there was damage done to their ship. |
Mr Kidd
|
Posted - 2010.01.19 11:29:00 -
[17]
The op has a valid concern. Banning accounts based on IP or entire subnets alone is a bad practice. It's a time consuming practice. Why isn't CCP working smarter instead of harder here?
What is more troublesome is CCP's refusal in the 7 years it has been online to provide better security measures. Random authenticators would solve 90% of the hacked account issues. For those of you that are discussing whether or not bans based on IP alone is good or bad you should be asking is there a way to provide better security and alleviate the burden upon CCP and it's customers that the level of hacking is causing. The answer to that question is unequivocally YES!!
|
Steve Celeste
Caldari Overdogs
|
Posted - 2010.01.19 11:34:00 -
[18]
Confirming that Mr. T was banned for trying to hack the game and create a Mohawk class!
|
TraininVain
|
Posted - 2010.01.19 11:35:00 -
[19]
Presumably they're all IPs off in some dodgy third world country somewhere.
If you're a legit customer who has been banned I suggest you get onto your ISP to do something about the guys committing crimes using their service.
|
|
Chribba
Otherworld Enterprises Otherworld Empire
|
Posted - 2010.01.19 11:42:00 -
[20]
Please block 0.0.0.0/0 and be done with it.
Also, someone please point to the post where CCP says they drop whole ranges of IP's compared to Fallout's statement about single IP's.
I, like others also would be quite happy with getting the account locked if it had been accessed by others before it is accessed and emptied.
/c
Secure 3rd party service |
|
|
Caldari Citizen20090217
|
Posted - 2010.01.19 11:51:00 -
[21]
Aforementioned armchair network expert checking in...
My be totally up the wrong tree here but: Most ppl connect from a static location, so a fixed IP/range of IPs.
Why don't CCP log logins and the usual IP range used by an account, allowing connects from the usual IP/range but disallowing login attempts from the questionable/new IPs. There could even be a section on the accounts management page (when they get round to giving this thing a seperate pwd) showing trusted IPs/login attempts and allowing users to block/allow IPs at their discretion.
Awaiting flaming from someone who actually knows what they are talking about....
|
|
Chribba
Otherworld Enterprises Otherworld Empire
|
Posted - 2010.01.19 11:55:00 -
[22]
Originally by: Caldari Citizen20090217 Aforementioned armchair network expert checking in...
My be totally up the wrong tree here but: Most ppl connect from a static location, so a fixed IP/range of IPs.
Why don't CCP log logins and the usual IP range used by an account, allowing connects from the usual IP/range but disallowing login attempts from the questionable/new IPs. There could even be a section on the accounts management page (when they get round to giving this thing a seperate pwd) showing trusted IPs/login attempts and allowing users to block/allow IPs at their discretion.
Awaiting flaming from someone who actually knows what they are talking about....
Welcome to years ago, I've suggested similar ideas as an option to increase account security. The reason CCP won't do it right now is most likely because people DO connect from other places than just their homes, and thus may have completly different access ranges, locking down thus wouldn't be a good thing.
But I'm all for such an OPTIONAL ADDITION to the account, so anyone who wants to can lock down to ranges or even single IP's.
Secure 3rd party service |
|
Obeih
The Luftwaffle
|
Posted - 2010.01.19 12:06:00 -
[23]
Originally by: Wacktopia Edited by: Wacktopia on 19/01/2010 11:02:15
Originally by: Sibane I have one thing to say to you CCP: ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?
Yes, that's right. Dynamic IP ranges mean that, as a consumer, you could end up with pretty much any IP number series in the entire world. I mean, dividing up IP addresses into ranges and allocating these ranges, and indeed sub-ranges, to organisations and individuals would be crazy. I'm sure that the end consumer IP range is the same as those ranges available to other internet uses.
CCP probably don't reference the equivalent of a DUL before banning an address in case it is dynamically assigned and frequent to change. Yeah, they probably don't do that.
Yeah, you're completely right and bang on the money. Gold star.
can you say ranges again? it makes me hot... |
Wacktopia
Dark Side Of The Womb
|
Posted - 2010.01.19 12:24:00 -
[24]
Edited by: Wacktopia on 19/01/2010 12:31:20 Edited by: Wacktopia on 19/01/2010 12:30:29 Edited by: Wacktopia on 19/01/2010 12:29:58
Originally by: Obeih can you say ranges again? it makes me hot...
You're cute. I like you.
Personally, I think the following would work well and could exist as an optional security setting.
1. When connecting to EVE from an IP address that has not been used on your character yet you see a message saying "you need to authenticate IP xxx.xxx.xxx.xxx".
2. An email will be sent to your registered email address (or SMS mobile phone) with either a link or a short confirmation code.
3. You enter the code in the EVE client and the IP is added to your 'safe' list.
4. In EVE a/c management there is a list of accepted IP's with a 'remove' option (but no add option, to prevent a would-be hacker from simple manually adding their ip).
This system would satisfy those with one or more fixed IP addresses; those with dynamically-assigned home broadband IP addresses; and those who use internet cafes.
TADAAAAHHH!! :)
Edit: Note the key addition here is to use a third part system, such as email or sms, to authenticate. So having a players username and password (ergo a/c management access at present) is not enough on it's own to enter the game from a new IP.
Also, the list valid IPs in a/c management could be partly masked to deter a hacker from IP spoofing...
???.???.123.231 [x - delete] ???.???.9.21 [x - delete]
---------------------- They're angry there was damage done to their ship. |
Caldari Citizen20090217
|
Posted - 2010.01.19 12:25:00 -
[25]
Originally by: Chribba
Originally by: Caldari Citizen20090217 Aforementioned armchair network expert checking in...
My be totally up the wrong tree here but: Most ppl connect from a static location, so a fixed IP/range of IPs.
Why don't CCP log logins and the usual IP range used by an account, allowing connects from the usual IP/range but disallowing login attempts from the questionable/new IPs. There could even be a section on the accounts management page (when they get round to giving this thing a seperate pwd) showing trusted IPs/login attempts and allowing users to block/allow IPs at their discretion.
Awaiting flaming from someone who actually knows what they are talking about....
Welcome to years ago, I've suggested similar ideas as an option to increase account security. The reason CCP won't do it right now is most likely because people DO connect from other places than just their homes, and thus may have completly different access ranges, locking down thus wouldn't be a good thing.
But I'm all for such an OPTIONAL ADDITION to the account, so anyone who wants to can lock down to ranges or even single IP's.
Even highly mobile clients would be able to use the system. Player attempts to connect from new location -> server promptly logs attempt and denies access. Player logs into acount management, looks at login attempt list, ticks "trust this IP" box, logs in again, success. OK so its clunky, but only needs doing once per location, and as you say should be optional.
|
Dragas Amitar
Gallente Suddenly Ninjas Tear Extraction And Reclamation Service
|
Posted - 2010.01.19 12:32:00 -
[26]
Originally by: lollerwaffle
Originally by: Miiiiiiiiiiiiiiiiiiiiiau Armchair computer expert gives a lecture to the real experts on how the internet works. Should be an interesting read. Since the OP is so well informed about the subject and about the details of CCP's way to combat ISK Sellers, he may want to explain the internet in more detail please.
I heard it's a series of tubes, c/d?
C. It's not a truck.
|
Roger Kiyosaki
Community for Active Tax Evasion
|
Posted - 2010.01.19 12:44:00 -
[27]
Op clearly read "Teh Interwebz for Dummies", he just seems so knowledgable.
I for one, totally trust his judgment in this matter.
|
Rashmika Clavain
Gallente Shadows Of The Federation
|
Posted - 2010.01.19 12:59:00 -
[28]
Originally by: Obeih can you say ranges again? it makes me hot...
You're cute. I like you.
Personally, I think the following would work well and could exist as an optional security setting.
1. When connecting to EVE from an IP address that has not been used on your character yet you see a message saying "you need to authenticate IP xxx.xxx.xxx.xxx".
2. An email will be sent to your registered email address (or SMS mobile phone) with either a link or a short confirmation code.
3. You enter the code in the EVE client and the IP is added to your 'safe' list.
4. In EVE a/c management there is a list of accepted IP's with a 'remove' option (but no add option, to prevent a would-be hacker from simple manually adding their ip).
This system would satisfy those with one or more fixed IP addresses; those with dynamically-assigned home broadband IP addresses; and those who use internet cafes.
TADAAAAHHH!! :)
Edit: Note the key addition here is to use a third part system, such as email or sms, to authenticate. So having a players username and password (ergo a/c management access at present) is not enough on it's own to enter the game from a new IP.
Also, the list valid IPs in a/c management could be partly masked to deter a hacker from IP spoofing...
???.???.123.231 [x - delete] ???.???.9.21 [x - delete]
I like this... have you popped it in Features and Ideas? Removed. Please keep your EVE signature related to your EVE persona and not that of a real life politician. Navigator |
Haramir Haleths
Caldari Nutella Bande
|
Posted - 2010.01.19 13:19:00 -
[29]
I have Hacking at 4 currently. When i have it up to 5, i can join the discussion and i can use a T2 codebreaker, Jeah
|
Cipher Jones
|
Posted - 2010.01.19 13:40:00 -
[30]
hmm so my IP is xx.xx.xx.xx and i log into eve from it every day. One day my IP comes up as yy.yy.yy.yy and yy.yy.yy.yy is a known hacking IP.
I want my aco**** temp banned if that ever happens, and an email sent immediately, thank you CCP.
|
|
|
|
|
Pages: [1] 2 3 :: one page |
First page | Previous page | Next page | Last page |