Server Compromised
Just wanted to let everyone know that the server was compromised last Friday whenever it went down (was actually caused by the attack). I just found out today that they installed a back door on the system and had almost total access to the server. Who would do such a thing you might ask? No, it wasnt LV, it was drplump. I recommend that ALL users change their passwords IMMEDIATELY. He (and who knows who else) had complete access to the databases over the last few days. Therefore, until a page is made to change your login database passwd (hopefully less than a couple of days), all login servers will be down. This really sucks, I know but its better than someone deleting all your characters on a server you like. I will try my best to have it done as soon as possible. For now, change all your passwords!
|
bummer :(
|
so someone hacked the the emulator and now has access to everything? whats the point in that? and who is drplump?
|
sounds lame if you ask me but whatever >.< just gunna have to find somethin else to do :(
|
This is highly homosexual.
>:( |
wtf is the point in that? I mean the Emu is here for people. Cost free, and anyone can join.. Why the hell would you attack it and screw it up.
|
if i was going to hack something i would hack the real thing
|
Thanks for takeing the time to fix this problem even though it is a lose that it has to be down to do so it is best to be safe and be able to go back to the char's one has made rather then to have someone else messing with them or possibly even getting you banned .
|
If you see this post, you mine as well read the truth, because it'll be deleted as soon as someone with mod/admin access sees it. Why? You can't know the truth!
You guys need to actually care about the project.. this is no surprise to me. I've talked to image tons of times, and it usually all came down to he didn't even care about the project. There's what.. 3 programmers IF THAT left in this project that actually do anything? The website has changed three times.. I think if that. And the current one was made by someone who is infamous for being a retard in this community. My point? You barely ever update this shit, not only that, you have tons of people who have FTP access that have tons of shit that is vunerable too.. TAKE A FUCKING LOOK AND OPEN YOUR EYES. if you ever want this project to have some fire in it's life again, then you need to actually sit down, get some peopel who care (if people even care about this game anymore) and kick back into gear. And what do I think about after a dev reading my post? I'll be banned, no one will care, and the same ol' crap with 3 month updates will keep succeeding. I miss the good old days when there were weekly updates. Oh well, I guess everything dies. Nobody should be surprised about such a thing to this project.. if anything, i'm surprised that the whole project hasn't ended yet. Hey like my rank? You guys aren't that secure at all.. time to change the admin passwords! ;) And the people asking why you would hack it? Why not? The developers don't even care about the project, and half the time they do retarded shit. Like attack Lucid Vision Forums for no reason at all besides host their own server. Which may I add: Image, Devn00b, and some other flamers did it. So don't even fucking act innocent, developers of this project themselves are doing the SAME EXACT SHIT, to other servers and projects. So you hypocrits, enjoying the summer? |
You're right, to some degree, but you're still a retard. More retard than right, I might add.
|
Still pretty fuckin dumb
Even if what your saying is true why the hell should it matter they spend their time running it instead of going out and having fun......... WHY WOULD YOU WANT TO COMPROMISE THAT! They spend most of their time just trying to keep EQEmu alive so others can play on it and have fun its simply retarded to try and take that away. :x :x :x :x
|
Trixy is it that time of the month again?
|
I agree with dude that called you a tard! I watch every day as these people build and run this thing, and I for one wouldn't put up with the crap that people put them through. So think what ever you please, I thank them for what they do.
|
...
i dunno much about this project....but ur wasting my time and everyone elses time u fuqin idiot...bad enuff i play this game...now i gotta sit here and stare at these damn forums cuz i dont wanna patch to live and fuck it up....thanx =) appreciate it ...
ya kno what ill prolly get flamed for this message but i dont give a shit.... |
Bottom LINE!!!
Is there a way to run your own PUBLIC logon server?? I know minilogon does the local net well but is there a full featured Public Logon .exe out there somewhere??
Just my 2 cents. vashadow |
=)
if ur 2 cents gets u anywhere =) let me kno
|
lol
:lol: :lol: :lol:
Cruelty |
Trixy: you are so fu**ing wrong. maybe sometime the devs do do stupid stuff, but wtf? they cant have fun too? they arent some special kind of human breed that is supposed to be perfect or not do anything wrong. plus, this is fu**ing free. people do have a life you know...if you want weekly or daily updates, go to live. if you want people who care 90-100% about the project, go to live. you just need to step back and realize where you are: EQEmu.
So here my advice to you, YOU open YOUR eyes. |
yea what he said ya jackass
|
Well allow me to add my two sence into this subject. You first said that, if they accually cared about the project that more might accually get done in the statement below.
Quote:
Next you said... Quote:
Quote:
And you say... Quote:
And also I find it kind of funny, how you said this... Quote:
On to the next thing you said.... Quote:
Also.. Quote:
I am not one to talk because I have had my faults before also but seriously man, you have no right to flame this project that is purely acting on the benefits of others that dont want or cant afford 15$ a month to play eq or deal with sonys crap. They may not be perfect but heres my final words... LETS SEE YOU DO ANY BETTER! |
:cry: :cry: :cry: :cry:
It brings tears to my eyes when i see people stand up for what they believe in! :cry: :cry: :cry: :cry: Trixy you got OWN3D |
People don't care about this project? You're joking, right? I'm just a third-party tool developer, but I wouldn't have put two man-years into the admin tool and OpenZone if I didn't care about this project and if I wasn't *really* interested in making something special happen here. If devs are leaving, maybe it's because this isn't a job, in case you haven't noticed, and people get awfully tired of hearing endless complaints over what is *no more than a hobby*. Before anyone starts complaining about how the devs don't care about EQEmu, they should first, in my opinion, spend a few months doing actual coding. If you can't play because the devs aren't working fast enough, I guess that's just too bad. I could probably play if I wanted, but in case anyone hasn't noticed I've been more interested in furthering the project *by coding*. Those server operators who have seen me on your servers can probably count the number of times on two hands. I'm still patiently waiting for 0.5.7 final to come out, after which I fully intend to port my ZoneProxy changes into it and release a 0.5.7-ZP. I don't have to do this: I want to. This isn't my job, so unless someone wants to start paying me $35+ an hour, don't complain if I change my mind. You should start thinking of the devs the same way. They're doing this out of the goodness of their hearts.
Do the devs care about EQ or EQEmu anymore? I'm not a dev, but I've been around here for a long time writing tools so here's my $0.02. EQ can only offer so much. You can hunt for only so long before seeing everything, or at least seeing enough dimensions of the game mechanics that it pretty much amounts to the same thing. EQ has virtually no story, for instance, and of course it's all but impossible to create one without a dedicated team. Remember, EQEmu is a *hobby*. It's really hard to build a team when everyone is a volunteer, and it has to be done one server at a time. I don't know what the answer is, but here's a shot in the dark. I think EQEmu is cool, but I think the effort is spread too thinly -- not amongst the devs, but amongst the *users*, especially those who run servers. I think the project would benefit a lot more if there were less servers but people instead pooled their resources to build "super servers" instead. The only point to be here, it seems to me, is to create something *better* than EQ. We're here because we're sick of EQ and want something more (as for myself, it's been so long since I've played EQLive that I've literally lost track of how long it's been). I think that's what this project lacks and why it seems like there's no passion. An EQEmu server, a "super server", should have an engaging story, with quests that actually lead players on a journey instead of the simple "fetch this and turn it in" quests we all know and loathe. It should have custom content and even custom zones if possible (frankly, I think it's a necessity, otherwise servers will always be doomed to be EQ-lite). It should have custom rules. There are servers that have some of these characteristics, but they are precious few and, not to offend anyone, but I think haven't yet scratched the surface of their potential. It all comes down to focus, dedication, passion, and manpower, which is hard enough for a hobby without spreading ourselves out so thinly. I'd rather see five super servers that were phenomenal than sixty servers of the kind we commonly see today. People here are always comparing EQEmu to EQLive. I think this is a *huge* mistake. EQEmu should *not* attempt to be "EQLive without the suck". It's impossible. EQEmu servers should strive to be something completely different, and there should be frameworks in place for people who don't run servers to submit content. There should be some *modular* way for people to submit storylines, quests, mobs (types, locations, treasure, the whole shebang), zones, and so on. I don't think these things are there yet, and sadly I don't think people see the importance of them. Anyway, these are my ramblings in the five minutes I've been typing. Take them as you will. Either way, I plan on retiring from EQEmu awfully soon, from another thing that affects us all: total EQ burnout. WC |
Very well written, but just to end a confusion that might come up. Sorry im a newb... You said..
Quote:
EQEmu Admin Developer In my opinion, you are a EqEmu Dev. Dev meaning Developer, I believe that your contributions to the Everquest Emulation Comunity make you a Dev. Perhaps you dont have the obligation as the other dev's have but, im my eyes I look up to you as a dev :) ... |
Bump..
Is there any way to run your own public logon server? ?? |
Okay, I'm not a *server* dev. I stand corrected.
WC |
I respect all of the dev's that have put work into this project, it is alot of fun...and i do agree with him...There should be less servers and more work put into the few servers that are made, Eqemu is so into keeping up with EQlive that this will never get anywhere, You should stop trying to be like EQlive and fix what we have...im just a newb...you might be trying to keep up for a reason...i dont know, but im just a player, if i could help out i would...my IQ is 0 when it comes to computers so i play with what i have i cannot complain..which i do anyway...Im just here to have fun like everyone else is im sure and i hope someday there will be someone who will fix the way this game is being ran =)
|
Well, I hate to add to a flame fest, but that post by Trixy was pretty much wrong on every point as far as i can tell.
Anyway, on to my real reason for posting. The attacker apparently had access to the DB with all the usernames and (apparently) plain text passwords. Its a pretty fundemental security practice that plain text passwords should never be stored (or even transmitted). It should be pretty simple to store sha1/md5 hashes of the passwords and compare those rather than the plain text passwords. Now maybe all the devs are aware of this and there might be a good reason for not doing this that I'm not aware of, so I guess you can consider it a feature request. |
I've said this before and I'll say it again: EQEmu needs its own client. I don't know if SOE is actively trying to break EQEmu, but it seems to me that they're doing a pretty good job of it. I think we know enough about content file formats that it's possible to write a client. This might not have been possible a year ago, but I think it is now. I considered trying it myself once, but I don't know enough about netcode to feel confident about it, and I'd do it in Delphi which would be the kiss of death. A client needs to be written in something that many people can maintain, and at this time that seems to be only C++.
I can't stress this enough. With its own client the dev team could freeze the server code and stop trying to keep up with SOE. They could concentrate instead of perfecting features and making EQEmu something really special, with its own ruleset. If they're worried about SOE's wrath (though I can't for the life of me think of a legal reason why) then a third-party team could create it, but nevertheless I think the time has come to divorce EQEmu from SOE's client code once and for all. WC |
amen
|
GOOD IDEAS!!!!
Thats a great idea! It shouldint be too hard anyhow if verant and sony did it to CREATE eq, although it would have been a few years ago and a big PITA now, it seems like the perfect resolution to our problems with multible people comign on saying how things are messed up, lol.
I know it would be a real pain, but its not impossible or hard, just painstakingly long, please, get on it :):). wish i could help.... |
Hello,
Trixy, open your eyes and stop to be struck in the vision you have of the world, yes some devs are leaving, and ? Nothing is static in our world, all thngs evolve, people are joining and leaving, this how its working and you wont change it. What i will call the "Core Devs" are aware of this "problem" why do you think they created "Junior Dev" rank ? For me, EQEmu will die the day EQEmu "Core Devs" will leave the project, which i hope, will never happen, because for me, EQEmu has a real potential that no server showed, the only server that started to show EQEmu potential is Winter Roar, but Winter Roar only show 1% of what can really offer EQEmu. I totally agree with WindCatcher about what he call "SuperServer", and this is why i started EverQuest Anthology Server project 2 months ago, i want to offer to players something else than the "Old Good EQLive" that all other servers are offering. EverQuest Anthology will be based on journey quests not XP grinding, contents will be totally new class, new spells, new items, new gamedesign, and new zones, this for me, what is a CUSTOM server, a server offering a total new custom contents, not just only 1000 items and 20 spells added to the server running a DB copied from EQlive and modified a bit. I was REALLY choked and surprised this week while speaking with Scorpious2k, when i learned that since OpenZone exist NO ONE created new zones for their servers. I would like to salute WindCatcher persistance in improving OpenZone, because this make a moment now he is improving his software and NO ONE ever used it. We will be glad in the next weeks to post screenshots about our new zones, to show to other players the wonderfull job WindCatcher is making with OpenZone, and this way EQEmu community will start to have a look at the real potential of EQEmu. I say this to all players experimenting for the first time EverQuest Anthology Server, they are lost, they dont know what is happening to them, and most of the time, half of them just leave without trying to understand. You guys, are struck in your EQlive mentality, like WindCatcher, i think that comparing EQLive to EQEmu is a huge mistake, because EQEmu can offer you much more to you than a basic EQLive copy. I hope that you wont leave EQEmu Project soon WindCatcher, honestly, because we just started to use your software and having you leaving EQEmu Project would be a big loss, without 3rd Party Tools, EQEmu is a girl you cant have sex with~ |
Quote:
Servers would become more abundant and have much more content if people weren't worrying about whether or not a patch was going to break things etc. There would also be a LOT more players within this community. That's just my opinion. I personally don't plan to do much with EQEmu until it is more stable and has some sort of freeze on it. Just too much work for so little reward to customize a server and database and then have it shot to hell in a following patch. :) |
I care about eqemu.
/hug eqemu. I might be gone as a dev/admin (btw seems im still the admin of the dev cvs system so if i realy wanted to i could add stuff =P) but EQEMu will live on in my heart. Yeah the current template for the website was made by tuxracer OMG he is this that and the other, but you cant deny he did a decent job on the basic site. Since then its been redone by Lethal and Rogean sooooo many times. Oh nos! we dont update the code EVERY DAY the sky is falling the sky is falling!!!!!!! as for my run in with LV. Ive talked to gheck since then and we kinda laughed about it. Infact i owe him lunch thanks for reminding me guess i'll go post there next. I could have done far worse to them (rooted their box, buffer overflow their mysql to cause a dos on their own server, ect.) but i didnt, that wasnt my goal. Its funny in retrospect that image took most of the heat for it. He was there yes, but couldnt stop me even if he tryed. Guess i wasnt as hated arround here as i had once thought =P I was upset after somone pasted some pm's from their forum to me. Reading that some (not all) lead LV where planning to hack me, or have others try, was not acceptable. Given the situation and the bit of info i was given i did what i thought was right at the time. Looking back might not have been the best thing to do, but i did it. Whoopdy fucking do. get over it. They have. Ghecko if ya by chance read this post pm me yer pay pal fewl i need to send ya yer lunch $$. |
Quote:
I disagree. Undertaking reimplementing a full 3D client is a major undertaking. Most SoE patches that "break" EQEmu are OpCode changes. Less often structure changes. Even less often major changes like the 6/22 reinstitution of login crypto. The first two would be solved a lot faster if: 1) People were half-way smart about patching. Backup before you patch. It's not a new thing. 2) Don't just sit there and bitch about it. Get on Live and collect some packets. Don't have a live account? Find a buddy who does and get him to or use his account. 3) Pull the code and fucking fix some bugs yourself. This is -OPEN- source remember. We recover from most patches pretty quickly, I feel. And the smarter people are about patching the longer they will be able to play while we become compatible with live. |
I agree that it would be a large undertaking to rewrite the entire client. It would certainly be good, but it seems almost impossible.
What's being done on Winter's Roar is, to me, the best approach to handling the issue of patches. Granted, there may be some copyright infringements that EQEmu doesn't want to get into that may be involved with the distribution that WR uses, but the system seems to work. It would be a shame to see EQEmu die. I thoroughly enjoy playing it, and I appreciate the work which the devs put into it. |
Don't listen to any of the crying, you guys are doing a great job and the MAJORITY of us appreciate the hell outta it.
Semper Fi!! |
Oh no! If eqemu makes their own client! More newbie questions!! arrghh..
1.) "One that already exists but even more o fit" Where can I download the emulator for eqemu!? 2.) Why cant I load my own server? 3.) WHY WONT ANYONE HELP ME????? 4.) Can someone send me the eqlive files? The eqemu client broke my everquest :( But I think a eqemu client would > SOE Updates but also, keep in mind that we need a server that can hold up to 2gigs of EqEmu Files. And also, this would be one heck of a project and you would need all dev's in on it, so you would have to stop all source updates. I completely support the idea though :) Although, I think this person "Soms" should be banned because he is a person in mIRC that IS a Senior-GM on everquest live and threatens to ban peoples eqlive accounts from looking up their ip address on mIRC and tracing ip's to accounts they play on... I seriously suggest their IP is G-Lined.... but other than that.. sounds like a good idea :) |
Quote:
I do give them credit, especially Image for standing by the project through all the shit it's gone through. You CAN have fun, but that's not THE FUCKING POINT I WAS MAKING. Please read ;) If you want to start making a big deal about something that doesn't even matter. Drplump compromising anything, I doubt it, he wasn't the reason for the down time, he had access to the database, what was he going to do, steal everyone hashes to login emulator accounts that mean shit to him? Drplump wouldn't do shit like that. But yeah, the main point out of what I was trying to say was not even pointed to you, it was pointed at the devs. Good job being hypocrits. Now, thanks for your mystical retorts Melwin, and everyone else just going, "LOLOLOL HES A TARD LOLZ". But if you actually read my post and had the brain the size compacity of a pea, you would understand what I was trying to say. I've been here since the beginning, i've been with projects since HackersQuest's beginning. It's open source, it's free, they do it for free, yes.. but there is more to things then you think. "SERVER COMPRISED" Forums: YAE YAE, HE'S A IDIOT, TARD, LOL OLO LO LOL. If anything, I think the projects downfall is the users support. I even blame myself for this. But not enough people support the project. Again, whatever.. I don't even care, I just came back to post something cause I find it funny as fuck that drplump was quickly banned. As for the person asking about the public loginserver.. that was forfeited a long time ago, and it was only to a certain extent, it would need to be updated heavily as the loginserver has changed its protocols and been redone totally (as of the new expansion, or whatever the reason they made the loginserver all pretty now). Lucid Vision hexed the minilogin to allow more slots. That's not the reason the devs messed with LV, there was more to it, I won't go into details, because it doesn't even matter, it's just the point.. that the devs are great hypocrits at this point. Edit: Just read devn00bs post. I'm glad you can think of it all lightly, cause I was being light about the situation, infact, I don't even give a fuck, I was saying what I thought, because it's the reality of this project. I'm disappointed the way it turned out, not because of what the devs are doing, but because of the way its gone. It used to be an awesome community, but like I said before, everything dies. |
Quote:
Oh, Thats right, I guess I overreacted a bit when I banned him so "quickly". I mean, it must have been an accident on his part, right? He didnt mean to install a backdoor on the system and then exploit it, he was just looking for the bathroom, right? BTW, just in the off chance you didnt catch it, I was using a little sarcasm. |
Hey, this isn't where I parked my car!
Trixy, why would we just be like "Ok DrPlump, just don't do it again ok ^_^ I love you so much your so cute" |
| All times are GMT -4. The time now is 04:44 PM. |
Powered by vBulletin®, Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.