Go Back   EQEmulator Home > EQEmulator Forums > General > General::Server Discussion

General::Server Discussion Discussion about emulator servers.
Do not post support topics here.

Reply
 
Thread Tools Display Modes
  #1  
Old 05-19-2020, 01:53 PM
Ladrone's Avatar
Ladrone
Fire Beetle
 
Join Date: May 2010
Posts: 23
Default from Russia, with love...

I want to thank everyone who has dedicated their time and effort into making this such a great community and keeping the game alive.

For those of you who want to do bad things, I feel sorry for your upcoming visit from Karma.

I recently set up a new server to play a little classic EQ with some friends. At first it I set it up for just a LAN session but then decided to connect it to the internet...

Thankfully I set up a separate router and ISP connection to protect the rest of my personal devices. I cleared the logs on the router and within 10 minutes of forwarding ports and being connected to the internet I was being violated...

[Internet disconnected] Monday, May 18,2020 21:29:11
[LAN access from remote] from 185.176.27.14:59422 to 192.168.2.136:7084, Monday, May 18,2020 21:27:19
[LAN access from remote] from 185.176.27.14:59422 to 192.168.2.136:7085, Monday, May 18,2020 21:17:23

I simply unplugged the ISP as soon as I noticed the traffic, but if I had not been mindful of the traffic I wonder what would be crawling around in my server today.

I am not a network engineer or a software developer, I dabble with tech a little bit and maybe I am just being paranoid. What I do know is that this person in Russia is hot for my patch.


person: ****
address: ****
phone: ****
email: ****
__________________
AKA Soulree Voker & Pakeena Phattee of Bertoxxulous

Last edited by demonstar55; 05-20-2020 at 02:07 AM.. Reason: remove personal info
Reply With Quote
  #2  
Old 05-20-2020, 01:13 AM
Mevlok
Fire Beetle
 
Join Date: Dec 2016
Posts: 2
Default

I am sorry, I do not know the answer, but you really shouldn't have your personal information in your signature. If that is real, I would recommend removing it asap.
Reply With Quote
  #3  
Old 05-20-2020, 02:07 AM
demonstar55
Developer
 
Join Date: Apr 2008
Location: MA
Posts: 1,135
Default

Quote:
Originally Posted by Mevlok View Post
I am sorry, I do not know the answer, but you really shouldn't have your personal information in your signature. If that is real, I would recommend removing it asap.
It's not their info, it's the "hackers" (they provided no evidence they did anything, so I added quotes, I find a lot of reports that someone at that IP port scans people /shrug)
Reply With Quote
  #4  
Old 05-20-2020, 03:56 AM
Secrets's Avatar
Secrets
Demi-God
 
Join Date: May 2007
Location: b
Posts: 1,436
Default

Not entirely shocking. Chinese/Russian/other IPs port scan for services running on non-standard listening ports all the time.

Often times these compromised PCs acting as part of a botnet looking to break into stuff. IE; if you're running a vulnerable FTP server for example, and they discover it on one of the ports when they get the right reply, they'll just compromise the FTP server, or get root access to the machine through an exploit on the FTP server, etc. Same with SSH servers with nothing to stop bruteforcing, etc...

If you are freaking out about someone connecting your machine in any capacity, consider how many people type 'Google.com' into their web browser and connect to those machines serving up your request. Just because someone is connecting to your machine doesn't mean they have administrative rights to it.

That's not to say you don't need to be careful, but generally if someone connects to your EQEmu server and it's set up properly it won't affect anything else on your network.
Reply With Quote
  #5  
Old 05-22-2020, 02:50 PM
Ladrone's Avatar
Ladrone
Fire Beetle
 
Join Date: May 2010
Posts: 23
Default

Thanks, appreciate the insight. Makes sense as long as the server is set up properly I should not worry.
__________________
AKA Soulree Voker & Pakeena Phattee of Bertoxxulous
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -4. The time now is 10:45 AM.


 

Everquest is a registered trademark of Daybreak Game Company LLC.
EQEmulator is not associated or affiliated in any way with Daybreak Game Company LLC.
Except where otherwise noted, this site is licensed under a Creative Commons License.
       
Powered by vBulletin®, Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Template by Bluepearl Design and vBulletin Templates - Ver3.3