AAO25.com
America's Army => General Chat => Topic started by: [SWISS]Merlin on Friday, June 03, 2016, 15:07:09 PM
-
fact #1:
server admins, check out the following file, located at your system/pb folder of aa2:
pbpower.dat
this entry will be appended to this file, you will be surprised:
[06.03.2016 18:00:22] 100 7695df6c0524a57e511e2f720f56db46 "?"
the value of 100 will give to this GUID high power on your server (which you maybe dont want)!! If you try to delete this, it will be appended again by assist.
and another surprise! guess who is in line with this GUID (Global User ID)?
we check now:
aa250logs\Logs\Server30.log:05/02/16 21:49:26 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #8) 201.29.60.184:53314 Possessed
aa250logs\Logs\Server30.log:05/02/16 22:04:39 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #4) 201.29.60.184:64031 Possessed
aa250logs\Logs\Server30.log:05/02/16 22:39:43 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #5) 201.29.60.184:54918 Possessed
aa250logs\Logs\Server30.log:05/21/16 03:21:17 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #2) 187.78.164.96:55316 Possessed
-
fact #2:
because of this fact, Possessed will be able to join every server with this extra power and without any knowing of you all.
and i dont want this on my private servers. so i did ban this GUID, Possessed will not be able to join my servers again.
5 days later, i had the first DDoS attack on my internet IP, selected by port 8080, which is my apache servers port, using to add some informations to my clan page.
so the guy doing this attack do know my clanpage and - specially - my port 8080 using it, which is not normal (http port is normal 80, not 8080).
so the proof is done, the attacker did know my clanpage and more - the usage of the special port of 8080 :)
-
fact #3:
using a local bot net is much more cheap then using a big one, working with computers together loacated all over the world.
the following extract of my router logfile does show:
Date Time Source Port Target Type Action IP Location
02.06.2016 20:34:47 191.22.145.76 11256 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.164.61.48 22765 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.153.233.208 13013 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:47 191.50.131.29 58317 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.41.38.220 34340 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.75.189.181 32913 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:47 191.88.179.46 56253 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:47 191.23.31.159 24530 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.168.85.128 57035 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 179.141.255.122 5283 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.233.32.56 21893 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Japan
02.06.2016 20:34:47 179.55.60.239 24615 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.182.107.232 25673 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.212.139.126 50328 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.29.246.181 36160 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.93.29.116 15848 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:47 179.96.148.253 37840 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.164.8.87 17908 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 179.253.198.231 54719 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.57.26.104 21420 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.209.228.181 3216 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 179.122.198.187 58627 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.217.16.223 786 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.94.55.176 47195 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:47 179.129.118.226 10919 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:47 191.197.49.208 22846 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.230.45.116 26206 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.173.23.55 26431 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.192.246.243 4652 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.122.133.134 46124 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.130.102.199 31634 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.90.32.236 27 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.182.54.75 6475 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.104.66.6 32630 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.69.19.39 3270 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.229.46.216 12745 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.230.31.154 4102 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 179.15.60.114 30438 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.84.136.150 27849 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Argentina
02.06.2016 20:34:48 179.212.25.176 38225 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.60.136.95 15975 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.114.226.146 36411 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Chile
02.06.2016 20:34:48 191.68.68.176 50488 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.127.202.85 35969 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Chile
02.06.2016 20:34:48 191.136.147.227 1971 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.102.221.254 8107 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.10.180.207 53979 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.59.40.2 29224 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.141.14.246 56847 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.157.213.83 10573 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.223.185.72 2671 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.87.28.67 44763 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Bolivia
02.06.2016 20:34:48 179.58.117.62 51689 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Chile
02.06.2016 20:34:48 191.117.2.220 3593 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Chile
02.06.2016 20:34:48 191.119.158.20 9154 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Chile
02.06.2016 20:34:48 191.134.50.115 36094 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.229.133.28 27148 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.238.103.51 29667 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Ireland
02.06.2016 20:34:48 191.182.239.204 35494 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.106.139.155 24260 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.35.194.247 64275 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.94.23.29 63218 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.118.222.163 2919 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Chile
02.06.2016 20:34:48 191.27.96.206 11391 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.22.146.17 19425 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.11.91.82 33318 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.60.192.203 20561 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 179.86.104.34 39607 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 179.218.127.28 42472 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.199.255.166 25818 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 179.32.196.75 59188 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.4.192.93 12852 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.76.33.138 55070 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.165.175.142 43483 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.95.208.113 65522 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.248.129.183 39598 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.106.168.110 34871 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.43.30.162 8050 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.85.215.114 9905 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Argentina
02.06.2016 20:34:48 191.72.34.179 22186 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.94.68.134 10479 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.66.64.165 50720 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.115.105.166 25374 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Chile
02.06.2016 20:34:48 191.187.3.157 59211 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.211.201.42 32162 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.80.174.196 60143 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Argentina
02.06.2016 20:34:48 179.206.37.107 25701 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.34.31.78 45483 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.84.30.220 35974 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Argentina
02.06.2016 20:34:48 179.183.10.219 54594 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.14.217.246 34220 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.198.54.4 65223 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.196.86.68 32617 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.142.41.22 14115 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.59.10.158 39024 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.104.203.72 30956 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.83.189.236 31847 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Argentina
02.06.2016 20:34:48 191.179.65.11 9546 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.48.136.52 6813 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.248.106.69 54866 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.168.196.152 1114 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.111.71.124 31493 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 179.226.109.5 24284 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.74.70.174 49179 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.239.130.202 56528 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Japan
02.06.2016 20:34:48 191.86.199.141 13259 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.225.110.213 39624 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.65.2.8 35147 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.183.141.66 18078 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.239.207.214 20752 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.183.155.44 56682 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.86.33.76 30015 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 191.67.57.227 16239 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Colombia
02.06.2016 20:34:48 191.197.71.252 19314 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
02.06.2016 20:34:48 179.9.182.88 19953 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Chile
02.06.2016 20:34:49 191.117.3.197 27190 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Chile
02.06.2016 20:34:49 191.223.2.49 39992 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Chile
02.06.2016 20:34:49 179.98.174.186 23343 192.168.1.61:8080 [type=Flood-Detection(4026531840)] Drop Packet Brazil
-
fact #4:
this attack is done by a method called smurf attack. my router had within 60 minutes 100'000 request to handle. he did it, but it went laggy for sure.
so all player did leave the nomad servers because of that. as a result of it, you can have a look at the end of my router log after stoping the attack:
02.06.2016 21:40 191.36.176.138:44560 192.168.1.61:8080 [type=Flood-Detection(4026531840)] TCP-Flood Action: Drop Packet
02.06.2016 21:40 179.4.87.187:13288 192.168.1.61:8080 [type=Flood-Detection(4026531840)] TCP-Flood Action: Drop Packet
02.06.2016 21:40 191.203.201.27:57443 192.168.1.61:8080 [type=Flood-Detection(4026531840)] TCP-Flood Action: Drop Packet
02.06.2016 21:40 191.82.98.255 92.107.22.140 [type=ICMP-Decoder(4043309086)] icmp-smurf Action: Drop Packet
02.06.2016 21:41 179.182.157.255 92.107.22.140 [type=ICMP-Decoder(4043309086)] icmp-smurf Action: Drop Packet
02.06.2016 21:41 191.6.100.255 92.107.22.140 [type=ICMP-Decoder(4043309086)] icmp-smurf Action: Drop Packet
02.06.2016 21:41 191.223.54.255 92.107.22.140 [type=ICMP-Decoder(4043309086)] icmp-smurf Action: Drop Packet
you can easy see that my router could catch the end of the attack with this entries (see also above, no entries there after the real attack:
02.06.2016 21:40 191.82.98.255 92.107.22.140 [type=ICMP-Decoder(4043309086)] icmp-smurf Action: Drop Packet
02.06.2016 21:41 179.182.157.255 92.107.22.140 [type=ICMP-Decoder(4043309086)] icmp-smurf Action: Drop Packet
02.06.2016 21:41 191.6.100.255 92.107.22.140 [type=ICMP-Decoder(4043309086)] icmp-smurf Action: Drop Packet
02.06.2016 21:41 191.223.54.255 92.107.22.140 [type=ICMP-Decoder(4043309086)] icmp-smurf Action: Drop Packet
this means that the attacker system had IP adresses of:
191.82.98.255
179.182.157.255
191.6.100.255
191.223.54.255
this does mean that the attacking servers are located at - funny but true - Brazil.
-
fact #5:
because its only a game, i dont really care. i did ask - listen Possessed - my "specialists" at work. and i was really surprised, because they offered
me - oh yeah, i forgot to say what part of specialists they are. they are our ciber crime specialist, btw. at one of the biggest financial institute
of Switzerland - to contact the friends of them at the Swiss Gouverment working for Melanie (this is the Swiss part of the NSA in the States) to analyse
my router/firewall logs in a very deep way. i do stay back with this, but if you try it again, i would like to see what happend there; it will be
a kind of test for me what they can do.
-
fact #2:
... my port 8080 using it, which is not normal (http port is normal 80, not 8080).
so the proof is done, the attacker did know my clanpage and more - the usage of the special port of 8080 :)
I don't know much about ports but I've used more 8080 than 80 so I guess it's not that rare after all?
Interesting thread, let's see what will follow. Hopefully everything will get cleared!
-
Im not an IT guy, but i still dont see a connection, other then that the is from brasil. Is his IP in that list?
And what does a guid with 100 means? Does that mean he is admin on every server ?
-
I don't know much about ports but I've used more 8080 than 80 so I guess it's not that rare after all?
Interesting thread, let's see what will follow. Hopefully everything will get cleared!
It isn't really important, being the port tipically used for http you can usually try and see if the server answers from that specific port.
-
It's kind of funny you started with "fact #1", about pbpower, something that hasn't anything to do with the topic (it doesnt relate to the Ddos in any way), although I don't really agree with the practice either.
-
Im not an IT guy, but i still dont see a connection, other then that the is from brasil. Is his IP in that list?
And what does a guid with 100 means? Does that mean he is admin on every server ?
I think it's the highest PBPower value you can have, which makes you kinda invisible player admin.
fact #1:
server admins, check out the following file, located at your system/pb folder of aa2:
pbpower.dat
this entry will be appended to this file, you will be surprised:
[06.03.2016 18:00:22] 100 7695df6c0524a57e511e2f720f56db46 "?"
the value of 100 will give to this GUID high power on your server (which you maybe dont want)!! If you try to delete this, it will be appended again by assist.
and another surprise! guess who is in line with this GUID (Global User ID)?
we check now:
aa250logs\Logs\Server30.log:05/02/16 21:49:26 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #8) 201.29.60.184:53314 Possessed
aa250logs\Logs\Server30.log:05/02/16 22:04:39 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #4) 201.29.60.184:64031 Possessed
aa250logs\Logs\Server30.log:05/02/16 22:39:43 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #5) 201.29.60.184:54918 Possessed
aa250logs\Logs\Server30.log:05/21/16 03:21:17 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #2) 187.78.164.96:55316 Possessed
I can verify this, I found the very same file from both IGC and BIG servers with 78 rows of same command, giving pb power for same GUID, I don't know for whom it belongs but Im sure Merlin has it right over there.
Im curious as well why on earth this PB Power thing was done, my guess is it's connected to the drama we had when Pit got booted, guess Possessed wanted to make sure if he sees him online he can deal with him straight away? :?
Also like Placid said nothing there seems to be connected to any person, so maybe these are two different cases: PB Power - gate and DDoS attacks
-
I think it's the highest PBPower value you can have, which makes you kinda invisible player admin.
I can verify this, I found the very same file from both IGC and BIG servers with 78 rows of same command, giving pb power for same GUID, I don't know for whom it belongs but Im sure Merlin has it right over there.
Im curious as well why on earth this PB Power thing was done, my guess is it's connected to the drama we had when Pit got booted, guess Possessed wanted to make sure if he sees him online he can deal with him straight away? :?
which is wrong he shouldn't have power on any servers
-
fact #2:
because of this fact, Possessed will be able to join every server with this extra power and without any knowing of you all.
and i dont want this on my private servers. so i did ban this GUID, Possessed will not be able to join my servers again.
5 days later, i had the first DDoS attack on my internet IP, selected by port 8080, which is my apache servers port, using to add some informations to my clan page.
so the guy doing this attack do know my clanpage and - specially - my port 8080 using it, which is not normal (http port is normal 80, not 8080).
so the proof is done, the attacker did know my clanpage and more - the usage of the special port of 8080 :)
Did your violation log catch any other banned users trying to join than me? I mean you're speaking in this post of Possessed and DDoS attacks as well kind of connecting them together, did he even know he was banned?
-
I can verify this, I found the very same file from both IGC and BIG servers with 78 rows of same command, giving pb power for same GUID, I don't know for whom it belongs but Im sure Merlin has it right over there.
There is a command for this, like a code you need to type, or is this assist related?. But, like you and koden pointed out, it still doesnt mean anything. Besides that, if he doesnt abuse it, i dont care anyway, since he is admin of the game.
-
which is wrong he shouldn't have power on any servers
true, unless Assist Admin badge gives those admin privileges already - which would be totally fine to me, the most important thing is shared knowledge about their rights.
-
Interesting topic :)
-
There is a command for this, like a code you need to type, or is this assist related?. But, like you and koden pointed out, it still doesnt mean anything. Besides that, if he doesnt abuse it, i dont care anyway, since he is admin of the game.
as a player- / spectating admin you can give pb power for any player via console. Depending on the amount the user who has pb power can for example kick others out for some time by themselves.
-
Lol so some guy can just give himself power on any server, what else does he has access too, I remember back then when assist could basicly track everything you do on your pc or some shit lmao
-
Lol so some guy can just give himself power on any server, what else does he has access too, I remember back then when assist could basicly track everything you do on your pc or some shit lmao
way different subject that's been long gone,
-
as a player- / spectating admin you can give pb power for any player via console. Depending on the amount the user who has pb power can for example kick others out for some time by themselves.
only server owners should be able to do that, he has no business giving himself power without consent of server owners, even if it was to stay on top of pit, what he did is wrong and unacceptable
-
Yeah but as I read he has pb power on private servers.. Which means somehow he has access to it or punkbuster idk
-
You know this is my guid because it is explicit written in the PB Config files as:
pb_sv_namelock 7695df6c0524a57e511e2f720f56db46 Possessed
I have no reason keep playing on any of your servers, as it would be unplayable for me.
I don't see any logs of my account getting kicked in any of your servers, so how would I know that my guid was banned there lol.
As someone that manage lots of servers, I'm sure you have seen the PB power line(both at console and config file) many times and is only complaining now to create something that could relate with the posible "attacks". You haven't any matching IP that could support 1% of your statement, Poor attempt. Different from the Attacks we suffered, that came from a know user IP.
Also weren't the attacks from Venezuela? or this isnt important, as you want to blame me for it lol.
So you know ddos attacks by names and types, that isnt what you have been saying about the attacks Auth have been suffering. Now you know how much a ddos attack costs, interesting that you didn't came with all this knowledgment when we were under attack, so we can also blame you for the attacks, right?
Have you ever heard of port scanning or you gonna hide this term as well just to support your bad point?
-
only server owners should be able to do that, he has no business giving himself power without consent of server owners, even if it was to stay on top of pit, what he did is wrong and unacceptable
I don't fully agree. I agree that just kicking people should not always been allowed, however, I think every assist admin, should have kick rights, in order to immediately kick out cheaters.
If I ban a player from assist, he is still able to play as long as he is still in the server, wouldn't it be in everyones benefit if I can kick that cheater out as well - immediately?
I've seen some server admins abusing their powers like hell, while they use OUR assist server for authentication.
What gives them more rights to do this kind of stuff?
I think the above reason to have to kick rights should fully allow me to - in case it's necessary - join every server with admin rights, when it is needed to stop a cheater.
However, the rights should NOT be abused for kicking for no reason. As long as I do NOT see this happening, I'm totally fine to have an admin also handling anti-cheat having kick rights.
I'll ask you a very controversial question:
If an admin kicks me, just because he's powerhungry and doesn't like getting killed, can I then join as assist admin, and kick him, as he is playing on assist server ultimately?
In fact, it's exactly the same behaviour as he did, but as server admin, it seems to get tolerated, and as assist admin, shit just hits the fan.
- Note: This did not happen. I am against that kind of behaviour, I just want to open eyes that server admins should not be immune if they are being toxic. They have a privilege with responsibilities. If you abuse this, I think a punishment should be in place just to stop these practices from happening. This is in everyones benefit in the long term.
-
If I remember, players with lower PB Power can't kick someone with higher PB Power unless they are server admins ;)
Theres a post in our private area, I asked for others to post their PB Guids so I could add them as well, but no one replied, I don't know other admins main accounts, neither their guids(we do not receive player pbguids unless they get a kick), thats why I just added mine, same for namelock.
-
If I remember, players with lower PB Power can't kick someone with higher PB Power unless they are server admins ;)
Theres a post in our private area, I asked for others to post their PB Guids so I could add them as well, but no one replied, I don't know other admins main accounts, neither their guids(we do not receive player pbguids unless they get a kick), thats why I just added mine, same for namelock.
I don't mind if people kick me, I just gather proof if they do so to see if they are abusing their powers, and take appropriate action when needed and confirmed.
-
Probably the matter sounds more "important" than what it looks like, because most people (and server owners) fear about assist staff using it (which would be 4 or 5 people who rarely play the game at all). But in practice, over 5 years, it was almost never used at all, as far as I know. And there's a good reason for it, because it can easily become abuse, and they are aware of it.
-
Assist has no rights on anyones server. Admin can do what ever they want on there server . The only rights assist have is to ban cheats. Any thing other than this is abuse of assist power.
-
Assist has no rights on anyones server. Admin can do what ever they want on there server . The only rights assist have is to ban cheats. Any thing other than this is abuse of assist power.
No. Since assist is needed to make sure your server is the serverlist, they can do it. Tho, it would be nice that this info was public.
-
Assist has no rights on anyones server. Admin can do what ever they want on there server . The only rights assist have is to ban cheats. Any thing other than this is abuse of assist power.
No no, it goes both ways, my friend.
Any Private server admin has no right whatsoever to abuse powers on our auth system, and we have no rights to abuse our powers on their servers.
It seems some PSA thinks they are invincible and can do what they want, this is toxic for the whole community. I've seen people gettting kicked because they spamshot the admin on the server, so he kicked and made a new rule. This is toxic and should be stopped.
Assist should do what it can to stop toxic behaviour. This includes:
- Banning cheaters
- Temporary bans on severe exploits
- Temporary bans on excessive intentional teamkilling
- Appropriate actions for power abuse.
For all assist players, it is our job to create a pleasant environment for them, it is so for PSA, and for auth. I don't think it's fair to make a PSA invincible. He should act like a good PSA. Power abuse on assist will ruin it for other players.
-
I have no reason keep playing on any of your servers, as it would be unplayable for me.
only a short sequence of not playing on my server:
aa250logs\Logs\Server30.log:05/02/16 21:49:26 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #8) 201.29.60.184:53314 Possessed
aa250logs\Logs\Server30.log:05/02/16 22:04:39 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #4) 201.29.60.184:64031 Possessed
aa250logs\Logs\Server30.log:05/02/16 22:39:43 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #5) 201.29.60.184:54918 Possessed
aa250logs\Logs\Server30.log:05/21/16 03:21:17 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #2) 187.78.164.96:55316 Possessed
just another hint for you:
read all more carefully. i did never say that i will send the special forces to you down to Brazil. why should i? only because you did attack 4 times now my servers with DDoS ? :).
you did it again yesterday midnight. thanks a lot for that, because i had to set a trap for you. and remember, this is only a game. players can go to every other server as they like. i will for sure not start to cry when players will be kicked out. but maybe it will disturb the community and the picture of you as well. could be.
i will use your attack now for a test at my work as well as for the work together with the Government's special forces. but for sure i will hold my rights up for taking action against you by law.
-
No no, it goes both ways, my friend.
Any Private server admin has no right whatsoever to abuse powers on our auth system, and we have no rights to abuse our powers on their servers.
Thats not how it worked on AA ever. SO now you believe you have the right to do this why?
It seems some PSA thinks they are invincible and can do what they want, this is toxic for the whole community. I've seen people gettting kicked because they spamshot the admin on the server, so he kicked and made a new rule. This is toxic and should be stopped.
They are on there own server thats what they pay for and its none of assists business. If people want to drop by for abuse thats up to there dumb ass, not yours. You dont need to protect them from abuse of that sort. All the players do is leave and its done. Simply nothing to do with AA or assist
Assist should do what it can to stop toxic behaviour. This includes:
- Banning cheaters
- Temporary bans on severe exploits
- Temporary bans on excessive intentional teamkilling
Correct, correct,correct.
- Appropriate actions for power abuse.
Wrong wrong wrong Nonthing to do with assist.
For all assist players, it is our job to create a pleasant environment for them,
In the Forum and shout box yes it is. In the private servers no its not. Players can stay and be abused if there dumb enough. BUt it really doesnt happen.
[/quote]
it is so for PSA, and for auth. I don't think it's fair to make a PSA invincible. He should act like a good PSA. Power abuse on assist will ruin it for other players.
His server his rules take it or leave it. How simples that? Not up to you to over ride a guy who pays the bills. Like I said AA never done it. you dont have the right. Even if you are doing it for a right reason. Its not you paying the server bill.
[/quote]
Any Private server admin has no right whatsoever to abuse powers on our auth system, and we have no rights to abuse our powers on their servers.
Yes he does rightly or wrongly he pays the bills. Thats is why you dont have the right togo over him.
It seems some PSA thinks they are invincible and can do what they want, this is toxic for the whole community. I've seen people gettting kicked because they spamshot the admin on the server, so he kicked and made a new rule. This is toxic and should be stopped.
And thats is freedom of choise. the players have the same freedom to leave the server empty.
[/quote]
-
only a short sequence of not playing on my server:
aa250logs\Logs\Server30.log:05/02/16 21:49:26 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #8) 201.29.60.184:53314 Possessed
aa250logs\Logs\Server30.log:05/02/16 22:04:39 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #4) 201.29.60.184:64031 Possessed
aa250logs\Logs\Server30.log:05/02/16 22:39:43 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #5) 201.29.60.184:54918 Possessed
aa250logs\Logs\Server30.log:05/21/16 03:21:17 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #2) 187.78.164.96:55316 Possessed
just another hint for you:
read all more carefully. i did never say that i will send the special forces to you down to Brazil. why should i? only because you did attack 4 times now my servers with DDoS ? :).
you did it again yesterday midnight. thanks a lot for that, because i had to set a trap for you. and remember, this is only a game. players can go to every other server as they like. i will for sure not start to cry when players will be kicked out. but maybe it will disturb the community and the picture of you as well. could be.
i will use your attack now for a test at my work as well as for the work together with the Government's special forces. but for sure i will hold my rights up for taking action against you by law.
Honestly, if I were from Brazil I wouldn't play on a European server either...anyhow, whether or not you're planning actions by law, that surely falls beyond the purpose of this forum.
-
"I have no reason KEEP PLAYING on any of your servers"
You can't understand a simple sentence lol.
201.29.60.184 < see edit notes;.
187.78.164.96
None of those IPs are in our database and logs, so If I have played with them, how does it wasn't logged anywhere other than in your sever? I ask any other admin to check this, plz.
If you wan't to do something using the Law, you will have to first provide enough and true data, as you are accussing, it up to You to prove what your are saying, facing the consequencies of begin wrong and losing the law time, don't know how it works in swiss, but here you would end up fined for doing so. also, I don't think you can do shit downhere, I did nothing, I sleep well every night, no headcaches. See you later, trap master rofl.
(the times are in GMT "0", UK time)
edit: the other search ended up with:
Searching again for 187.78.164.96.
[0] => 791151.txt:2016-05-02 19:47:44 | Possessed | 201.29.60.184 | HWID | MAC PLAYER-LOGIN -- 2016-05-02 19:48:26 | JOIN-92.107.22.140:7773 -- 19:48 JOIN-92.107.22.140:7773 -- 2016-05-02 20:51:56 | LOGOUT
[1] => 791151.txt:|cs-Shutdown|2016-05-02 21:48:44 | Possessed | 201.29.60.184 | HWID | MAC PLAYER-LOGIN -- 2016-05-02 21:50:18 | LOGOUT
edit 2: still no return for 187.78.164.96 in the search, but directly looking in the server logs:
2016-05-21 01:20:26 | Possessed | 187.78.164.96 | HWID | MAC PLAYER-LOGIN -- 2016-05-21 01:20:44 | JOIN-92.107.22.140:33022 -- 01:20 JOIN-92.107.22.140:33022 -- |cs-Join another server|2016-05-21 01:21:25 | JOIN-52.67.26.236:1717 -- 01:21 JOIN-52.67.26.236:1717 -- |cs-Diconnected from server in game|2016-05-21 03:24:03 | LOGOUT
03:24 LOGOUT
2016-05-21 08:11:17 | Possessed | 187.78.164.96 | HWID | MAC PLAYER-LOGIN -- 2016-05-21 08:14:05 | JOIN-187.78.164.96:1717 -- 08:14 JOIN-187.78.164.96:1717 -- |cs-Armyops shutdown from Log file|2016-05-21 10:20:43 | LOGOUT
I have nothing to hide :), any admin can confirm that both doesn't show up in the DB, but do in the text logs, that arent regulary used to do a search as it is slow and painful while searching for multiple Data, need to open every log file and check by hand is tedious.
But it proves something, that I didn't got booted from any of your servers (last time I joined one of them was at 23/05/2016), thus I could not know I was banned in them. thx.
2016-05-23 07:47:50 | Possessed | 201.29.90.97 | HWID | MAC PLAYER-LOGIN -- 2016-05-23 07:48:42 | JOIN-92.107.22.140:34514 -- 07:48 JOIN-92.107.22.140:34514
-
i did not say i will plan actions against him by law. i did say i will hold my rights to do so if it goes on. that's all.
its only a game, nothing more. so no need to play with some ones life. really not. but enough is enough, this was my message above.
and i did NEVER EVER manipulate any log files nor the post in here. possessed, it was on a server you did play, it was wantc's. also one of mine.
so now maybe time to stop that shit at all. shake hands, it was funny a bit, but now we should go back to normal.
ok?
and release that moderator shit on forum on my account. thanks.
-
Thats not how it worked on AA ever. SO now you believe you have the right to do this why?
They are on there own server thats what they pay for and its none of assists business. If people want to drop by for abuse thats up to there dumb ass, not yours. You dont need to protect them from abuse of that sort. All the players do is leave and its done. Simply nothing to do with AA or assist
Correct, correct,correct.
Wrong wrong wrong Nonthing to do with assist.
In the Forum and shout box yes it is. In the private servers no its not. Players can stay and be abused if there dumb enough. BUt it really doesnt happen.
His server his rules take it or leave it. How simples that? Not up to you to over ride a guy who pays the bills. Like I said AA never done it. you dont have the right. Even if you are doing it for a right reason. Its not you paying the server bill.
Yes he does rightly or wrongly he pays the bills. Thats is why you dont have the right togo over him.
And thats is freedom of choise. the players have the same freedom to leave the server empty.
Ok, so we agree partially on some points.
However, how does it makes a difference whether I play on their servers, or them hosting their servers on our assist server?
What gives them the right to abuse the powers on their servers, while we would not have the rights to intervene?
As said before, this does not happen, but I am playing devils advocate here, just to open up the discussion and think about it.
Why would they have the right to abuse their powers all they want, on our assist servers, on their private servers?
Isn't it us who pays the bills for the assist server as well? Ultimately, they are putting their servers on our servers. So taking your points exactly like you said, it ultimately is like you said: " And thats is freedom of choise. the players have the same freedom to leave the server empty."
We should not abuse any powers, but imo, neither the PSA should do so.
-
i start to like you Bart, but i guess you know that already :)
its like a company is building a car, then you change the weels. now you have control of the car?
you have to explain that a bit more :)
-
Ok, so we agree partially on some points.
However, how does it makes a difference whether I play on their servers, or them hosting their servers on our assist server?
Not to sure what you mean here. Play there if you like no problem. "our assist" Who pays admin or everyone donations? which would include server admins. They pay for both there end and you end.
What gives them the right to abuse the powers on their servers, while we would not have the rights to intervene?
If you want the right to intervene then you would have to be up front and say we will come in and out of your servers from time to time to monitor admins. Then you have the right because you made it a term and condiction of being a private admin. BTW that word Pirvate really means private, means no ones allowed with out authority
As said before, this does not happen, but I am playing devils advocate here, just to open up the discussion and think about it.
Why would they have the right to abuse their powers all they want, on our assist servers, on their private servers?
Because the pay for the privilage of running a server how THEY like, not how staff think they should. Like I said AA never done that when they paid and only they paid.
Isn't it us who pays the bills for the assist server as well?
No you know thats not true voulentery payments from many others including private server owners.
Ultimately, they are putting their servers on our servers.
No like I said they pay for both. you or some of the staff might pay something towards it? Unless I am wrong?
So taking your points exactly like you said, it ultimately is like you said: " And thats is freedom of choise. the players have the same freedom to leave the server empty."
But you are taking away from them just because you can.
We should not abuse any powers, but imo, neither the PSA should do so.
I think we are all agreed that they nor satff should abuse powers. But you move in the same theme as them but sneaking into private server unannounced. That is wrong on any level. Same as FBI taping your calls just incase.
-
Just to be clear Vegeta; I was merely playing Devils Advocate, I've never heard about any staff abusing powers since I became admin here.
I don't think it's bad to include a ToS about behaviour for PSA though. I really see admin abuse as a problem, since there are just a few servers populated, banning someone just for the sake of it affects their ability to play the whole game, and this is in my opinion not good for the future of the game.
It does not happen a lot nowadays, but it can always happen.
-
I thought this started with assist admin going into servers undetected like merlin said. Thats the part thats not good from assist if its true?? I aint for admins who abuse. But I am for this is our rules and that applys to everyone. So if assist say from the start or even has to bring it in. Just as lobg as its up front terms. Same as server admin. They pay they make the rules as it says in so many servers. I banned only life bans on my server. One chance deal. At the begining I tried to tell people oh please read the rules. no early 203s/ Then arguing with clowns took its toll and it was then break a rules, your life banned. And it worked for me. I had a hardcore base of guys who new the rules never broke the rules and they enjoyed my server with its no nonsense approach. So everyone who liked my server stayed, because they knew there would be no crap just pure gaming.
Every thing just has to be upfront. Then theres no excuses.
-
I thought this started with assist admin going into servers undetected like merlin said. Thats the part thats not good from assist if its true?? I aint for admins who abuse. But I am for this is our rules and that applys to everyone. So if assist say from the start or even has to bring it in. Just as lobg as its up front terms. Same as server admin. They pay they make the rules as it says in so many servers. I banned only life bans on my server. One chance deal. At the begining I tried to tell people oh please read the rules. no early 203s/ Then arguing with clowns took its toll and it was then break a rules, your life banned. And it worked for me. I had a hardcore base of guys who new the rules never broke the rules and they enjoyed my server with its no nonsense approach. So everyone who liked my server stayed, because they knew there would be no crap just pure gaming.
Every thing just has to be upfront. Then theres no excuses.
But that's not power abuse, so that's perfectly ok, as long as rules are communicated upfront.
And we can not join servers as admins undetected. If we have admin rights, we have the special assist dev with it, and the pb power points like Merlin mentioned are not admin rights, they are kicking rights. But it's obvious that we have kicking rights as we can also ban people from whole of assist. How else can we stop catched cheaters from playing?
When we ban them from assist, they are not instantly kicked from a server, this is the way we can do that, but apart from the kicking rights, we do NOT have any other rights, since we do not need it for anything.
This falls perfectly within our responsibilities for anticheat without giving too many rights.
-
i start to like you Bart, but i guess you know that already :)
its like a company is building a car, then you change the weels. now you have control of the car?
you have to explain that a bit more :)
JonnyM and ELiZ did the job what is called today Assist. they did all needed to get this game running WITH honors (auth server) and cheat detection. therefore i give a very loud applause!
but as i did write above, the car is aa25 game, the wheels are aa25assist. that's a fact as well.
about the argument of needing admin rights on the car (the game itself) because of kicking hackers immediately is just a joke, but not even a good one. you know the well known servers are always populated with server owners with admin rights. so really no need to kick any player sitting inside the car (the game). first you have to proof - and you do very very long as i can see with this phyro (which i think is very good to have a correct proof before you ban) - then you have to ban. so it really doesn't matter if a player, who did maybe play this game for years with hacks, just plays another 5-6 hours.
it is just not correct doing so, jumping into the car (the game) as a driver. the owner did buy the car, you only changed the weels (assist). but i also dont care about this. most of you did not abuse it, that i can say here loud and clear. but the power point part is bullshit and you should stop that. because it is hidden.
and the part of restricting me here at the forum is also not correct. before a post of mine is released, an admin or mod has to "control" it. this is a poor part as well as banning pit after years for his behavior agaist a woman who maybe isn't that she do say to all. this i care about. because it looks to me (and others) that you will not hear some facts. YOU do decide what people can read and what not (sounds a bit like a dictatorship you are doing). and vegeta did already say it: we all pay for the server of the auth system (only one is needed). so maybe think again about that all.
doing steps like this will not take out the bullet in the breast of this game.
-
Can you point where I have *drive* your server?
You have nothing to blame me for the posible attacks other than your thougts. Listen, you are not going to get nothing from this patetic thread, i noticed by the sb comments that we have been attacked again, i didnt seen you offering help with your high tier specialists, without the auth your servers are just a bunch of white elephants. Take care of your stuff, let us take care of ours, if you dont like, the door is open for you, makes no difference to me to have you or not around. Its our forums, it open to the public but its not public property, we know how we can manage and if we feel someone must be moderated, we will do what ever we can do to control our forum as we wish, just as you do with your stuff.
Anyway, it obvious I speak for myself only.
-
Two different cases. I buy the explanation for the need of pb power, which even havent been abused. Maybe it should have been told on before hand, but then again many players thought Assist Admin badge would give rights as well. For example Merlin had Assist Admin accounts on banlist with a description that they would have joined his servers with admin privileges, but they have no access to adminpanel nor handle server from console, only this recently added pb power thing - which sounds good to me.
The other case seems to be clear as well...
-
last point from me:
i guess it is not only clear for you, for many others it is also. i would like to see possessed to be a man and tell in here that he did attacked my servers. as i already did tell, i will not take any actions against him. but it has to be stopped now. this would be the right step. and a sorry also wouldn't the the badest thing.
closed.
-
His point about the posible attacks are really bad set up, I already showed that I could not know my guid was banned in his Servers since I did not got booted from any (where are the logs of my account getting kick for begin banned?), last played in his Urban Assault server at 23/05/2016, he posted router logs from 02/06/2016, he said the attacks started 5 days after him banning my guid in his servers (explained above, so this one is already invalid), well, 10 days later since last time I played in his servers, something doesnt match, right?
Its up to you to prove what you are saying and currently what your are saying makes no sense.
You are just trying to kill this project with all this bull shit, I see why you have been on wrong ppl side.
-
i guess it is not only clear for you, for many others it is also.
Yea it's clear that this is a set up, wasn't expecting this from you after all you have done for the project :(
-
But that's not power abuse, so that's perfectly ok, as long as rules are communicated upfront.
And we can not join servers as admins undetected. If we have admin rights, we have the special assist dev with it, and the pb power points like Merlin mentioned are not admin rights, they are kicking rights. But it's obvious that we have kicking rights as we can also ban people from whole of assist. How else can we stop catched cheaters from playing?
When we ban them from assist, they are not instantly kicked from a server, this is the way we can do that, but apart from the kicking rights, we do NOT have any other rights, since we do not need it for anything.
This falls perfectly within our responsibilities for anticheat without giving too many rights.
This should be clear cut and simple. Noone has the right to go in anyones back door for any reason ever.
We know you have theright to ban people for cheating etc. But you dont have the right to go in and ban admin for being abusive or acting like ass holes. Its not needed. Its a poor excuse for going in the back door undetected/ We are not talking about banning cheats here. Its about assist staff going into a private server undetected. Thats the part I say is wrong and unexcep[table unless you made it clear in public, that this is your terms.
-
This should be clear cut and simple. Noone has the right to go in anyones back door for any reason ever.
We know you have theright to ban people for cheating etc. But you dont have the right to go in and ban admin for being abusive or acting like ass holes. Its not needed. Its a poor excuse for going in the back door undetected/ We are not talking about banning cheats here. Its about assist staff going into a private server undetected. Thats the part I say is wrong and unexcep[table unless you made it clear in public, that this is your terms.
Oh, but that's something we never did or will do that way.
-
Why not? Nothing wrong in telling them the condictions of the contract. Never do up front and honset? Really.
-
Why not? Nothing wrong in telling them the condictions of the contract. Never do up front and honset? Really.
I meant we would never ban a server admin like that.
-
knew it but took the risk, banned again at nomads
-
I meant we would never ban a server admin like that.
Ahh I see. But I never thought you would.
-
Yea it's clear that this is a set up, wasn't expecting this from you after all you have done for the project :(
Correct.
+1
-
Im sure its more of a personal grudge against possessed when he banned pit, seems like a good set up but not good enough, get your act together merlin because you are losing your head and friends on this game, you could even ask all server admins to mute you so you can play in peace without getting into arguments. We all want old merlin back where he has put a lot of effort to this game.
-
:) this now is more then funny. also a reason i left all this. some of you do know that it is almost impossible to catch a fucking DDoS attacker. But with the trap i had to do befor the 4th attack has been done, there is a good change for the "top" ones of Switzerland to get the attacker. I do really hope that they can do it. so maybe just wait, stop talking about things you do not know and be surpriced. i bet you will be. then i guess some of you in here do have finally no more friends in here. and that will not be me ;). shame, but the truth will help you maybe a bit to forget. cya when i get the results (would take about 3-4 weeks, because they have other priorities then this).
-
:) this now is more then funny. also a reason i left all this. some of you do know that it is almost impossible to catch a fucking DDoS attacker. But with the trap i had to do befor the 4th attack has been done, there is a good change for the "top" ones of Switzerland to get the attacker. I do really hope that they can do it. so maybe just wait, stop talking about things you do not know and be surpriced. i bet you will be. then i guess some of you in here do have finally no more friends in here. and that will not be me ;). shame, but the truth will help you maybe a bit to forget. cya when i get the results (would take about 3-4 weeks, because they have other priorities then this).
So you admit you have no freaking clue who made the attack, yet you come here saying it's Possessed who did it. Why are you trying so hard kill the game?
-
just for the protocol Mr. Ronski. It is NOT me, who is doing these attacks. and again, give me 2-3 weeks and you will (maybe) have the proof. I am not able to catch DDoSser, but as i told here, i have the connection to guys who can (maybe) do it. it they dont can, then nobody can do it.
-
omg. this is madnes.. I am speechless :shock:
-
"top" ones of Swiss LOL... i think you just bluffed and it didnt work out :banned:
-
Oh man the top ones of swiss investigating a DDoS attack on a game with maximum 100 players at a time. That would actually make me laugh quite a lot
-
just for the protocol Mr. Ronski. It is NOT me, who is doing these attacks. and again, give me 2-3 weeks and you will (maybe) have the proof. I am not able to catch DDoSser, but as i told here, i have the connection to guys who can (maybe) do it. it they dont can, then nobody can do it.
Yes?
First you come up with your five facts saying Possessed is DDoSsing your servers and then in page four you admit yourself that it's almost impossible to catch a DDoSser, you said you have set up a trap if fourth attack would come, you and your specialists would catch the DDoSser. Meaning you have no clue who was attacking against your servers, or you know who it is but you know it very well it's not Possessed. This was very poor attempt to badmouth him and very poor attempt to make playerbase to not trust in Assist Admins anymore. None of your evidence is connected to anything, maybe you trust that people would believe no matter what you say.
They are actually quite hard accusations, I hope you'll get the proof that it was him, otherwise this will all turn against you.
-
Oh man the top ones of swiss investigating a DDoS attack on a game with maximum 100 players at a time. That would actually make me laugh quite a lot
Not for the Game neither for the Auth.
-
I mean cyber crime is taken seriously in some cases but even if you have a friend working at that part of police I doubt they would just check your attack, ofc. you need a good reason etc. They cant just randomly check it someones IP as they might get in trouble
-
if you would understand more about this all ronski, then you would see that i did not tell shit in here at all. 2 of us here do know what happend, one is me.
i did talk about a FINAL proof from very high professionals, you should read more carefully and without emotions. would help you. for me its sure who it was.
and as so often, you do say i am a bigmouth and liar, so where is your proof? read the facts and tell me where i did lie. so wait until i will get the results. and btw., any other attack will change my mind about not taking action against it.
-
if you would understand more about this all ronski, then you would see that i did not tell shit in here at all. 2 of us here do know what happend, one is me.
i did talk about a FINAL proof from very high professionals, you should read more carefully and without emotions. would help you. for me its sure who it was.
and as so often, you do say i am a bigmouth and liar, so where is your proof? read the facts and tell me where i did lie. so wait until i will get the results. and btw., any other attack will change my mind about not taking action against it.
By this far I see it's just word against word - shown evidence proving nothing, which makes it so hard to understand why you are blaming him so hard with no proof? Why you come here saying he did it if you can't prove it, I don't think it's fair.
Then again if you are right at the end, then I need to apologise - but atm with shown facts he seems innocent and therefore there shouldn't be any reason for this topic to even exist.
-
This topic is a joke, stop accussing possessed and move on :style:
-
It's so easy to believe someone when they're telling you exactly what you want to hear Merlin. Please be careful to who you believe.
This is a brutal conversation and instantly brutal attack to someone who is not guilty maybe at all.
So i will ask something and i really hope that we all gonna get honestly answer since there's mixed opinions about this topic. I think that you - Possessed - are able to answer me/to us because this questions is going directly to you. I hope you are honest person and i hope we will get the same answer - the truth. There's lot of people believing you around this community, so don't betray our trust.
So my question is this since nobody asked you:
Did you or did you not made a Ddoss attack on Merlin's server?
Thank you for your answer.
-
Everyone have read the facts, that's why they don't trust what you say, because you really didn't said nothing conslusive, I have showed your facts are just an attempt to blame me, I would not be surprised if you was behind this, because for someone that didn't knew about ddos you now know even how much it costs... You aren't telling me anything about taking actions, if you were right or could do something, you would have did it already, you are trying to scare the wrong person.
Mia, that was already answered posts ago. It is up to him to prove what he is saying, I don't have to prove anything, I'm not guilty nor in a judgement :)
-
can you give an answer to Mia's question?
-
Everyone have read the facts, that's why they don't trust what you say, because you really didn't said nothing conslusive, I have showed your facts are just an attempt to blame me, I would not be surprised if you was behind this, because for someone that didn't knew about ddos you now know even how much it costs... You aren't telling me anything about taking actions, if you were right or could do something, you would have did it already, you are trying to scare the wrong person.
Mia, that was already answered posts ago. It is up to him to prove what he is saying, I don't have to prove anything, I'm not guilty nor in a judgement :)
I do believe you.
Can someone lock this ridiculous thread already? :-D
-
This is a terrible drama, comon guys you can do better...
-
SF][-General_alkos 1h [ASSIST]
I am with all good and I suggest something?let him return back to the pit,and if one thing inscriptions racist banujte it ..He is a good player and we're done with everything.however, only finished with that ..is not the only culprit ..I do not know if something wrong and I wrote ..I did it for all the players wrote.Bok od alkosa
But also to other nations not to provoke ..
we are not all the same and we do not like to ..it's history proved and will never change.because of the stupid faith, church and other things ..we all know everything and do not make the mad and blind ....
bok from alkosa
-
I do believe you.
Can someone lock this ridiculous thread already? :-D
Same as the shout box, if you dont like the thread, stay out. Thats was your own advice yes?
-
Same as the shout box, if you dont like the thread, stay out. Thats was your own advice yes?
Oh there you go, hey my private stalker.. :-)
Do you know what I love about you...?
I love that super cute thing you do when you don't text me back for days! Gah that's so adorable. Can you be so kind and start to do so, for real?
Thank you! :-)
-
There are/have been (at least) three completely different things being discussed here:
1) someone might have DDoS'ed Merlin's server
2) Assist admins have the possibility to enter a server as an admin if they need to (not activated by default)
3) The pb power thing
1) A lot of those IPs came from Brazil and you immediately thought it was Possessed. However, the first few I checked were under a different ISP than Possessed. Besides seeing as they don't map to a specific location within the country, I'd say they're most likely proxies.
Not really an expert in the field, but just something 3 minutes of searching gave me.
2) It's always been the case and it was in fact the case before Assist. The possibilities are within the game and not Assist. Assist admins pay for this game running, we do so with our time. Most of you will probably not have a clue as to how much time this thing can suck.
As server admins should not abuse their right in their servers, we will not do so within our auth system. Again, similarly to server admins, we do retrain the right to act when necessary. As has been stated before, we do not and will not have admin right on any server by default.
We also have the possibility of banning servers from using our auth system. This has been done before as well (most typical (and only one I know of) reason is mods that allow for 2/10/100 kills per kill to be tracked - in other words basically cheating for points/kills/fragrate).
3) I really don't know much about the PB power thing. It might be that it also comes with the global admin right described above, but right now nobody has them enabled. As far as I know, Assist hasn't been updated for a good while so it can't be anything new in principle.
-
nobody would ddos from their own IP, that would be pretty stupid.. theres a lot of sites that offer that kind of stuff.. but it is really random that he got ddosed from Brazil/Argentina lol but most of the IPs are static so you could contact the ISP
-
nobody would ddos from their own IP, that would be pretty stupid.. theres a lot of sites that offer that kind of stuff.. but it is really random that he got ddosed from Brazil/Argentina lol but most of the IPs are static so you could contact the ISP
You're correct nobody would use their own IP. They'd probably try to hide it so much they'd look for IPs/services outside their own country. But it's all just pure speculation to be honest.
-
201.29.60.184 < see edit notes;.
187.78.164.96
None of those IPs are in our database and logs, so If I have played with them, how does it wasn't logged anywhere other than in your sever? I ask any other admin to check this, plz.
you can have the full server log of this day if you want. all what i say is the truth. and thanks for thinking that i would edit a logfile as well as i would try to kill this game. here with the logout of your account (i show this only because you say i am a liar):
L:\aa250logs\LogGUID.txt:L:\aa250logs\Logs\Server30.log:05/02/16 21:49:26 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #8) 201.29.60.184:53314 Possessed
L:\aa250logs\LogGUID.txt:L:\aa250logs\Logs\Server30.log:05/02/16 22:04:39 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #4) 201.29.60.184:64031 Possessed
L:\aa250logs\LogGUID.txt:L:\aa250logs\Logs\Server30.log:05/02/16 22:39:43 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #5) 201.29.60.184:54918 Possessed
L:\aa250logs\LogGUID.txt:L:\aa250logs\Logs\Server30.log:05/21/16 03:21:17 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #2) 187.78.164.96:55316 Possessed
L:\aa250logs\LogOut.txt:L:\aa250logs\Logs\Server30.log:05/02/16 22:04:33 Log: 25AssistSM: Lost Connection (slot #8) 201.29.60.184:53314 7695df6c0524a57e511e2f720f56db46(-) Possessed
L:\aa250logs\LogOut.txt:L:\aa250logs\Logs\Server30.log:05/02/16 22:39:28 Log: 25AssistSM: Lost Connection (slot #4) 201.29.60.184:64031 7695df6c0524a57e511e2f720f56db46(-) Possessed
L:\aa250logs\LogOut.txt:L:\aa250logs\Logs\Server30.log:05/02/16 22:52:18 Log: 25AssistSM: Lost Connection (slot #5) 201.29.60.184:54918 7695df6c0524a57e511e2f720f56db46(-) Possessed
L:\aa250logs\LogOut.txt:L:\aa250logs\Logs\Server30.log:05/21/16 03:21:27 Log: 25AssistSM: Lost Connection (slot #2) 187.78.164.96:55316 7695df6c0524a57e511e2f720f56db46(-) Possessed
and i repeat, it was the server of =(wA'tNc)= we Ain't No clan \_/ - a present of mine to them. if you still say i do lie, then i will ask a player who was online that day. he will remember you. just that much about "i can't find any entries in our database". maybe you have to ask ELiZ, he can confirm this for sure. if you have the need doing so.
@ Ronski: i never did say as a fact (also not in #5) that it was Possessed. i only did say to Possessed that he should listen about the specialists (he made a joke about "my specialists" at shoutbox)
@ Teddy: sure the IP's are not from Possessed, i did never say. they all are from the region of Brazil. it's called a "local botnet". only this i did say. so the attacker is - no fact yet - from Brazil. that's all. i repeat, no need to comment more, i will come back with the results.
-
See edit notes is self explanatory, isn't it? How did you quoted something and didn't saw the entire post? rascality or dumb enough? Merlin, You are a clown.
-
i know i am not the clown, what about you? you dont get it, right.
so say what you want, i dont care. maybe others do understand. if not, no more a place for me.
i dont know why other admins look on what you are doing. Paulo, Nate, ELiZ, the real admins. but i should not care anymore. i really hope i can give a feedback in here in 2-3 weeks. then you would be the biggest clown on earth.
and if you are to stupid or scared to find those entries, then - again - call a admin that can do it!
-
http://history.anticheatinc.com/aa2/ (http://history.anticheatinc.com/aa2/) cant u check ips on here anymore? my old account isnt authorized to check anything on that site for some reason lol
-
@ Ronski: i never did say as a fact (also not in #5) that it was Possessed. i only did say to Possessed that he should listen about the specialists (he made a joke about "my specialists" at shoutbox)
-->
only a short sequence of not playing on my server:
aa250logs\Logs\Server30.log:05/02/16 21:49:26 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #8) 201.29.60.184:53314 Possessed
aa250logs\Logs\Server30.log:05/02/16 22:04:39 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #4) 201.29.60.184:64031 Possessed
aa250logs\Logs\Server30.log:05/02/16 22:39:43 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #5) 201.29.60.184:54918 Possessed
aa250logs\Logs\Server30.log:05/21/16 03:21:17 Log: 25AssistSM: Player GUID Computed 7695df6c0524a57e511e2f720f56db46(-) (slot #2) 187.78.164.96:55316 Possessed
just another hint for you:
read all more carefully. i did never say that i will send the special forces to you down to Brazil. why should i? only because you did attack 4 times now my servers with DDoS ? :).
you did it again yesterday midnight. thanks a lot for that, because i had to set a trap for you. and remember, this is only a game. players can go to every other server as they like. i will for sure not start to cry when players will be kicked out. but maybe it will disturb the community and the picture of you as well. could be.
i will use your attack now for a test at my work as well as for the work together with the Government's special forces. but for sure i will hold my rights up for taking action against you by law.
-
http://history.anticheatinc.com/aa2/ (http://history.anticheatinc.com/aa2/) cant u check ips on here anymore? my old account isnt authorized to check anything on that site for some reason lol
it Doesn't work with Assist and they ALMOST set it private
Merlin, you need glasses. OR: Treatment for Schizophrenia.
-
my very last try for Ronski: i did that say not as a fact, are you that stupid or do you ignore me ;)
shame on you playing this game you do. but i dont wonder really.
-
Ronski quote says otherwise.
Good luck taking actions to the unknown :)
It's really amazing how you pick part of a post that was edited hours before your answer with proper explanaition, I prefer to believe you aren't doing this because you are trying to manipulate the truth, mostly like you need a pair glasses or a pair of bottles lol, your acting like a litte kid that had his lollipop stolen.
To be honest, thanks for the time spent here and for the support, if you wish to quit, I can't do anything, I already stated that nothing came from me, if you are quitting, its because you started it, if it didn't take the way you wanted, its not my fault...
-
my very last try for Ronski: i did that say not as a fact, are you that stupid or do you ignore me ;)
shame on you playing this game you do. but i dont wonder really.
Yea I'm stupid, but lucky me I only need to quote your words under topic named: DDoS and the facts about it :)
-
it Doesn't work with Assist and they ALMOST set it private
that is stupid.. what does assist even run against cheaters, i havent updated PB in years.. there must be a lot of undetected crap out there lol
-
that is stupid.. what does assist even run against cheaters, i havent updated PB in years.. there must be a lot of undetectequcrap out there lol
Feel free to try aisack ;) all bans have been issued because we didn't liked players faces.
-
Ronski quote says otherwise.
It's really amazing how you pick part of a post that was edited hours before your answer with proper explanaition, I prefer to believe you aren't doing this because you are trying to manipulate the truth,
PS Possesed your a clown. :)
I think itsa really amazing Merlin makes a post and you delay and hide his post until such time as you think its ok to post it and let the public see what he said. Wonder if your doing what your spewing? Why you hiding all Merlins posts?
-
that is stupid.. what does assist even run against cheaters, i havent updated PB in years.. there must be a lot of undetected crap out there lol
Look, as of now, there are better chances for a cheater to get caught in here rather than, say, AAPG, despite ACI and all of their "work"...punkbuster by itself is a shield made of holes, people can easily get through that, and they're not getting caught (aside of blatant ones, someone does, but it literally takes weeks if not even months). Last I've heard on aapg was about a cheater who even managed to disable server demorecs while using a speedhack...
-
Feel free to try aisack ;) all bans have been issued because we didn't liked players faces.
well PB used to update when game was popular here and then to be updated on new hacks that were coming out.. I havent seen anything updated since idk when.. And there was stuff that made PBSS look normal too.. Like in upcoming tourny someone could use wallhack (ofc. not too obviusly) just to get info on where other team is going and thats already 3/4 of the round won basicly, if the hack is undetectable ofcourse.. I mean back then was drama cause you saw all files or whatever on PC to keep track of hacks and I guess you removed that.. Now some isrealy or polish nerd can hack ez
-
Look, as of now, there are better chances for a cheater to get caught in here rather than, say, AAPG, despite ACI and all of their "work"...punkbuster by itself is a shield made of holes, people can easily get through that, and they're not getting caught (aside of blatant ones, someone does, but it literally takes weeks if not even months). Last I've heard on aapg was about a cheater who even managed to disable server demorecs while using a speedhack...
Thanks for the reply Koden, sometimes I'm out of patience :) take vegeta question as an exemple, that have been answered 100x times around here.
-
Well I must have missed all of them quote one
-
well PB used to update when game was popular here and then to be updated on new hacks that were coming out.. I havent seen anything updated since idk when.. And there was stuff that made PBSS look normal too.. Like in upcoming tourny someone could use wallhack (ofc. not too obviusly) just to get info on where other team is going and thats already 3/4 of the round won basicly, if the hack is undetectable ofcourse.. I mean back then was drama cause you saw all files or whatever on PC to keep track of hacks and I guess you removed that.. Now some isrealy or polish nerd can hack ez
It isn't easy. Just check our hall of shame.
Probably less than 1% of the people there would have been caught with even an updated PB. The reason it isn't updated is because evenbalance doesn't officially support AA2 anymore.
We have better AC now than the core game ever had. One of the reasons is because the player base is limited, it is actually manageable (which it wouldn't be if we had thousands of people online constantly).
-
Any updates yet? I want to see possessed behind his monitor ddossing the servers. If there isn't any proof it would be fair to make him an apology, since it's quite a serious accusation.
-
Any updates yet? I want to see possessed behind his monitor ddossing the servers. If there isn't any proof it would be fair to make him an apology, since it's quite a serious accusation.
yes, it is like the one almost everybody did to pit, right? and no one did apology, correct?
as i did say, my "case" have not really priority at the swiss gouvernment, but when they have time and they will find nothing related to possessed - which would not mean the he did not do it - the i would for sure apology for my statements.
-
so far, no news about the first attack. but i can say that i guess the other attacks are not coming from the same person. now it is real ddos attack like professionals are doing - the focus are udp ports now, not only tcp which make a handshake. with some few very big packages you can fill up the bandwith of the target. so again this morning and the days before:
[/code]
29.06.2016 11:30 100.38.225.228:1900 92.107.22.140:64115 warn adp wan1 udp Rule_id=1 from WAN to Any [type=Flood-Detection(4026531842)] UDP-Flood Action: Drop Packet
29.06.2016 11:31 42.118.218.137:43129 92.107.22.140:14610 warn adp wan1 udp Rule_id=1 from WAN to Any [type=Flood-Detection(4026531842)] UDP-Flood Action: Drop Packet
29.06.2016 11:32 1.53.101.124:39537 92.107.22.140:39037 warn adp wan1 udp Rule_id=1 from WAN to Any [type=Flood-Detection(4026531842)] UDP-Flood Action: Drop Packet
29.06.2016 11:33 222.218.99.111:35530 92.107.22.140:58838 warn adp wan1 udp Rule_id=1 from WAN to Any [type=Flood-Detection(4026531842)] UDP-Flood Action: Drop Packet
29.06.2016 11:34 1.52.43.119:46478 92.107.22.140:37047 warn adp wan1 udp Rule_id=1 from WAN to Any [type=Flood-Detection(4026531842)] UDP-Flood Action: Drop Packet
29.06.2016 11:35 42.117.155.211:36461 92.107.22.140:37047 warn adp wan1 udp Rule_id=1 from WAN to Any [type=Flood-Detection(4026531842)] UDP-Flood Action: Drop Packet
-
and i still dont care about it.
the other case has no priority and i can not push it, because there are still some hard attacks from professional hackers. there is no first come first serve. so i have to wait....
-
if you like to see the whole logfile from the first tcp/ip attack - which i did say was local from Brazil - you can have it. watch the ip's and its location:
http://files.enjin.com/169228/Router-Log.xlsx (http://files.enjin.com/169228/Router-Log.xlsx)
this file will be the base to start to catch the noob ;)
-
So they did check out all the logs i had sent to the specialists, giving also a big reward for getting the truth back of it. I am sorry to say that there is and will not be any way to catch a ddosser doing the job as good as the one now. And if Possessed wasn't the guy also done it once or twice , then i will say here and now sorry. Bye.