| Pages: [1] 2 3 4 :: one page |
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
Tonkin
   |
Posted - 2006.04.09 04:19:00 -
[1]
comunication is essential in fleet ops, the gang chat in eve is good for small gangs up to 10.
but for bigger engagements we rely on ts or a other comunication aplication.
now today there was a incident which resulted in a few heavy loss's due to brakedown in comunication.
this brake down was caused due to a ts being hacked shortly before the hostile fleet engaged us. not naming no names or blaming anyone. but has any allaince or big/small corp have this happen to them?
why do people have to resort to hacking a teamspeak to disorganise a fleet and sending everyone dizzy in miscomunication, to win a battle. this fleet that engaged us was bigger than we had but they had to cheat. now im not sure if it was a ingame player or just some fat nerd gettin off on hacking a teamspeak server but this type of play is just wrong.
here im not naming no allainces or corps that did this BUT STOP ITS WRONG AND SERRIOUSLY IT RUINS GAMEPLAY AND THE CHALLANGE ON WINNING A BATTLE
i maybe wrong or right but cheating is just ghey
will kill anythin for the right price |
Double TaP
|
Posted - 2006.04.09 04:20:00 -
[2]
I'l agree if its true that your enemy hacked your ts. Thats sad and ridiculous.
|
Arkanor
|
Posted - 2006.04.09 04:20:00 -
[3]
Edited by: Arkanor on 09/04/2006 04:20:13
I strongly advise passwording your server (or does that not work?)
|
Tonkin
|
Posted - 2006.04.09 04:21:00 -
[4]
we have we had it really secure, no one could get on without registering first or being let out of the foyer.
only 2 people had access to admin controls
will kill anythin for the right price |
TotensBurntCorpse
|
Posted - 2006.04.09 04:30:00 -
[5]
Some ppl dont want to play
they want to win (what ever that means)
no real defence against them
only pity
TotensBurntCorpse
Likes
EVE, Starfleet Command Series, Earth & Beyond, Anything Battlefield, MOHAA, Call of Duty.
Dislikes
Not much. |
JFxSummoner
|
Posted - 2006.04.09 04:35:00 -
[6]
Hello, is there proof of this so called hacking? if not that is a serious allagation to be making. no defence to whom ever this may be i dunno if it happened or not.
~S~
|
Kel Shek
|
Posted - 2006.04.09 04:37:00 -
[7]
now I've never been involved in all that fleet stuff....
if it was really "hacked" as in someone *****ing the password or something.... then that sucks.
but I'd bet whats far more likely, is a spy, in which case I don't see why its all that different from any other case of spying....
some would argue that using teamspeak or whatnot (not part of the game...) is itself cheating. your using a utility outside of the game, while playing, to have an advantage over the other group.
while I've been in a group thats used Vent in an MMO, to coordinate group stuff.. (only listening, not talking) while it does smooth things... its nothing that can't be said in game. ... or are people who have such important strategys, unable to touch type? 
if you were in a HUGE fleet or something, why not have each squad or whatnot function independently, have one channel(voice or game) for the commanding person, and each squad leader instructing their squad on a separate channel(in game or voice) ... at very least it'd compartmentalize things so that a spy would have a more limited effect.
again, I concede that maybe I just lack experience or whatever. but it seems like a pretty obvious way of trying to prevent such problems.
why not always have a alternative and be ABLE to function solely within the games default chat, or have provisions for dealing with infiltration.
~~~~~
To see a World in a Grain of Sand
And Heaven in a Wild Flower
Hold Infinity in the palm of your hand
And Eternity in an hour
~~William Blake |
Tonkin
|
Posted - 2006.04.09 04:38:00 -
[8]
thats why im naming no names, i cant proof there cheating but everyone knows IT DOES HAPPEN
alot of my buddies in eve and people that have though this corp allaince etc, have had the same probles.
dont know might be coincidence everytime every odd time we fight them, might be a drunk provider playing a joke or a nerd getting his kicks.
will kill anythin for the right price |
Tonkin
|
Posted - 2006.04.09 04:43:00 -
[9]
 Originally by: Kel Shek
now I've never been involved in all that fleet stuff....
if it was really "hacked" as in someone *****ing the password or something.... then that sucks.
but I'd bet whats far more likely, is a spy, in which case I don't see why its all that different from any other case of spying....
some would argue that using teamspeak or whatnot (not part of the game...) is itself cheating. your using a utility outside of the game, while playing, to have an advantage over the other group.
while I've been in a group thats used Vent in an MMO, to coordinate group stuff.. (only listening, not talking) while it does smooth things... its nothing that can't be said in game. ... or are people who have such important strategys, unable to touch type?
if you were in a HUGE fleet or something, why not have each squad or whatnot function independently, have one channel(voice or game) for the commanding person, and each squad leader instructing their squad on a separate channel(in game or voice) ... at very least it'd compartmentalize things so that a spy would have a more limited effect.
again, I concede that maybe I just lack experience or whatever. but it seems like a pretty obvious way of trying to prevent such problems.
why not always have a alternative and be ABLE to function solely within the games default chat, or have provisions for dealing with infiltration.
i do agree with that, but we use ts to help us organise our battles and defend our space better. true its a outgame feature we use but better than 100 people typing in a gang chat.
now using seperate groups its a good and valid stragety which we do use to co-ordinate with our allies that are in a seperate gang. but having a audio system which makes everyone on the same page and to instantly respond when a corp or a allaince mate is in trouble is important. you can say its a advantage, but every corp and allaince still uses or would like to use team speak or a simular aplication
will kill anythin for the right price |
Valium Summer
|
Posted - 2006.04.09 05:06:00 -
[10]
Sabotage, Espionage...
"All is fair in love and war"
I don't think the Germans could post any complaints on the WWII forums when the British *****ed the Enigma code.
How exactly was your communication broken up? You didn't elaborate.
I have seen the Arctic Circle... And it is round. |
Raven Aure
|
Posted - 2006.04.09 05:14:00 -
[11]
Following on from what Valium said - we haven't actually heard whether this was an actual hack or simply social engineering.
Care to spill?
______________________
"Ahh, Raven Aure. Your reputation precedes you."
"Uh oh. Which one?"
Originally by: Density5
brb gotta sleep
|
Maeglin
|
Posted - 2006.04.09 05:16:00 -
[12]
Well a TS server crashing at the most inopportune moment is a good piece of circumstantial evidence. Certainly the opponent would have a motive to. I think we just need to tighten up security... a LOT. To do that though we'd need to know exactly how the server (or client, whatever happened) went down. That'd be a start at least.
|
Raven Aure
|
Posted - 2006.04.09 05:21:00 -
[13]
Edited by: Raven Aure on 09/04/2006 05:21:45
Originally by: Maeglin
Well a TS server crashing at the most inopportune moment is a good piece of circumstantial evidence. Certainly the opponent would have a motive to. I think we just need to tighten up security... a LOT. To do that though we'd need to know exactly how the server (or client, whatever happened) went down. That'd be a start at least.
Ok, I'm seeing conflicting info here. Was the TS server hacked or spied upon? Was false information provided through verbal communication which caused the problems? Did the server actually crash?
Without trying to explain, reason or analyse; what actually happened? Then we'll work out why. Then what to do to stop it.
______________________
"Ahh, Raven Aure. Your reputation precedes you."
"Uh oh. Which one?"
Originally by: Density5
brb gotta sleep
|
Eternal Fury
|
Posted - 2006.04.09 05:45:00 -
[14]
I'll say this..
if we have no problem with a Vet ganking a newb in a .4 system
if we have no problem with someone scamming a corp
if we have no problem with Escrow scams
if we have no problem with suicide kills in High sec.
Why would "hacking" into someone's TS server be any different. If they actually hacked it, that's an arrestable offense in come countries. If they just scammed their way into getting the info for your TS server, and gettin on it and relaying that info to your rivals, that's just social engineering.
If you dont know what I mean by this, look up Kevin Mitnik.
I see this as a valid tactic. Actual Hacking of the server is different. Like I said, that's an arrestable offence(most places).
demand is greater then supply = high price.
supply is greater then demand = low price.
|
Hllaxiu
|
Posted - 2006.04.09 05:54:00 -
[15]
Originally by: Raven Aure
Without trying to explain, reason or analyse; what actually happened? Then we'll work out why. Then what to do to stop it.
Someone got superadmin via some sort of a remote exploit (According to the hosting provider) and completely changed the server's configuration about. All accounts were deleted, all channels deleted and replaced with their own and corpmates logging in could not join any channel and couldn't speak or do anything (eventually connections were removed entirely).
Teamspeak does not strike me as a particularly secure application (clear text logins over UDP?!?!!?!) - does anyone know about the comparative advantages of Ventrillo? (other than that the latter isn't a free application)
---
Our greatest glory is not in never failing, but in rising up every time we fail. - Emerson |
Raven Aure
|
Posted - 2006.04.09 06:03:00 -
[16]
Originally by: Hllaxiu
Originally by: Raven Aure
Without trying to explain, reason or analyse; what actually happened? Then we'll work out why. Then what to do to stop it.
Someone got superadmin via some sort of a remote exploit (According to the hosting provider) and completely changed the server's configuration about. All accounts were deleted, all channels deleted and replaced with their own and corpmates logging in could not join any channel and couldn't speak or do anything (eventually connections were removed entirely).
Teamspeak does not strike me as a particularly secure application (clear text logins over UDP?!?!!?!) - does anyone know about the comparative advantages of Ventrillo? (other than that the latter isn't a free application)
First of all, thank you for the nuts and bolts of what happened. Now to work out why.
Password Discovery
You mention the possibility of clear-text logins over UDP. It is very unlikely that any half-decent piece of software will send login information over UDP due to it being a connection-less protocol. It is much more likely that it will be sent using TCP. Either way, it is possible that it's done in clear text - I will test in a minute with a packet sniffer and post the results.
Even if the information was being sent in clear-text, you would need to intercept the traffice to read the packets. Since it's fairly difficult to do this between the two nodes it would be at one or the other. Keyloggers, console access etc etc.
We'll assume that this hasn't happened due to what your hosting provider has said.
"Remote Exploit"
Unfourtunately, this is pretty vague. I can think of two main possibilities off the top of my head. The first centers around the server that TS was running on and it's underlying operating system. If there was a vulnerability in that it could be possible to gain console/root access and modify the TS server.
Otherwise, you are looking at an issue with TS itself. Perhaps along the lines of a mal-formed packet or something similar. This would need to be taken up with TeamsSpeak and could well be a major issue.
... More in a few.
______________________
"Ahh, Raven Aure. Your reputation precedes you."
"Uh oh. Which one?"
Originally by: Density5
brb gotta sleep
|
Hllaxiu
|
Posted - 2006.04.09 06:26:00 -
[17]
Out of curiosity - does anyone use this piece of software? If so, how well does it work?
---
Our greatest glory is not in never failing, but in rising up every time we fail. - Emerson |
Raven Aure
|
Posted - 2006.04.09 06:41:00 -
[18]
So, what to do?
Well the first thing is to get as much information as your host can possibly give you. Server logs, firewall logs, teamspeak logs, SYSLOG dumps and as much detail as to:
1) How the attack happened.
2) If it was their fault - what they are doing to ensure it doesn't happen again.
If you don't get a reasonable answer to that - change host.
TeamSpeak has never been particularly secure in my eyes and having seen it through a packet sniffer I'm not impressed at all. Changing is certainly one option - however it raises some issues. I haven't used Ventrilo so I can't make a comparison between the two except on one item. Cost. Need I say more there?
In the corporate environments I deal with, we usuall run true VOIP and do it over VPN when it's used by remote workers. This puts a fantastic layer of security in place as it requires all sorts of authentication and encapsulates all of your data in an encrypted tunnel. However, it has some issues - most notably the requirement of VPN. I'm guessing it's somewhat out of your league.
I am not currently aware of a free & "secure" VOIP solution.
Here's a useful thread detailing steps that can be taken to make TS a bit more secure.
The other thing that we musn't ignore here is the procedure and policy that is in place to ensure that your system is as safe and sound as possible. By the sounds of things you already have a fair idea of what you're doing on that front, but it doesn't hurt to review things every once in a while. It might even be worth putting a procedure in place so that people know what to do in the event of this happening again - perhaps there's a power outage for example?
I think I'll shut up now.
-----------------------------
A bit about me:- I'm a self-employed Technology Consultant specialising in Windows & IP infrastracture systems in the UK. I'm always more than happy to give advice like this. If you need my expertise in a more confidential fashion, please feel free to contact me in-game.
______________________
"Ahh, Raven Aure. Your reputation precedes you."
"Uh oh. Which one?"
Originally by: Density5
brb gotta sleep
|
DJBoo
|
Posted - 2006.04.09 07:17:00 -
[19]
Edited by: DJBoo on 09/04/2006 07:17:55
This thread is going way to long. If TS sends password info via plain text, they simply used a packet sniffer program to sniff all traffic to your TS ip which is easy to get via a spy. simply put you got owned, its actually very funny and almost original. If the attackers have recordings of the chaos on ts please send the files to me for my collection (contact me in game to do so anon as always).
To avoid it again , use a program that doesnt suck and send data in plain text, but lots of programs use plain text so expect it to happen again possibly , all I can say is ROFL, WHOOPSY....
LOUD
DJBoo
|
Raven Aure
|
Posted - 2006.04.09 07:33:00 -
[20]
Originally by: DJBoo
Edited by: DJBoo on 09/04/2006 07:17:55
If TS sends password info via plain text, they simply used a packet sniffer program to sniff all traffic to your TS ip which is easy to get via a spy.
Yes, you can get the IP via a spy. That doesn't mean you can "simply" sniff all traffic to/from that IP - let alone passwords. Networks simply don't work like that.
______________________
"Ahh, Raven Aure. Your reputation precedes you."
"Uh oh. Which one?"
Originally by: Density5
brb gotta sleep
|
Sidraket
|
Posted - 2006.04.09 07:48:00 -
[21]
This why i dont like voice communication. I have been playing online games for ages, long ago when i was much younger i was in a serious guild and seriously played a game, and you know what back then we didint have high speed internet and there was no voice communication.
How on earth did we function then? We practiced, a whole lot. Day in and day out. And everything was modular. It was all broken down into small groups, we learned our jobs and did them, we learned others jobs so that we could do them, we got to where we could intigrate ourselves on the fly with other groups. The only needed communication was whoever was leading, would point out primary targets and our individual groups would, by virtue of situational awareness, know which ones we should be going after.
Stop trying to force individuals to cooperate with crude hastey shouts or frantic typo filled text and simply become a single mind.
I used to be able to type as fast as i could talk with one hand. Why? no its not for that, its because in my day you could only affiord one hand for communication, the other was too buisy doing other stuff. And ill tell you, my hand is still screwed up from the whole thing, i lose feeling in my right hand often, because back then my finters would fly~ nonstopped, for hours on end, sometimes it would start hurting and i would wrap it up tight so i could keep going. Those where the days
|
DJBoo
|
Posted - 2006.04.09 07:51:00 -
[22]
Edited by: DJBoo on 09/04/2006 07:51:35
Shoosh Raven Aure I don't care to hear your attempts at networking for dummies
|
Kaladr
|
Posted - 2006.04.09 07:55:00 -
[23]
Originally by: DJBoo
Edited by: DJBoo on 09/04/2006 07:51:35
Shoosh Raven Aure I don't care to hear your attempts at networking for dummies
They don't work like that though. What as your point again?
----
EVE-Central.com | Obsidian Technologies - 0.0 Manufacturing, Defense and Logistics. We're hiring! Mail me |
Sergeant Spot
|
Posted - 2006.04.09 08:00:00 -
[24]
For the record:
Hacking an opponent's Team Speak is not "part of the game", it is a real life crime.
|
Maya Rkell
|
Posted - 2006.04.09 08:57:00 -
[25]
Edited by: Maya Rkell on 09/04/2006 08:59:45
Originally by: Hllaxiu
Originally by: Raven Aure
Without trying to explain, reason or analyse; what actually happened? Then we'll work out why. Then what to do to stop it.
Someone got superadmin via some sort of a remote exploit (According to the hosting provider) and completely changed the server's configuration about. All accounts were deleted, all channels deleted and replaced with their own and corpmates logging in could not join any channel and couldn't speak or do anything (eventually connections were removed entirely).
Teamspeak does not strike me as a particularly secure application (clear text logins over UDP?!?!!?!) - does anyone know about the comparative advantages of Ventrillo? (other than that the latter isn't a free application)
Yes, it's just as "secure", and you'll have ~20% of your players afflicted with major sound bugs on it. Sigh.
TS3 has FAR better security features, I'm told.
The most amusing trick I've seen involving TS was "last minute diplomatic negociationsd", held on the enemy's TS, in their main channel. As our side's fleet warped in (this was quite some time ago :P) our reps started singing. Badly. THAT was just silly on the enemy's part 
"The Human eye is a marvelous device, with a very little effort it can overlook all but the most glaring injustice" - Quellchrist Falconer |
Kai Lae
|
Posted - 2006.04.09 09:04:00 -
[26]
Well, let's just say it's a crime that happens pretty often from what I've seen. In a year and a half I've been playing this game, it's happened 3 times.
Basically when it comes down to it you can tell the kind of people you are dealing with by their actions, and I have no respect for them. If it wasn't for the fact that every time that it's happened that an enemy fleet has concidentally jumped into us. Every single time I might say it's pure chance, but the instant cause (enemy fleet jumps in) and then the hacking coming right after that kinda makes me have a hard time believing that. If you have no morals, or no sense of right or wrong, why not, the odds of being caught are basically zero. Matter of fact I'm sure that they're laughing about it right now as they read this and congratulating themselves on how 1337 they are. They're pathetic IMO.
|
Raven Aure
|
Posted - 2006.04.09 09:07:00 -
[27]
Originally by: Kai Lae
Edited by: Kai Lae on 09/04/2006 09:05:36
Well, let's just say it's a crime that happens pretty often from what I've seen. In a year and a half I've been playing this game, it's happened 3 times.
Yeah, but the real problem here is that it looks like an out of game crime. That's something totally different...
______________________
"Ahh, Raven Aure. Your reputation precedes you."
"Uh oh. Which one?"
Originally by: Density5
brb gotta sleep
|
gfldex
|
Posted - 2006.04.09 09:29:00 -
[28]
Teamspeak stores password in clear text. A simply http-request can last out to obtain _all_ stored passwords. If the host is compromised (we need read access here) TS passwords are compromized.
Never ever reuse a password that's stored by teamspeak.
--
$ perl -n -e 'print "Stop blameing pirates! Oveur is the root of all evil!\n" if m/podkill|lost my ship|gank|gate camp|Verone/;'
|
Raven Aure
|
Posted - 2006.04.09 09:33:00 -
[29]
Originally by: gfldex
Teamspeak stores password in clear text. A simply http-request can last out to obtain _all_ stored passwords. If the host is compromised (we need read access here) TS passwords are compromized.
Never ever reuse a password that's stored by teamspeak.
Excellent, thanks for the info on this one. I'll take a look into this and run a couple of tests once I've got some sleep.
______________________
"Ahh, Raven Aure. Your reputation precedes you."
"Uh oh. Which one?"
Originally by: Density5
brb gotta sleep
|
Deja Thoris
|
Posted - 2006.04.09 09:50:00 -
[30]
Originally by: Eternal Fury
I'll say this..
if we have no problem with a Vet ganking a newb in a .4 system
if we have no problem with someone scamming a corp
if we have no problem with Escrow scams
if we have no problem with suicide kills in High sec.
Why would "hacking" into someone's TS server be any different. If they actually hacked it, that's an arrestable offense in come countries. If they just scammed their way into getting the info for your TS server, and gettin on it and relaying that info to your rivals, that's just social engineering.
If you dont know what I mean by this, look up Kevin Mitnik.
I see this as a valid tactic. Actual Hacking of the server is different. Like I said, that's an arrestable offence(most places).
I draw the line at out of game stuff. If you need to use out of game means to win at EvE then you are missing the point.
|
| |
|
| Pages: [1] 2 3 4 :: one page |
| First page | Previous page | Next page | Last page |