Valhalla Legends Forums Archive | General Discussion | What does this mean?

AuthorMessageTime
BaDDBLooD
[quote]
[9:14:23 PM] <*Scope> congrads BaDDBlooD, your being ddoss'ed in 30 minutes or less, by my buddy, cya. Squelched
[/quote]
October 21, 2004, 2:16 AM
Newby
If you didn't give out your IP address, you're safe. Ignore the retard. :)
October 21, 2004, 2:21 AM
KoRRuPT
**Translation**

[9:14:23 PM] <*Scope> I'm a moron, I get my friends to fight for me. Absolutely nothing will happen in the next 30 mins.
October 21, 2004, 2:32 AM
LW-Falcon
You see morons like that everyday.
October 21, 2004, 3:11 AM
BaDDBLooD
k Good, thanks alot everybody ^_^
October 21, 2004, 2:21 PM
peofeoknight
ddos is basically pining someone with large amounts of data from many different locations. Distributed Denial Of Service. Without him having your ip you are fine. B ut if you direct connected with the guy on aim or something he could very well have your ip. But if this was just over battle net, call him an idiot who does not know jack shit.
October 21, 2004, 3:13 PM
peofeoknight
A person once told me they were sending me a trojan on aim... when I had never connected to them or anything. I asked them how and they said through my ip.
October 21, 2004, 7:40 PM
iago
[quote author=quasi-modo link=topic=9262.msg85495#msg85495 date=1098371628]
ddos is basically pining someone with large amounts of data from many different locations. Distributed Denial Of Service. Without him having your ip you are fine. B ut if you direct connected with the guy on aim or something he could very well have your ip. But if this was just over battle net, call him an idiot who does not know jack shit.
[/quote]

Pinging* (Just in case people who don't know about it get confused by that word)
October 21, 2004, 9:14 PM
LW-Falcon
I've had morons threaten to trojan me over b.net in a game, it was hilarious.
October 21, 2004, 11:58 PM
iago
[quote author=Falcon[anti-yL] link=topic=9262.msg85589#msg85589 date=1098403127]
I've had morons threaten to trojan me over b.net in a game, it was hilarious.
[/quote]

If you're running Windows unfirewalled, and you're in a game with somebody, it's very possible to do.
October 22, 2004, 12:38 AM
Skywing
[quote author=iago link=topic=9262.msg85604#msg85604 date=1098405491]
[quote author=Falcon[anti-yL] link=topic=9262.msg85589#msg85589 date=1098403127]
I've had morons threaten to trojan me over b.net in a game, it was hilarious.
[/quote]

If you're running Windows unfirewalled, and you're in a game with somebody, it's very possible to do.
[/quote]
If you're running Windows without recent security patches applied, you mean.  The same goes for many other operating systems, including Linux.
October 22, 2004, 2:40 AM
peofeoknight
In a game you have a direct connection with the other players, no central server, stricly p2p. So someone can easily get your ip while in game. From there on I do not know how they would get a trojan on your pc....
October 22, 2004, 2:44 AM
LW-Falcon
They can get my ip, but how would they trojan me?
October 22, 2004, 5:01 AM
Arta
By exploiting some flaw in your OS, the same way worms like Sasser spread. If you're up-to-date with patches you should be ok.
October 22, 2004, 9:34 AM
iago
Well, Windows default install without a firewall vs. Linux (good distro) default install without a firewall, Windows has about 6 ports open whereas Linux has 1 (ssh). 

But  in any case, yes, it works best if you're unpatched.  But I wouldn't be awfully surprised if there are unknown exploits (particularely in Windows 2000 -- don't forget that XP SP2 was 300mb of mostly unannounced security fixes that Windows 2000 and Windows NT don't get).

My point is, it's not nearly as impossible during a game that it is in a channel or over a non-direct-connect AIM session.
October 22, 2004, 12:06 PM
Skywing
[quote author=iago link=topic=9262.msg85660#msg85660 date=1098446778]
Well, Windows default install without a firewall vs. Linux (good distro) default install without a firewall, Windows has about 6 ports open whereas Linux has 1 (ssh). 

But  in any case, yes, it works best if you're unpatched.  But I wouldn't be awfully surprised if there are unknown exploits (particularely in Windows 2000 -- don't forget that XP SP2 was 300mb of mostly unannounced security fixes that Windows 2000 and Windows NT don't get).

My point is, it's not nearly as impossible during a game that it is in a channel or over a non-direct-connect AIM session.
[/quote]
Actually, some of the Linux distributions released around Windows XP had quite a few probllems with that (e.g. Red Hat, I believe).
October 23, 2004, 7:03 AM
iago
I should have specifically said "Good" linux distros, defined as "Slackware" :)

Yeah, Red Hat (and Kde) have Microsoft Fever. :(
October 23, 2004, 7:30 AM
Kp
[quote author=Skywing link=topic=9262.msg85769#msg85769 date=1098515006][quote author=iago link=topic=9262.msg85660#msg85660 date=1098446778]
Well, Windows default install without a firewall vs. Linux (good distro) default install without a firewall, Windows has about 6 ports open whereas Linux has 1 (ssh). 

But  in any case, yes, it works best if you're unpatched.  But I wouldn't be awfully surprised if there are unknown exploits (particularely in Windows 2000 -- don't forget that XP SP2 was 300mb of mostly unannounced security fixes that Windows 2000 and Windows NT don't get).

My point is, it's not nearly as impossible during a game that it is in a channel or over a non-direct-connect AIM session.[/quote]Actually, some of the Linux distributions released around Windows XP had quite a few probllems with that (e.g. Red Hat, I believe).[/quote]

Without contesting that, I'd like to reiterate that you can get a Linux system down to the state iago described without using a firewall, but I've never heard of a way to close some of Windows default ports without horribly crippling the system.  If there is such a way, please share. :)
October 23, 2004, 4:54 PM
Thing
[quote]Without contesting that, I'd like to reiterate that you can get a Linux system down to the state iago described without using a firewall, but I've never heard of a way to close some of Windows default ports without horribly crippling the system.  If there is such a way, please share.[/quote]

http://www.idrci.net/

Their packet filter kicks ass.  I typically install and configure it before I connect a Winders box to the Internet.
October 23, 2004, 6:19 PM
Kp
[quote author=Thing link=topic=9262.msg85797#msg85797 date=1098555585]http://www.idrci.net/
Their packet filter kicks ass.  I typically install and configure it before I connect a Winders box to the Internet.[/quote]

Neat, and thanks.  But my question was aimed at a defense achievable without firewalling/filtering the box. :)
October 23, 2004, 6:46 PM
peofeoknight
Would someone explain how one would go about sending something to someone by just knowing their ip fi their system is not patched? I am confused as to how that all works? Would you do it through buffer overflow? Maybe my definition of buffer overflow is screwed up....
October 25, 2004, 12:57 AM
Newby
If the port is open, you can get right in. Your definition of buffer overflow is truly FUBAR.
October 25, 2004, 2:38 AM
peofeoknight
well how would one go about getting in through an open port? I am not a leet haxor....  :(
*note: This is not a dumb 'how do you hack' question. I do not need a step by step. I just want a sort of understanding of what happens. I feel it would be beneficial to know.
October 25, 2004, 2:41 AM
Kp
[quote author=quasi-modo link=topic=9262.msg86015#msg86015 date=1098672070]well how would one go about getting in through an open port? I am not a leet haxor....  :(
*note: This is not a dumb 'how do you hack' question. I do not need a step by step. I just want a sort of understanding of what happens. I feel it would be beneficial to know.[/quote]

First, confirm that the victim is running an exploitable service.  Connect to that service and interact with it in the normal manner, except for the exploitable message(s).  A service is exploitable if there are one or more messages which it does not validate fully.  For instance, if it trusts you not to send too big a message, handling for that message is exploitable.  Violate that trust by sending a huge message, and its buffer will overflow.  Data following the buffer will be replaced with part of your message.  Depending on the circumstances and how seriously you overflowed it (one byte vs. one kbyte, for instance), the effects may range from negligible to service crash to remote control.  The last case is what is generally classified as "remote code execution", and occurs when the buffer is near enough to the procedure's return address that your data replaces the return address.  Thus, when the processing code returns, it returns to a location of your choosing.  If this ultimately causes it to return to your message as code, it will then run your message with its privileges.  At this time, the process is doing your bidding.  Malicious users capitalize on this to have it perform actions such as creation of adminsitrative accounts or download/install of more powerful malware.
October 25, 2004, 3:19 AM
Grok
Nice reply.
October 25, 2004, 4:31 AM
iago
To put it simply, to "hack" somebody with a buffer overflow, you send them machine code and trick them into running it.

Kp's definition is excellent, but more technical :)
October 25, 2004, 12:05 PM
MisJudged
Im just wondering how you came to see that? Did you whisper him?
October 25, 2004, 12:24 PM
peofeoknight
Then I was right to begin with, you use buffer overflow.
October 25, 2004, 12:33 PM
iago
[quote author=quasi-modo link=topic=9262.msg86060#msg86060 date=1098707612]
Then I was right to begin with, you use buffer overflow.
[/quote]

You can exploit things other than buffer overflows, however.  Like I said, you need to inject code and get them to run it.  You can do:
- Buffer Overflow
- Heap Overflow (much more difficult to run arbitrary code)
- Format string vulnerability

And probably many others.  A buffer overflow is only one of many possible vulnerabilities
October 25, 2004, 4:58 PM
Adron
[quote author=iago link=topic=9262.msg86057#msg86057 date=1098705904]
To put it simply, to "hack" somebody with a buffer overflow, you send them machine code and trick them into running it.

Kp's definition is excellent, but more technical :)
[/quote]

You don't actually trick them into running it. You trick their machine into running it. Tricking them into running it would be one of the common scam / dialer / popup things.
October 25, 2004, 5:19 PM
iago
True, that's what I meant.  But you're right, your wording is more clear.
October 25, 2004, 6:18 PM

Search