gmod Posted September 25, 2008 Share Posted September 25, 2008 Heads up Guys. Following IP from FDC Servers was able to hack our TCAdmin Admin and ban everyone. Still waiting for a response from http://www.FDCServers.net 88.107.92.24 ~Regards If you would like to see the Logs, feel free to email me at payment@gmodhosting.com Admins: Is there any such thing as a global ban for a person like this??? Link to comment Share on other sites More sharing options...
gmod Posted September 25, 2008 Author Share Posted September 25, 2008 He made himself several administrator names: admin22 AdminSupended guestadmin Admin Suspended hacker22 Admin Suspended 123456 123456 michaelhutchings1@googlemail.com Link to comment Share on other sites More sharing options...
gmod Posted September 25, 2008 Author Share Posted September 25, 2008 Hacker 22 also made a Game Server. Investigating the files now. Los Angeles hacker22 208.76.248.166:27015 CSS 40 Slots Link to comment Share on other sites More sharing options...
DougK94 Posted September 25, 2008 Share Posted September 25, 2008 Sounds similar to what happened to a few a couple of months ago. Maybe stupid questions, but are you running the latest TCA release? Did you have active any of the latest TCA security settings in security_config.aspx? Hopefully the root password of your server or servers is not the same as the admin password to your TCA. Link to comment Share on other sites More sharing options...
nosit1 Posted September 25, 2008 Share Posted September 25, 2008 We were running the brute force protection with 5 tried and a permanent ban. I believe they were bouncing their IP's as they attempted to login 25-60 different times until getting in, all different IP's. Link to comment Share on other sites More sharing options...
ECF Posted September 25, 2008 Share Posted September 25, 2008 Time to change your password. Make sure to add some non alphanumeric characters to it. Link to comment Share on other sites More sharing options...
SickPuppy Posted September 25, 2008 Share Posted September 25, 2008 Some A-Hole flooded my live chat with over 45,000 requests causing it to crash and we still have not recovered from it. Do these idiots not have anything better to do? Link to comment Share on other sites More sharing options...
ECF Posted September 25, 2008 Share Posted September 25, 2008 Apparently not.... Link to comment Share on other sites More sharing options...
nosit1 Posted September 25, 2008 Share Posted September 25, 2008 We updated all of our passwords, 12 characters non repeating, crazy suckers that would take a while to crack. Link to comment Share on other sites More sharing options...
studeggle Posted September 25, 2008 Share Posted September 25, 2008 We were running the brute force protection with 5 tried and a permanent ban. I believe they were bouncing their IP's as they attempted to login 25-60 different times until getting in, all different IP's. Sounds like way to easy a password I've had them pounding for hrs before the update and still never get it. Complex long passwords are your friend and if your smart its there are tons of long complex passwords that even a 5 year old could remeber, it just takes some time to think them up. Link to comment Share on other sites More sharing options...
Dan M Posted September 25, 2008 Share Posted September 25, 2008 We had this a few months back, we change our passwords frequently to ensure this doesn't happen. Most of the attacks are based from China / Japan Link to comment Share on other sites More sharing options...
nosit1 Posted September 26, 2008 Share Posted September 26, 2008 This one mainly originated from somewhere in Europe. Link to comment Share on other sites More sharing options...
jcroom Posted October 1, 2008 Share Posted October 1, 2008 I try to change my passwords very often (+/- 30 days). Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.