Jump to content
Sign in to follow this  
ZMarine123

"Hacked" by [Ha.De]

Recommended Posts

EB46929162F2DB3250A60700F40AC2B51E73ABCD

So a couple minutes ago this banner popped up in our server. I'm not entirely sure what to think of this. Anyone care to shed some light on who these classy [Ha.De] fellows are, and how one would go about preventing this from happening in the future?

Share this post


Link to post
Share on other sites

What security measures have you taken? Do you have BattlEye enabled? V2 signatures?

Share this post


Link to post
Share on other sites
I'm not sure about V2 signatures.

If you aren't checking v2 sigs, you had might as well roll out the red carpet. BE and v2 sigs are pretty effective together, but either one alone is a crapshoot.

Of course, if you ARE checking v2 sigs, you might want to send a report to BE.

Edited by Harzach

Share this post


Link to post
Share on other sites

I'd have to ask the server owner, but he's offline at the moment though as well as everyone else with access to the server configurations.

Share this post


Link to post
Share on other sites

It's a shame people have nothing better to do with their time

Share this post


Link to post
Share on other sites

These kids seem to think they have accomplished something when they hack clan/community servers as if the folks who run them are all IT qualified and experts in security.

If you hack these servers, your skill level would probably be -10, try something harder like a proper hosting company server and prove your skills there instead of spoiling the fun that hard working folks have when they get home and the last thing they want is a pubescent spotty kid who cant get it off, so has to revert to this for their ego.

I have no patience for these type of people and although I dont believe in any higher authority, I do believe in fate and am sure that something really bad will happen to them eventually. A just deserve.

Share this post


Link to post
Share on other sites

We think alike in some ways Terox

But the best way to counter this is to shutdown the server, then find through DaRT the person's name (which may be difficult) and then permanently ban them either through that or through the server. Nor much in some cases but eases the state of mind.

Share this post


Link to post
Share on other sites
We think alike in some ways Terox

But the best way to counter this is to shutdown the server, then find through DaRT the person's name (which may be difficult) and then permanently ban them either through that or through the server. Nor much in some cases but eases the state of mind.

Most of them connect via a proxy so you cant trace the IP to anywhere that an ISP would be interested in

If they didnt and you had some proof, e.g wireshark logs then that would end badly for them

Share this post


Link to post
Share on other sites

You can ban the user id however, so that they never join again. If we had a list of banned UIDs then the pirates would fade away.

Share this post


Link to post
Share on other sites

Well I use DaRT which doesn't always log IPs but the GUID for each player, and that's how we ban them from the server, and it works too.

Share this post


Link to post
Share on other sites

same here :

18.05.2014 11:51:14: Inspecteur Nicos (88.140.79.244:2304) cc3d4ce19f3b774490e23304978b2124 - Compile Block "

if (isServer) then {

call compile ("_object = create" + "Vehicle ['I_Plane_Fighter_03_CAS_F', [3623.18, 13200.3, 0], [], 0, 'CAN_COLLIDE'];

_uid = _object call objectUID;

_object setVariable ['ObjectID', 76683.6, true];

_object setVariable ['ObjectUID', _uid, true];

_object setVariable ['OwnerID', 0, true];

_object setDir 16.9736;

serverObjectMonitor set [count serverObjectMonitor, _object];

");

};"

18.05.2014 11:52:43: Inspecteur Nicos (88.140.79.244:2304) cc3d4ce19f3b774490e23304978b2124 - Compile Block "

if (isServer) then {

call compile ("_object = create" + "Vehicle ['B_G_Mortar_01_F', [8446.68, 25231, 0], [], 0, 'CAN_COLLIDE'];

_uid = _object call objectUID;

_object setVariable ['ObjectID', 1791.77, true];

_object setVariable ['ObjectUID', _uid, true];

_object setVariable ['OwnerID', 0, true];

_object setDir 16.9736;

serverObjectMonitor set [count serverObjectMonitor, _object];

");

};"

18.05.2014 12:49:46: Inspecteur Nicos (88.140.79.244:2304) 94407a3394f016e80799c5ee26df0b47 - Compile Block "

if (isServer) then {

call compile ("_object = create" + "Vehicle ['B_Heli_Light_01_F', [8446.48, 25240.8, 0], [], 0, 'CAN_COLLIDE'];

_uid = _object call objectUID;

_object setVariable ['ObjectID', 18427.1, true];

_object setVariable ['ObjectUID', _uid, true];

_object setVariable ['OwnerID', 0, true];

_object setDir 16.9773;

serverObjectMonitor set [count serverObjectMonitor, _object];

");

};"

18.05.2014 11:45:27: Inspecteur Nicos (88.140.79.244:2304) cc3d4ce19f3b774490e23304978b2124 - #11 "Box_NATO_Ammo_F" 192:41 [3690,13109,11]

18.05.2014 11:55:32: Inspecteur Nicos (88.140.79.244:2304) cc3d4ce19f3b774490e23304978b2124 - #11 "Box_NATO_Ammo_F" 211:69 [8444,25224,84]

18.05.2014 11:55:36: Jean Jaqui (77.204.58.12:2304) 41489eebff03e397c66707f4aa9301f3 - #11 "Box_NATO_Ammo_F" 176:789 [3642,13198,10]

6d5dcda824556525bf5d78dd3c6c5aea -1 Battleye : Detect Hack #45896*T

94407a3394f016e80799c5ee26df0b47 -1 Battleye : Detect Hack #48962*T

195.132.242.147 -1 Battleye : Detect Hack #45896*T

88.140.79.244 -1 Battleye : Detect Hack #48962*T

Share this post


Link to post
Share on other sites

I highly doubt this, but "ha.de" on google returns a Server Hosting company...

Share this post


Link to post
Share on other sites

We had this last night from a player called AniTex. I have his PUID and the incident was recoded on Fraps, anything we can do to get him a global ban?

Share this post


Link to post
Share on other sites

I'd suggest going to BattleEye direct and seeing if you can recommend a global ban, but since we have a name now most Admins know who to look for. I think it takes a few bans (correct me if I'm wrong) to global ban? In either case I'll try and him/her to my DaRT to ban as well.

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×