Pages: 1 [2] 3 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Jeddak Tarkas
Laughing Leprechauns Corporation
|
Posted - 2010.01.19 14:36:00 -
[31]
What I dont get is why CCP wont support the use of RSA securID tokens as some other MMO's do. You could easily set one up per customer so they can use it on more than one account if they have them. The seperate accounts can all still have different passwords and usernames as the securID is just an additional step before you can log in any account it is protecting.
I am sure many people would be happy to pay a small fee for the tokens if it means greater security for their accounts I know I would.
|
Bal'Ayle
|
Posted - 2010.01.19 14:58:00 -
[32]
yeah i would happily spend money on some form of fob verifier similar to what blizzard do for WOW, and i think CCP are genius's for thinking this up, it protects your PC from base line hackers, sure a competent hacker or thief would use a proxy address but that is a select few who are interested in profit, really profit, for the run of the mill account thief this will crimp his style and nail him to the proverbial cross of his IP address
and be honest CCP have some of the fastest response time on account support of any MMO [[based on section and severity of issue]] and im sure if your account was banned for any prolonged period of time, providing you were polite im sure as a gesture of goodwill they will probably give you back the days you lost.
remember you don't have to have an account to make a ticket =]
|
Furb Killer
Gallente
|
Posted - 2010.01.19 15:04:00 -
[33]
Waiting a month with a pre-emptively banned account is fast compared to others? They must really suck.
I dont think in the end that many people would be interested in a key generator dongle thingie, especially when we add CCPs shipping rates.
|
Jeddak Tarkas
Laughing Leprechauns Corporation
|
Posted - 2010.01.19 15:42:00 -
[34]
Originally by: Furb Killer
I dont think in the end that many people would be interested in a key generator dongle thingie, especially when we add CCPs shipping rates.
There is no need for a hardware token anymore you can setup software tokens on a mobile phone or PDA now.
Details here
|
Rodj Blake
Amarr PIE Inc.
|
Posted - 2010.01.19 15:42:00 -
[35]
Originally by: Wacktopia Edited by: Wacktopia on 19/01/2010 12:31:20 Edited by: Wacktopia on 19/01/2010 12:30:29 Edited by: Wacktopia on 19/01/2010 12:29:58
Originally by: Obeih can you say ranges again? it makes me hot...
You're cute. I like you.
Personally, I think the following would work well and could exist as an optional security setting.
1. When connecting to EVE from an IP address that has not been used on your character yet you see a message saying "you need to authenticate IP xxx.xxx.xxx.xxx".
2. An email will be sent to your registered email address (or SMS mobile phone) with either a link or a short confirmation code.
3. You enter the code in the EVE client and the IP is added to your 'safe' list.
4. In EVE a/c management there is a list of accepted IP's with a 'remove' option (but no add option, to prevent a would-be hacker from simple manually adding their ip).
This system would satisfy those with one or more fixed IP addresses; those with dynamically-assigned home broadband IP addresses; and those who use internet cafes.
TADAAAAHHH!! :)
Edit: Note the key addition here is to use a third part system, such as email or sms, to authenticate. So having a players username and password (ergo a/c management access at present) is not enough on it's own to enter the game from a new IP.
Also, the list valid IPs in a/c management could be partly masked to deter a hacker from IP spoofing...
???.???.123.231 [x - delete] ???.???.9.21 [x - delete]
That would work quite well, unless the hacker has also used their keylogger to get into your email.
Dulce et decorum est pro imperium mori.
|
Anthal
The Warp Squad
|
Posted - 2010.01.19 16:05:00 -
[36]
Yes, most ISP's do use DHCP for their clients. However, the bigger ISP's now assign you an IP address based on your MAC address. Even if you unplug the device for weeks at a time, you'll usually get the same IP address once you reconnect everything. For those with ISP's that don't practice this, do you have a home router? Is it always on? If so, your IP address will likely never change. You actually have to go out of your way to get a new IP address these days.
That leaves a handful of options left. -You or someone else on your local network are participating in some shady practices -Your wireless network is wide open, or not locked down enough -You, by chance, did get a new IP address recently, and got unlucky
If it is the latter, I'm sure dealing with eve's support staff can get all of this handled for you. I doubt that you would have grabbed the same IP as a hacker on the /16 or whatever your area is on, but it could happen!
For the record, I actually am a network engineer for an ISP. Most of what has been said in this thread is correct, or close to it.
|
Zartanic
Red Federation
|
Posted - 2010.01.19 16:10:00 -
[37]
Edited by: Zartanic on 19/01/2010 16:10:47
Originally by: Rodj Blake
Originally by: Wacktopia Edited by: Wacktopia on 19/01/2010 12:31:20 Edited by: Wacktopia on 19/01/2010 12:30:29 Edited by: Wacktopia on 19/01/2010 12:29:58
Originally by: Obeih can you say ranges again? it makes me hot...
You're cute. I like you.
Personally, I think the following would work well and could exist as an optional security setting.
1. When connecting to EVE from an IP address that has not been used on your character yet you see a message saying "you need to authenticate IP xxx.xxx.xxx.xxx".
2. An email will be sent to your registered email address (or SMS mobile phone) with either a link or a short confirmation code.
3. You enter the code in the EVE client and the IP is added to your 'safe' list.
4. In EVE a/c management there is a list of accepted IP's with a 'remove' option (but no add option, to prevent a would-be hacker from simple manually adding their ip).
This system would satisfy those with one or more fixed IP addresses; those with dynamically-assigned home broadband IP addresses; and those who use internet cafes.
TADAAAAHHH!! :)
Edit: Note the key addition here is to use a third part system, such as email or sms, to authenticate. So having a players username and password (ergo a/c management access at present) is not enough on it's own to enter the game from a new IP.
Also, the list valid IPs in a/c management could be partly masked to deter a hacker from IP spoofing...
???.???.123.231 [x - delete] ???.???.9.21 [x - delete]
That would work quite well, unless the hacker has also used their keylogger to get into your email.
An issue is that some of those who are likely to get loggers are also slack enough to have the same names and PW's for email. When I was playing WOW I came across many friends hacked over the years. Most were not due to keyloggers but them using the same name and PW for every site they used, including the crappy ones which got hacked. And most of those also got their Emails compromised. A few also seemed to fall for the most obvious phishing mails, they simply could not grasp how they worked. The ones that got keyloggers always used Explorer, never heard of noscript and rarely if ever bothered to update.
The fact is nothing will stop some peoples ability to give away their personal details with the simplest of tricks. This means only a small percentage of those likely to be hacked will actually bother to buy and use a key fob or bother to use the IP option. It also means no matter what CCP do some people's incompetence will find a way to get round their efforts.
|
Trebor Notlimah
Lone Star EVE Group Veni Vidi Vici
|
Posted - 2010.01.19 16:26:00 -
[38]
Edited by: Trebor Notlimah on 19/01/2010 16:27:37
Well CCP created this environment. By banning the 50,000+ ISK farming accounts, they doubled/tripled the value of ISK from RMTs. Now with limited 'legitimate' ingame sources of ISK to sell at the now inflated price -- hacking accounts is more profitable as ever. And while there have some crafty little key loggers floating around, its much easier to hack someones e-mail than to implement a key logger.
|
Mag's
the united Negative Ten.
|
Posted - 2010.01.19 16:39:00 -
[39]
We need extra measures to be made an option, a hardware based authenticator for example.
Please mark this thread, if you agree.
|
Arkeladin
|
Posted - 2010.01.19 17:10:00 -
[40]
Originally by: Wacktopia Edited by: Wacktopia on 19/01/2010 11:02:15
Originally by: Sibane I have one thing to say to you CCP: ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?
Yes, that's right. Dynamic IP ranges mean that, as a consumer, you could end up with pretty much any IP number series in the entire world. I mean, dividing up IP addresses into ranges and allocating these ranges, and indeed sub-ranges, to organisations and individuals would be crazy. I'm sure that the end consumer IP range is the same as those ranges available to other internet uses.
CCP probably don't reference the equivalent of a DUL before banning an address in case it is dynamically assigned and frequent to change. Yeah, they probably don't do that.
Yeah, you're completely right and bang on the money. Gold star.
I SERIOUSLY hope you're being sarcastic here. If so, kudos, If not, learn2internet. And yes, I've run into people who'd actually believe that
|
|
Van PokerAlho
|
Posted - 2010.01.20 11:30:00 -
[41]
yes game should have an option to allow logins from different locations, that would solve many things as most people will connect from one or two places, house and work. My understanding about this issue is around 0 but this seems to be a good way to have a better security system.
|
Marko Riva
Adamant Inc.
|
Posted - 2010.01.20 13:06:00 -
[42]
I think there's a very good reason why the OP used some nameless alt to post this with, because it's ****.
----------- I think, therefore I'm single. New projectile damage PDF Alliance creation service |
Cobalt Sixty
Caldari Neh'bu Kau Beh'Hude
|
Posted - 2010.01.21 01:11:00 -
[43]
Originally by: Johnette Napolitano You guys seem to give CCP a lot of leeway here, and yet this is the same company that overwrote the boot.ini file of peoples' computers in one of their patches.
I remember that day.
They said I was mad, MAD! - can you believe it? - for switching to Windows Vista! MUHUHAHAHA! Well I showed them ... mostly by sitting by myself in Ventrilo, wondering where everyone else had gone ...
|
Isurus Paucus
|
Posted - 2010.01.21 13:36:00 -
[44]
Originally by: Caldari Citizen20090217
Even highly mobile clients would be able to use the system. Player attempts to connect from new location -> server promptly logs attempt and denies access. Player logs into acount management, looks at login attempt list, ticks "trust this IP" box, logs in again, success. OK so its clunky, but only needs doing once per location, and as you say should be optional.
This doesn't work since anyone who could potentially log into Eve can log into your account management as well. It would need to be some sort of extra authentication step that doesn't get used very often. ie some banks require an extra password to access certain areas inside of their online banking service.
The problem, of course, is that there's always a chance that if they got one part of your info, they got it all. Travelers would be particularly vulnerable since that extra password would be typed almost as often as the normal one.
In the end, I think password-based security has its realistic limit and we're pretty much at it. Adding an extra layer just wouldn't do much for the investment involved. It's cheaper just to fix end user mistakes than implement any extra measures.
|
Wacktopia
Dark Side Of The Womb
|
Posted - 2010.01.21 13:40:00 -
[45]
Originally by: Arkeladin
Originally by: Wacktopia Edited by: Wacktopia on 19/01/2010 11:02:15
Originally by: Sibane I have one thing to say to you CCP: ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?
Yes, that's right. Dynamic IP ranges mean that, as a consumer, you could end up with pretty much any IP number series in the entire world. I mean, dividing up IP addresses into ranges and allocating these ranges, and indeed sub-ranges, to organisations and individuals would be crazy. I'm sure that the end consumer IP range is the same as those ranges available to other internet uses.
CCP probably don't reference the equivalent of a DUL before banning an address in case it is dynamically assigned and frequent to change. Yeah, they probably don't do that.
Yeah, you're completely right and bang on the money. Gold star.
I SERIOUSLY hope you're being sarcastic here. If so, kudos, If not, learn2internet. And yes, I've run into people who'd actually believe that
Your sarcasm-sense serves you well, Lord Vadar. ---------------------- They're angry there was damage done to their ship. |
Ripcha Headov
Art of War Cult of War
|
Posted - 2010.01.21 13:45:00 -
[46]
I for 1 am thankful for ccp monitoring hackers IPs and banning any account they log into. I would probably of lost msot my stuff if CCP hadn't done this.
Let the CCP unholy rage continue strong!
|
Valnor D'Sylvae
|
Posted - 2010.01.21 14:00:00 -
[47]
Now what about dynamic IPs huh? if i had to add every single IP i get assigned to into a Safe List i'd simply stop playing, most EU countries that provide ADSL use dynamic IP adresses
|
seany1212
Dead poets society
|
Posted - 2010.01.21 14:08:00 -
[48]
Originally by: Wacktopia Edited by: Wacktopia on 19/01/2010 12:31:20 Edited by: Wacktopia on 19/01/2010 12:30:29 Edited by: Wacktopia on 19/01/2010 12:29:58
Originally by: Obeih can you say ranges again? it makes me hot...
You're cute. I like you.
Personally, I think the following would work well and could exist as an optional security setting.
1. When connecting to EVE from an IP address that has not been used on your character yet you see a message saying "you need to authenticate IP xxx.xxx.xxx.xxx".
2. An email will be sent to your registered email address (or SMS mobile phone) with either a link or a short confirmation code.
3. You enter the code in the EVE client and the IP is added to your 'safe' list.
4. In EVE a/c management there is a list of accepted IP's with a 'remove' option (but no add option, to prevent a would-be hacker from simple manually adding their ip).
This system would satisfy those with one or more fixed IP addresses; those with dynamically-assigned home broadband IP addresses; and those who use internet cafes.
TADAAAAHHH!! :)
Edit: Note the key addition here is to use a third part system, such as email or sms, to authenticate. So having a players username and password (ergo a/c management access at present) is not enough on it's own to enter the game from a new IP.
Also, the list valid IPs in a/c management could be partly masked to deter a hacker from IP spoofing...
???.???.123.231 [x - delete] ???.???.9.21 [x - delete]
I would rather not see this implemented, my ISP allocates new IP's everytime i connect so this would have to be done everyday and yes i am using a router but some people do not wish to waste energy by leaving it on for the rest of eves life.
You guys make squeeky noises when you pop, and that's enough motivation as far as I'm concerned. |
Jckruz
|
Posted - 2010.01.21 14:08:00 -
[49]
Being deployed to Afghanistan our local ISP uses a sattellite connection that's stepsite is in somewhere in eastern europe. WHen i first logged on to eve got insta banned. Contacted CCP and they had my accound unbanned in less then 30 minutes.
Not that big of a deal.
|
Don Knots
Gallente
|
Posted - 2010.01.21 14:12:00 -
[50]
Originally by: Anthal Yes, most ISP's do use DHCP for their clients. However, the bigger ISP's now assign you an IP address based on your MAC address. Even if you unplug the device for weeks at a time, you'll usually get the same IP address once you reconnect everything. For those with ISP's that don't practice this, do you have a home router? Is it always on? If so, your IP address will likely never change. You actually have to go out of your way to get a new IP address these days.
And here is the way to 'unblock' your blocked IP address from CCP.
All you do is re-MAC your firewall/router/NAT-PAT device, and a new IP comes down the pipe (you may have to place a phone call to reauth the MAC). Magic unban pill. For every 'security' procedure created, there is a way to get around it. Mice quickly become smarter than the mouse trap.
|
|
Kazang
Wrecking Shots
|
Posted - 2010.01.21 14:21:00 -
[51]
Pro tip, don't play through public proxy's associated with or enabling illegal activity.
Kazang
|
T'Amber
ships of eve
|
Posted - 2010.01.21 14:28:00 -
[52]
Originally by: Chribba
...Snip...
But I'm all for such an OPTIONAL ADDITION to the account, so anyone who wants to can lock down to ranges or even single IP's.
As per your suggestion this was brought to CSM4 and passed. Lets hope it goes further :)
-T'amber
SOE4:DOMINATION
|
Azuse
Brotherhood of Suicidal Priests R.A.G.E
|
Posted - 2010.01.21 14:30:00 -
[53]
Originally by: Chribba
Originally by: Caldari Citizen20090217 Aforementioned armchair network expert checking in...
My be totally up the wrong tree here but: Most ppl connect from a static location, so a fixed IP/range of IPs.
Why don't CCP log logins and the usual IP range used by an account, allowing connects from the usual IP/range but disallowing login attempts from the questionable/new IPs. There could even be a section on the accounts management page (when they get round to giving this thing a seperate pwd) showing trusted IPs/login attempts and allowing users to block/allow IPs at their discretion.
Awaiting flaming from someone who actually knows what they are talking about....
Welcome to years ago, I've suggested similar ideas as an option to increase account security. The reason CCP won't do it right now is most likely because people DO connect from other places than just their homes, and thus may have completly different access ranges, locking down thus wouldn't be a good thing.
But I'm all for such an OPTIONAL ADDITION to the account, so anyone who wants to can lock down to ranges or even single IP's.
This man speaks the truth
Although really, if it's true ccp is doing this it really is ignorant. For so many technical reasons it's simply absurd, but then everyone knows hackers all use the same ip, probably their own home one, every single time with absolutely no way of abusing someone else's. It's also a know fact that every eve player has a static ip and they never, ever use anything else
Many companies have over the years tried to control access to their services by ip. All have failed. Usually with the added bonus of making their customers lives more difficult and diverting resources to something they simply cannot control. Hulu is the best current example -------------------------
|
John Ellsworth
|
Posted - 2010.01.21 14:31:00 -
[54]
Relax there Big Boy the IP's they are "pre-emptied action against are all In China or some other 3 world "hacker haven Country" so if you account got frozen because one of those jerks access "Your Account" from there Country...... then They are doing you such a favor by ..... 1. they have seen it before 2. hacker invents a crazy 3rd party program that is just So helpful you have to have it..(key logger built-in) 3.they get your information 4.they take a peek to see if you have anything of value.. 5.if you did the next time they log (its all gone and your account and characters are TRASHED) 6.Proxies out of the country .. IE Iceland .. are identifiable 7.you owe most of us an apology IMO including CCP
|
Sparkinator
Gallente The Scope
|
Posted - 2010.01.21 14:33:00 -
[55]
Edited by: Sparkinator on 21/01/2010 14:35:41
Quote: And here is the way to 'unblock' your blocked IP address from CCP.
All you do is re-MAC your firewall/router/NAT-PAT device, and a new IP comes down the pipe (you may have to place a phone call to reauth the MAC). Magic unban pill. For every 'security' procedure created, there is a way to get around it. Mice quickly become smarter than the mouse trap.
Your ISP does not keep track of you via your router...it uses your cable modem. Your router does not get the IP address, it just translates it.
Quote:
Posted - 2010.01.19 12:59:00 - [28] - Quote Report
Originally by: Obeihcan you say ranges again? it makes me hot...
You're cute. I like you.
Personally, I think the following would work well and could exist as an optional security setting.
1. When connecting to EVE from an IP address that has not been used on your character yet you see a message saying "you need to authenticate IP xxx.xxx.xxx.xxx".
2. An email will be sent to your registered email address (or SMS mobile phone) with either a link or a short confirmation code.
3. You enter the code in the EVE client and the IP is added to your 'safe' list.
4. In EVE a/c management there is a list of accepted IP's with a 'remove' option (but no add option, to prevent a would-be hacker from simple manually adding their ip).
This system would satisfy those with one or more fixed IP addresses; those with dynamically-assigned home broadband IP addresses; and those who use internet cafes.
TADAAAAHHH!! :)
Edit: Note the key addition here is to use a third part system, such as email or sms, to authenticate. So having a players username and password (ergo a/c management access at present) is not enough on it's own to enter the game from a new IP.
Also, the list valid IPs in a/c management could be partly masked to deter a hacker from IP spoofing...
Good idea, except all they need is to get into your email. If they can get into your account, considering most people use the same passwords for email and other accounts, it wouldn't be that difficult, especially if they use web-based mail with such lax security such as yahoo and gmail. If they really want to get in they would just setup spoofing sites and intercept packets, tricking many dull minded players into fake authenticating IPs.
Mac cloning and IP spoofing are not very hard, however it does cost money to use a true anon proxy service. That is really the only way you are truly anonymous on the internet, and even then you aren't. Banning an IP is really the simplest measure, it is unlikely the people hacking these accounts for profit are going to spend more money just to get into a few. The OP seems to not understand subnetting at all and think there is 1 single ISP who randomly selects a random assortment of numbers and hands it to you. If I tried to hack, and my IP got banned, that's it. I most likely would not get a new IP even with mac cloning, they know you by your cable modem.
If you managed to get a new one, lets say you bought a new modem, or DHCP eventually got around to you (it can be months or a year or more for some providers) , you are still on the same subnet. I am still on the 64.128.xxx.xxx network. They would look at that, notice someone in my city AGAIN tried hacking, and ban. Most likely, it is not my neighbor who happens to also want to hack an EVE account.
Most hacking is social engineering and server side stuff, there isn't much you can do on the client side. Contrary to what people think, ISP's and big companies like CCP do know what they are doing :P The fact the internet works is because you really aren't anonymous, if at any point you find a way to completely hide yourself you will lose all connectivity and then you wouldn't be a very good hacker, would you? --------------------------- Your neighborhood sociopath. |
Hera Ominae
|
Posted - 2010.01.21 14:39:00 -
[56]
Originally by: Sibane http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1125764&page=1#3
Originally by: CCP Fallout Unfortunately, Customer Support has to take preemptive action when accounts have been accessed by IPs frequently used by hackers, even though nothing has been stolen yet
I have one thing to say to you CCP: ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?
Don't buy ISK. Don't use proxy to play games... LOL some dudes think they're 'lone gun men'
|
Sakari Mikko
|
Posted - 2010.01.21 14:39:00 -
[57]
/me wonders if half of the people here even know what IP stands for.
|
Helicity Boson
Amarr The Python Cartel. The Jerk Cartel
|
Posted - 2010.01.21 14:41:00 -
[58]
Derp.
Maybe because dealing with a few "false positives" and preventing thefts is less work to deal with than cleanup after a theft.
|
Sparkinator
Gallente The Scope
|
Posted - 2010.01.21 14:44:00 -
[59]
Originally by: Sakari Mikko /me wonders if half of the people here even know what IP stands for.
you mean Internet Protocol, part of the TCP/IP suite? The set of Internet protocols developed and maintained by a group of international organizations who create rules and qualify new protocols?
Yea, some of us might. ;) --------------------------- Your neighborhood sociopath. |
Sakari Mikko
|
Posted - 2010.01.21 15:01:00 -
[60]
Originally by: Sparkinator
Originally by: Sakari Mikko /me wonders if half of the people here even know what IP stands for.
you mean Internet Protocol, part of the TCP/IP suite? The set of Internet protocols developed and maintained by a group of international organizations who create rules and qualify new protocols?
Yea, some of us might. ;)
Originally by: Sparkinator
If I tried to hack, and my IP got banned, that's it. I most likely would not get a new IP even with mac cloning, they know you by your cable modem.
If your internet protocol were to be banned which one would you use?
Oh I get it you mean your internet protocol address.
|
|
|
|
|
Pages: 1 [2] 3 :: one page |
First page | Previous page | Next page | Last page |