Silkroad Online Forums

A community forum for the free online game Silkroad Online. Discuss Silkroad Online, read up on guides, and build your character and skills.

Faq Search Members Chat  Register Profile Login

All times are UTC




Post new topic Reply to topic  [ 19 posts ] 
Author Message
 Post subject: BanzaiMonkey's explanation of Hacking
PostPosted: Thu Mar 16, 2006 3:12 pm 
Advanced Member
User avatar
Offline

Joined: Jan 2006
Posts: 2296
banzaimonkey wrote:
Ok, let's disambiguate the term "hacking". (Click for an article.)

There are two legitimate uses for the term "hacking". First is the act of reverse-engineering software or files, modifying sourcecode, writing plugins / extensions, searching for bugs, flaws, etc. Hackers can often be found in Open Source software trying to break things (this is how Open Source works, is improved, patched, fixed, etc.).

The second definition of hacking (the one that typically comes to mind) involves actively looking for a hole in a security system for the purpose of exposing the security vulnerability and fixing it (ethical hacking). Hacking typically involves direct contact, at least once, with the target. Direct contact can occur when the hacker visits the site of the security system or contacts someone and poses as security personell or an administrator. It may also involve directly searching for physical copies of passwords. In cases of ethical hacking, the target may provide information about themselves intentionally to test their security system, and hackers will be enticed to attack the system by way of a contest.

Legitimate hackers (ethical or not) are contrasted with "script kiddies" or "crackers". A script kiddy is someone who does not do any hacking on their own. Instead, they simply read about a security exploit that someone else has found and documented, and then search for someone who has not yet updated their system, software, etc. This is further facilitated by software branding that is commonly used on web software packages (such as PHPBB) which makes the software being used easier to identify and attack and also compounded by poor administration of such software (admins who do not update their software when new security fixes are published and released). This is not hacking. It is simply a step-by-step reproduction of a security vulnerability, essentially duplication of a bug in the software.

In most cases, activities that are percieved as "hacking" are due to negligence on the part of the victim or on the part of the administrator responsible for the victim's account, etc. As Kagenutto mentioned, if you are irresponsible in your security practices and do not take the time to secure your system, you are vulnerable to attack.

Here are a few tips for preventing your system, account, or personal information being hijacked, "hacked", or whatever.

1. Use alpha-numeric passwords. Example: ar23ul57qe, EReKJ873L, aE87kjOl83, etc. Do not use a dictionary word as a password. Some brute force programs use dictionaries to attempt to guess your password. Also, do not use any personally-identifiable information such as your name, birthdate, etc.
2. Change your password frequently. Once a month would be good for a casual user. Once a week would be better for an admin.
3. Do not use the same password everywhere. Passwords should probably be unique to each site.
4. Don't use the same account name and username everywhere, especially in places where the account name doesn't affect community identification. I.e. do not use the same name for your SRO character and SRO account, and do not use the same account for SRO as you do for the forums.
5. Secure your passwords. If you write them down, keep them in a locked filing cabinet. Don't leave them on your desk, especially at work. If you store them on your computer, make sure they're encrypted. (An easy way to encrypt text on a computer is to type it in a BMP or JPG file as it will not be indexed / viewable with a text editor. Just make sure you secure this image file, in a password protected folder, archive, etc., or removable media which you can physically secure.)
6. Do not share your password with anyone. If you need to allow someone else access to a system, make an account for them or have a system administrator make an account for them. Otherwise, you should log them in / out and directly monitor their usage.
7. Do not download cracks, keygens, trainers, etc.
8. Do not open any e-mail attachments you weren't expecting.
9. Regularly scan your computer for virii and spyware.
10. Do not save passwords on your computer. There's a tradeoff between convenience and security when storing passwords. Be very careful, because most stored passwords are not encrypted. They are simply stored in the registry or in a text file (especially for websites).
11. Flush (delete) your cookies when you exit your internet browser. Firefox can do this automatically.
12. Never put your password in a login macro or any other automated input device.
13. Keep your e-mail addresses current. In the event you need to retrieve a lost password, you'll almost always need to have a functional e-mail associated with an account.
14. Be careful in cyber-cafes; make sure you log out of your account(s) and make sure not to store your password. You may also want to avoid cyber-cafes alltogether, as there could be keyloggers on the machines and you'd have no way of knowing. Ask the proprietor about his/her security measures.
15. Make sure your home network is secure, particularly if you have wireless internet. Don't do banking on a public hotspot / WAP.
16. Keep your system up to date! You've heard it elsewhere, I'm sure. There's a reason for it.

I'm sure there's at least one security professional floating around on here who can point out a few other tips. Keep in mind that you can cut corners with security for convenience, but that's a calculated risk and you should be aware of the potential consequences.


nuff said.


Top
 Profile  
 
 Post subject:
PostPosted: Sat Mar 18, 2006 5:17 am 
Hi, I'm New Here
User avatar
Offline

Joined: Mar 2006
Posts: 14
Nice definition of a hacker, I think it is necessary to clarify what is the difference between that and a simple lamer or script kiddies.
But you know, there aren't really a definition for this term, because it existed before the advent of computers.
Basically, we could say that a hacker is someone that love to tweak a system to better know it. So for example a physician that loves his work is actually a hacker because he is doing his job by passion.

But there are not always "white hat" hackers on the net, there are too "black hats" and these are far more dangerous than the lamers and script kiddies, because they have far more knowledge and control. Since no system in 100% secure, there is no way to get around that, but with some security rules you can avoid many problems. I saw that you should use always the same password, this is true, but you can't use each time a new password even if it is the best solution. I advise you to use some 3 or 4 different password with different length and structure that you would always remember depending on the type of content you need to secure.
Ex: You have 3 password: the 1st is really little, like 6 char, the second is 9 char and the last 14 char. When you must register for a forum, you use the first password, it doesn't matter if someone steal your account, you can ask the administrator, and anyway it's not really a matter of life. For a game like Silkroad, you use the 2nd password (or the 3rd if you really want), because it's more secure. But when you must secure your computer or really crypted important informations, you use the 3rd password. At the beginning even 3 passwords would be really efficient, and later you will certainly create others when you will have your first passwords in mind.
And don't forget that a good password is more than 8 char (5 char password can be cracked in one day, 6 char in 1 week, 7 char in one month, 8 char in some months and 9 some years), with alphanumeric characters (but create some passwords without alphanumeric terms because some website or programs don't accept these). You should not use a suite of complete words, but instead mix them (ex: your mother's name is Anna, your father's George and your birthdate 17/02/1967, don't create a password like annageorge670217, it will be easily discovered, but instead try georanna1702ge67, this will be a little bit harder ;) ).

If you need some computer software protections but don't have a penny to give, then here is a list of effective softwares that you can use for your personal needs (not for commercial, then you must buy a licence):

Free antivirus: Antivir Classic Edition (free-av.com), AVG Free Edition, Avast Free Edition.
Free firewalls: ZoneAlarm, KerioPersonalFirewall.
Free anti-spyware: Spybot, Ad-Aware.
Free filewall: ProcessGuard from DiamondCS.
Other utilities: Advanced Process Manipulation & DelLater from DiamondCS, MalWhere (to know if a process maybe is a virus or not, really useful for neophytes and advanced users).

That's all =) There are more free and nice softwares out there like, some are outdated, others still in development (like ClamAV or WinPooch) so try a little search on Google for more informations ;)

Cya!

_________________
"Software is like sex; it's better when it's free." - Linus Torvalds


Top
 Profile  
 
 Post subject:
PostPosted: Mon Mar 20, 2006 11:46 am 
Common Member
User avatar
Offline

Joined: Mar 2006
Posts: 197
Location:
Troy
write your password in 1337 + binary :P then watch the frustration.

3x4mp13
01100101011110000110000101101101011100000110110001100101


ok so binary isnt such a good idea :D


Top
 Profile  
 
 Post subject:
PostPosted: Tue Mar 21, 2006 12:18 am 
Casual Member
Offline

Joined: Mar 2006
Posts: 87
Location:
Troy
The sadness part of SRO account password is...

You CAN use ONLY small letters and number for passwords x.x
I think they should allow at least CAPTIAL letter for passwords. Otherwise, passwords will not be strong as it suppose to be.

And yes, pretty good about hacker definition here. I was going to do this, but I am still in High School and busy rushing doing homeworks, SAT, ACT, and Regents prep, leadership program, and colleges coming all ahead before these.

I hate any players to try to play in the SHORTCUT way, especially in the online games. (the single-player in consule/PC games are exception, since even the game maker giving out cheat codes O.o) It make game server lag, make GMs harder time to control those, annoy other "legit" players, and they did nothing beside let robots do the job.

I think I should put this again on my signature...

"ALL CHARACTERS ARE NOT USING HACK BECAUSE HACKS MAKE GAME BORING AND RUIN OTHERS IN GAME!!!"

End for now...

Sincerely, Pan2006 (March 20th, 2006)

_________________
MY CHARACTERS (Started February 12th, 2006):

TROY:
PSHunter (Choseol): LVL 20 -> 17 (deLVed) - STR Ice Bow [1xxxx SP]
PSWari (Mai): LVL 15 - STR Fire Glavie [SP Digit=4]
PSGic (Soyong): LVL 14 - INT Lighting Sword & Shield [SP Digit=4]

Other 3 characters, no IGNs, but they're...
INT Healer, STR Fire, and Hybrid Fire/Light

GMs' Quotes:
Image

STATUS: Skill Points Farming & Do Quests


Top
 Profile  
 
 Post subject:
PostPosted: Wed Mar 22, 2006 3:11 pm 
Site Owner
User avatar
Offline

Joined: Dec 2005
Posts: 6390
Location:
Off Topic
You guys ruled some things out here, like third party programs, and phishing pages.

Anyone can fall for a phishing page. A simple link to a look-a-like site and its all over.

I even did it once; page looked exactly like Ebay and I gave up my account info :(


Top
 Profile  
 
 Post subject:
PostPosted: Sun Mar 26, 2006 10:05 pm 
Common Member
User avatar
Offline

Joined: Feb 2006
Posts: 136
Location:
Xian
SD_Ryoko wrote:
You guys ruled some things out here, like third party programs, and phishing pages.

Anyone can fall for a phishing page. A simple link to a look-a-like site and its all over.

I even did it once; page looked exactly like Ebay and I gave up my account info :(


lol... poor ryoko I did the same thing too... maybe we got scammed by the same site eh... small world small world

_________________
IGN: Lizidiani
Level: 2x
Build: Pure Intelligence Lightning Nuker
Job: Level 1 Trader/Level 1 Hunter
Guild: MaliceArmy (MA)


Top
 Profile  
 
 Post subject:
PostPosted: Wed Mar 29, 2006 5:02 pm 
Regular Member
User avatar
Offline

Joined: Feb 2006
Posts: 219
Location: < Inactive >
If you're concerned about phishing and use Mozilla Firefox, you can try out this anti-phishing extension from Google Labs.

_________________
Image
Heroes aren't born.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Apr 28, 2006 3:42 am 
Loyal Member
User avatar
Offline

Joined: Apr 2006
Posts: 1608
Location:
Troy
Very nice definitions. Great find!

_________________
This is a game, You're invited. www.lost.eu/572c4
redneck wrote:
Holy crap how do u drop 1 gold piece?


Top
 Profile  
 
 Post subject:
PostPosted: Thu May 04, 2006 1:16 am 
Hi, I'm New Here
User avatar
Offline

Joined: Apr 2006
Posts: 11
Location: Root
Yes, I use this extension ...and it's very promising... one word - Google :)


Top
 Profile  
 
 Post subject:
PostPosted: Fri May 12, 2006 2:25 am 
New Member
User avatar
Offline

Joined: May 2006
Posts: 33
Location:
Xian
1duck wrote:
write your password in 1337 + binary :P then watch the frustration.

3x4mp13
01100101011110000110000101101101011100000110110001100101


ok so binary isnt such a good idea :D



heres mine

3h3r15h
10101101001101010110100001101010100101011101010

XD

gl deciphering that

_________________
Headbangin master since 2002 XD.
DDR Master since 2001.
SRO player since 2005.

Image
Image


Top
 Profile  
 
 Post subject:
PostPosted: Fri May 26, 2006 3:27 pm 
Hi, I'm New Here
User avatar
Offline

Joined: May 2006
Posts: 12
Location: Somewhere in Time, Lost in the Future
Quote:
Nice definition of a hacker, I think it is necessary to clarify what is the difference between that and a simple lamer or script kiddies.


I bet you can't make the difference on who is who or who is doing what, they both using the same things, the only difference is on the way they are using those things and with what purpose. Also since on the nowadays search engines you can even findout HOWTO make a real bomb, its no wonder how come there are so many script kiddos.

PS: Even a 5 years old kid can do copy/paste that doesn't mean he is an "hacker" remember that.

_________________
You can twist perceptions, reality won't budge. You can raise objections, I will be the judge, and the jury.


Top
 Profile  
 
 Post subject:
PostPosted: Sun Jul 16, 2006 6:37 pm 
Active Member
User avatar
Offline

Joined: Jul 2006
Posts: 617
Location:
Venus
3h3r15h­5hj•j
or
3h3r15h1735710410674234

lol

_________________
Image


Top
 Profile  
 
 Post subject:
PostPosted: Tue Jul 18, 2006 4:53 am 
Regular Member
User avatar
Offline

Joined: Jun 2006
Posts: 222
Location:
Pluto
hacks are for the weak succkaaaa

_________________
Pluto
8x
2h Warrior / cleric
Oasis
6x
Hybrid Nuker
Spear


Top
 Profile  
 
 Post subject:
PostPosted: Thu Jul 27, 2006 6:07 pm 
Frequent Member
Offline

Joined: Mar 2006
Posts: 1166
Well, I used to just do some fun password hacking with friends, and the longer the pass with numbers being at the beginning is harder to break. It usually starts by just doing random letters / words mixed with numbers until it tries about 1 billion combinations. These are just simple systems though, above posts were to long to read. :roll:


Top
 Profile  
 
 Post subject: hacking
PostPosted: Thu Jul 27, 2006 10:05 pm 
Hi, I'm New Here
User avatar
Offline

Joined: Jul 2006
Posts: 22
Location:
Greece
good def of hacking :D

_________________
Image
if yoo cant read this congratulations your retarded:
em mp ton yrt og uoy tnac yhw
boon a mi sey


Top
 Profile  
 
 Post subject:
PostPosted: Wed Aug 02, 2006 2:47 pm 
Valued Member
User avatar
Offline

Joined: Aug 2006
Posts: 407
Location:
Troy
How do I change the settings so my PC doesn't "put my password in a login macro or any other automated input device." (I use a Windows XP Prof.)

-Kayson


Top
 Profile  
 
 Post subject:
PostPosted: Fri Sep 15, 2006 3:32 pm 
Casual Member
User avatar
Offline

Joined: Sep 2006
Posts: 63
Location:
Babel
Image

or these guys.

_________________
Image
Build: 94% int spear nuker
lvl: 5x
Job: Hunter,Thief,Trader
Guild:Taizong Lvl 4 Leader. RECRUITING!

babel ftw!


Top
 Profile  
 
 Post subject:
PostPosted: Sun Sep 17, 2006 7:12 am 
Banned User
User avatar
Offline

Joined: Apr 2006
Posts: 294
Location:
Maya
Just get something personal with numers etc like your telephone number + birthday.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Sep 29, 2006 2:18 am 
Casual Member
Offline

Joined: Sep 2006
Posts: 62
do people still bot hack this game? lol. :shock:

_________________
<<banned from SRF for rules violations. -SG>>


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 19 posts ] 

All times are UTC


Who is online

Users browsing this forum: Google [Bot] and 17 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group