Hi everyone

Today my network is being hacked by a guy named (Username: HeCosmin NickName = DDOssing).

Pls protect your network against ddos attacks .

IDanTec ( Bass-Driver)

From where you know that your server was hacked by he ?

Quote from sarxes :

From where you know that your server was hacked by he ?

He went to our server,
He was crashing against other drivers.
I said , to stop or ill kick/ban u.

He said: i can shut your server down, i have your ipadress.
he showed me my ipadres which was right.

and he start with his action. and BAM everyone lost connection.
and i tried to start the server back up.
everyone joined the server again and he said . SEE I SHUT YOUR SERVER DOWN

so i banned him. and he start with attacking me again.
why whole network was down. and it took me atleast 30 min to everything running again.

There were 6 users in my server.

i have no replay :S or pics. but it can be proofed by the 6 users.

I belive for you ! If you know the six players name and the hackers username report to develpers !

some proof

Seen it before. Devs already know.

lol and they did nothing??

Didn't occur that often yet and I didn't spend enough time on it myself to recreate the problem. Talking about bringing down servers here would speed up the process though.

If he crashed your server, you should have his IP and therefore be able to configure your firewall accordingly. Script kiddies with LOIC and stuff should be easy to deal with...

Mmm that is interesting, about a month or so ago we had this same guy do much the same thing on our server...a quote from our forum :-

Quote :

This guy HeCosmin
I kicked him becourse he had no respect for others....
He came back typed ip and shut down and server went down???
Can someone look into this and restart server S2?
What an a**e that guy

I had a good look at the server log at the time but saw nothing unusual and so presumed it was a coincidence as our server host had been playing up.

Hopefully the devs can at least ban the account?!

he actually showed my ipadress

he did a DDOS attack. my whole network was completly shut down.
had to reset everything ( router /modem ) and it took me atleast 30 min to get everything back online.

Generic routers for home use behave very badly under DoS-like conditions. I can blow up mine very easily with a simulated DoS. If a home router is the best you can do, at least check if it's possible to install a WRT-based firmware on it. That should let you configure iptables which have effective means to counter DoS attacks. However, hardware limitations of cheap routers still make them quite vulnerable.

How do we deal with it if our server is hosted by say 500Servers?

Then you can't, hoster needs to deal with it. And router/modem is not really a problem at a datacenter, it's LFS.exe itself causing problems.

Quote from cargame.nl :

Then you can't, hoster needs to deal with it. And router/modem is not really a problem at a datacenter, it's LFS.exe itself causing problems.

Ah I see, thanks.


After looking at the LFS racers database, I guess he has two accounts...did he pay for two accounts just for this or did he get free accounts?

I gave him his second account.
He begged me for it.

Quote from Bass-Driver :

Pls protect your network against ddos attacks .

IDanTec ( Bass-Driver)

I wonder how to do that. The only safe protection is to pull out (your network cable)

i thought my DDos security was off in my own router(NETGEAR WNDR 3700) , but it was turned on (Standart).

but i've got a new modem/router from my ISP (cisco blahblah). so i checked the options there. and every security options turned off. OMFG

u believe that?? A ISP Router/Modem with all the security options off.
so i turned the nessesary option on. and i hope now that i'm protected against ddos attacks ( small ones).

https://www.lfs.net/?page=mailus
Report the turd and hopefully the devs actually do something and perm ban that knoble.

Quote from CheerioDM :

I gave him his second account.
He begged me for it.

I think you should stop being so nice and give S2 only to people who deserve it. Do a competition or something.

Already did that, that also fails.

Best thing is to give out fresh accounts, let them fully own them themselves after one year otherwise withdraw it (changing game password, wipe stats) and give it to someone who deserves it more.

Quote from KiRmelius :

I think you should stop being so nice and give S2 only to people who deserve it. Do a competition or something.

:feedtroll

Lickily you can purchase DDoS prevention software for your router. It also masks your ip so its like a Proxy for your router. The incoming packets will be sent to a massive network than can handle all the attacks and then your pc will connect through that network.
Another option is a VPN but these can get very expensive. Baisicly masking your ip.
The hacker most likely ran CMD and found your ip via that or hes got a program to do it for you. Its rather easy as you decrypt the ip addresses connected to s server. Also the attacker was most likely using a Booter. A website that DDoS's for you that you pay for and most of the tine delrtes the logs so that the user in question can do this without being caught. If he was using his own scripts the goverment would already be hunting him down as DDoS'ing is illegal.
The most likely way he disconnected all your users was by flooding the server with "bad" packets or used whats known as a 'lag switch' I hope you understand what hes doing and how to stop the attacks.
As for the server you can report him to 500servers and they will blacklist his ip and other information from their servers.

Quote from KiRmelius :

I think you should stop being so nice and give S2 only to people who deserve it. Do a competition or something.

I was joking.

Quote from m1n3rman :

Lickily you can purchase DDoS prevention software for your router. It also masks your ip so its like a Proxy for your router. The incoming packets will be sent to a massive network than can handle all the attacks and then your pc will connect through that network.
Another option is a VPN but these can get very expensive. Baisicly masking your ip.
The hacker most likely ran CMD and found your ip via that or hes got a program to do it for you. Its rather easy as you decrypt the ip addresses connected to s server. Also the attacker was most likely using a Booter. A website that DDoS's for you that you pay for and most of the tine delrtes the logs so that the user in question can do this without being caught. If he was using his own scripts the goverment would already be hunting him down as DDoS'ing is illegal.
The most likely way he disconnected all your users was by flooding the server with "bad" packets or used whats known as a 'lag switch' I hope you understand what hes doing and how to stop the attacks.
As for the server you can report him to 500servers and they will blacklist his ip and other information from their servers.