"Hacked" by [Ha.De]

[ZMarine123 10]

So a couple minutes ago this banner popped up in our server. I'm not entirely sure what to think of this. Anyone care to shed some light on who these classy [Ha.De] fellows are, and how one would go about preventing this from happening in the future?

[Harzach 2516]

What security measures have you taken? Do you have BattlEye enabled? V2 signatures?

[ZMarine123 10]

BattlEye is enabled, though I'm not sure about V2 signatures.

[Harzach 2516]

I'm not sure about V2 signatures.

If you aren't checking v2 sigs, you had might as well roll out the red carpet. BE and v2 sigs are pretty effective together, but either one alone is a crapshoot.

Of course, if you ARE checking v2 sigs, you might want to send a report to BE.

Edited April 16, 2014 by Harzach

[ZMarine123 10]

I'd have to ask the server owner, but he's offline at the moment though as well as everyone else with access to the server configurations.

[jandrews 116]

or you could just use pw server

[warlord554 2065]

It's a shame people have nothing better to do with their time

[terox 316]

These kids seem to think they have accomplished something when they hack clan/community servers as if the folks who run them are all IT qualified and experts in security.

If you hack these servers, your skill level would probably be -10, try something harder like a proper hosting company server and prove your skills there instead of spoiling the fun that hard working folks have when they get home and the last thing they want is a pubescent spotty kid who cant get it off, so has to revert to this for their ego.

I have no patience for these type of people and although I dont believe in any higher authority, I do believe in fate and am sure that something really bad will happen to them eventually. A just deserve.

[EricJ 759]

We think alike in some ways Terox

But the best way to counter this is to shutdown the server, then find through DaRT the person's name (which may be difficult) and then permanently ban them either through that or through the server. Nor much in some cases but eases the state of mind.

[terox 316]

We think alike in some ways Terox

But the best way to counter this is to shutdown the server, then find through DaRT the person's name (which may be difficult) and then permanently ban them either through that or through the server. Nor much in some cases but eases the state of mind.

Most of them connect via a proxy so you cant trace the IP to anywhere that an ISP would be interested in

If they didnt and you had some proof, e.g wireshark logs then that would end badly for them

[kremator 1065]

You can ban the user id however, so that they never join again. If we had a list of banned UIDs then the pirates would fade away.

[EricJ 759]

Well I use DaRT which doesn't always log IPs but the GUID for each player, and that's how we ban them from the server, and it works too.

[mariodu62 5]

With B3console from bigbrotherbot

[havena 10]

same here :

18.05.2014 11:51:14: Inspecteur Nicos (88.140.79.244:2304) cc3d4ce19f3b774490e23304978b2124 - Compile Block "

if (isServer) then {

call compile ("_object = create" + "Vehicle ['I_Plane_Fighter_03_CAS_F', [3623.18, 13200.3, 0], [], 0, 'CAN_COLLIDE'];

_uid = _object call objectUID;

_object setVariable ['ObjectID', 76683.6, true];

_object setVariable ['ObjectUID', _uid, true];

_object setVariable ['OwnerID', 0, true];

_object setDir 16.9736;

serverObjectMonitor set [count serverObjectMonitor, _object];

");

};"

18.05.2014 11:52:43: Inspecteur Nicos (88.140.79.244:2304) cc3d4ce19f3b774490e23304978b2124 - Compile Block "

if (isServer) then {

call compile ("_object = create" + "Vehicle ['B_G_Mortar_01_F', [8446.68, 25231, 0], [], 0, 'CAN_COLLIDE'];

_uid = _object call objectUID;

_object setVariable ['ObjectID', 1791.77, true];

_object setVariable ['ObjectUID', _uid, true];

_object setVariable ['OwnerID', 0, true];

_object setDir 16.9736;

serverObjectMonitor set [count serverObjectMonitor, _object];

");

};"

18.05.2014 12:49:46: Inspecteur Nicos (88.140.79.244:2304) 94407a3394f016e80799c5ee26df0b47 - Compile Block "

if (isServer) then {

call compile ("_object = create" + "Vehicle ['B_Heli_Light_01_F', [8446.48, 25240.8, 0], [], 0, 'CAN_COLLIDE'];

_uid = _object call objectUID;

_object setVariable ['ObjectID', 18427.1, true];

_object setVariable ['ObjectUID', _uid, true];

_object setVariable ['OwnerID', 0, true];

_object setDir 16.9773;

serverObjectMonitor set [count serverObjectMonitor, _object];

");

};"

18.05.2014 11:45:27: Inspecteur Nicos (88.140.79.244:2304) cc3d4ce19f3b774490e23304978b2124 - #11 "Box_NATO_Ammo_F" 192:41 [3690,13109,11]

18.05.2014 11:55:32: Inspecteur Nicos (88.140.79.244:2304) cc3d4ce19f3b774490e23304978b2124 - #11 "Box_NATO_Ammo_F" 211:69 [8444,25224,84]

18.05.2014 11:55:36: Jean Jaqui (77.204.58.12:2304) 41489eebff03e397c66707f4aa9301f3 - #11 "Box_NATO_Ammo_F" 176:789 [3642,13198,10]

6d5dcda824556525bf5d78dd3c6c5aea -1 Battleye : Detect Hack #45896*T

94407a3394f016e80799c5ee26df0b47 -1 Battleye : Detect Hack #48962*T

195.132.242.147 -1 Battleye : Detect Hack #45896*T

88.140.79.244 -1 Battleye : Detect Hack #48962*T

[colinm9991 20]

I highly doubt this, but "ha.de" on google returns a Server Hosting company...

[Mr_B_A_Baracus 10]

We had this last night from a player called AniTex. I have his PUID and the incident was recoded on Fraps, anything we can do to get him a global ban?

[EricJ 759]

I'd suggest going to BattleEye direct and seeing if you can recommend a global ban, but since we have a name now most Admins know who to look for. I think it takes a few bans (correct me if I'm wrong) to global ban? In either case I'll try and him/her to my DaRT to ban as well.