Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Re: Server attaked by Disconnect hacking tool

Newbie Spellweaver
Joined
Jun 20, 2009
Messages
12
Reaction score
1
Re: Server attaked by Disconnect hacking tool

samething my server .. when open port and pulic ip in hotuk ! crash affter 5 mins! but nothing happen when closed port!
 
Last edited by a moderator:
Custom Title Activated
Loyal Member
Joined
May 26, 2007
Messages
5,545
Reaction score
1,314
Re: Server attaked by Disconnect hacking tool

This was originally necromancing .

FYI, HyVong, our rules say you should not resurrect a thread with no activity for over 2 weeks. (we consider the conversation "dead") However, I do appreciate your attempt to find information which fits your current problem by searching, so I certainly won't apply any penalty to your account for this. :D: Best practice is to start a new thread, and link to the closest historical information you could find, as I have done here. The BBCode is:-
[URL="https://directwebx.ragezone.com/~ragezone/xenforo/index.php?threads/892930/"]this thread[/URL]​
You can find the "thread=" code in the url... so this new thread (for example) would be 918909. :wink:

Back on topic... if you are opening ports to the big wide world of the internet, one presumes you are logging active connections to it. The question is not if it stops when you close the port (of course it does, PT won't work if the port it's bound to is closed) but if the same IPs, or a range of similar IPs (check WhoIs, if you don't have a WhoIs client installed, you can use a page like et.el.) are connecting every time it happens.

Blocking the range of IPs will ensure you block the hacker, regardless of IP reallocation. So, if it was Google, and they where on DynIP (which we know they are not) their IP is 173.194.34.66, and the block of IPs their provider purchased to allocate to them is 173.194.0.0 - 173.194.255.255. (as determined by on 22nd March 2013)
Code:
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=173.194.34.66?showDetails=true&showARIN=false&ext=netref2
#

NetRange:       173.194.0.0 - 173.194.255.255
CIDR:           173.194.0.0/16
OriginAS:       AS15169
NetName:        GOOGLE
NetHandle:      NET-173-194-0-0-1
Parent:         NET-173-0-0-0-0
NetType:        Direct Allocation
RegDate:        2009-08-17
Updated:        2012-02-24
Ref:            http://whois.arin.net/rest/net/NET-173-194-0-0-1


OrgName:        Google Inc.
OrgId:          GOGL
Address:        1600 Amphitheatre Parkway
City:           Mountain View
StateProv:      CA
PostalCode:     94043
Country:        US
RegDate:        2000-03-30
Updated:        2011-09-24
Ref:            http://whois.arin.net/rest/org/GOGL

OrgAbuseHandle: ZG39-ARIN
OrgAbuseName:   Google Inc
OrgAbusePhone:  +1-650-253-0000 
OrgAbuseEmail:  arin-contact@google.com
OrgAbuseRef:    http://whois.arin.net/rest/poc/ZG39-ARIN

OrgTechHandle: ZG39-ARIN
OrgTechName:   Google Inc
OrgTechPhone:  +1-650-253-0000 
OrgTechEmail:  arin-contact@google.com
OrgTechRef:    http://whois.arin.net/rest/poc/ZG39-ARIN

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#
This is a typical WhoIs response record, but different ranges are allocated to different providers, and they, in turn, format their WhoIs response sheet differently. The same basic information has to be within it.
 
Joined
Jul 24, 2006
Messages
881
Reaction score
579
Re: Server attaked by Disconnect hacking tool

I monitor my server using Net-Peeker.

It is a marvelous piece of software, it is not freeware, I bought it, well worth it for the capabilities it has.


HyVong - Re: Server attaked by Disconnect hacking tool - RaGEZONE Forums


Constant network monitoring, able so see every packet your computer send an d receives, it is marvelous.

And it is not detected by any anti hacking software like xtrap. Whihc I probably should not have said... But there you go.
 
Custom Title Activated
Loyal Member
Joined
May 26, 2007
Messages
5,545
Reaction score
1,314
Re: Server attaked by Disconnect hacking tool

Yea, XTrap shouldn't get shirty about stuff like that anyway. Most people connect via a router or gateway. If you aren't in control of it, your ISP will certainly have one the other end.

These always log outside connections and who's using them. Unless you turn logging off... but why would you do that?
 
Back
Top