The Risks of hosting a public server, and how you can protect yourself [Guide]

[Syllabus]

The Battle Plan - A Defensive Alternative

So the hacker because GM on your server and probably banned you and took away your powers. Dont fear, you won't forget, you have GUI control over the mySQL database. when you see him enter your realm. quickly make a GM account. get on the server, and before he kicks and bans you, do a .playerinfo. at the bottom of the blue message, it will display his IP. write it down, this part is vital.

With that IP in hand you are now ready to launch your defensive manuaver. Bring up your firewall, and pray it can block IP's. if it can, put in his IP, if it requires a network LAN IP, open up command prompt (start > Run >CMD) and type in ipconfig, your lan IP will be the Ip address shown, then either wait for him to DC from your server, or kill the connection with a .killbyaccount command. now he will be barred from your system without any means of getting back in. His IP is blocked (Be careful, this only works with STATIC IPs).

The hacker, however, could of deployed a few viruses for him to gain entry again. (examples include backdoor.trojan or a RAT program). use a few antiVirus's to scan for them. use more than one however, most antivirus's dont pick up everything.

When your done the clean up. You are now safe from the hacker. For now. And I guarantee he will try to attack again, just remain smart, remember the battle plan. and know how to use your tools effectively to get that low life back out of your computer.


Note: your computer is never going to be 100% safe. so make a public server at your own expense. Thank you for reading my guide, I hope it has given you an Idea on how to protect yourself.

If you see an error in the guide please point it out and I will fix it the best I can (please dont flam

This wont work at all versus a skilled hacker, and just by getting this far clearly shows that he knows what he is doing. If you use the .playerinfo on him and gets his IP and tracking him with Active whois to get phone number street adress etc etc. The problem is that a hacker with that knows how to get this far knows what a proxy is, and by useing this you will never get ride of him, but use active whois on him anyway (you will also get his ISP=internet service provider. if you call his ISP and tell them what he did they might block him and then he will be in some deep shit. You can also call your own ISP to block his IP, then he has absulutley now way to get into your computer again).

And if the hacker left some viruses key loggers etc etc on your computter, he can easly have edited the thing he uses and if it hasen't been used in large scale, your antivirus and other programs has about a 0% chance of detecting it. And here again you can use Active whois to track any outgoing and inncoming connections to your computer and then track him, and the chances of him useing a proxy now is much lower and you might get his real IP!

This is not for flaiming you, but the best thing you can do to protect yourself against attacks is to allways have a updated OS and Virus protection programms, and it is a good thing to change your passwords atleast once every week, +9 chars, this will make you immune to brutforce attacks. But don't use a word our something, use something simllare to passwords you get from Blizzard after useing password recovery.
Example:
B4P4W29DPC
this prevents him for useing word list to make bruteforce easyer.

Some Active Whois screenshots
This is inncoming and outgoing connections


IP/domain lookup:


Download Active whois here!

[Syllabus]

Btw + rep for you!

[majornoob]

Thanks for tips

[3shirtlessmen]

Good basic guide! Thanks!

[Ekorren2]

i had a server up for my friends and cousins, well all know. but when i started the computer 1 week later(i was on a boat for an week..) well, i started the computer when is started the server and 20minutes later i had F******** A*** S*** C***** more than 60keyloggers and 50000trojans on my comp.. lol it was like the Real '' Dawn of the war '' Zombies everywhere :/, im very amateur with computers and viruses so im not sure how they came it, it might been when i patched the server..um? well well i got my pc raped and double F**kt hahaha, my pc died unfortunaly(sorry, my english sucks big time). aye i now run a 2.3.X server and Wowlegend im going to subscrive so you, :P i've gotten 20donators per month now = D, aye...who cares, but i followed your guide and i burn that hacker to tha ground.

[Ekorren2]

i had a server up for my friends and cousins, well all know. but when i started the computer 1 week later(i was on a boat for an week..) well, i started the computer when is started the server and 20minutes later i had F******** A*** S*** C***** more than 60keyloggers and 50000trojans on my comp.. lol it was like the Real '' Dawn of the war '' Zombies everywhere :/, im very amateur with computers and viruses so im not sure how they came it, it might been when i patched the server..um? well well i got my pc raped and double F**kt hahaha, my pc died unfortunaly(sorry, my english sucks big time). aye i now run a 2.3.X server and Wowlegend im going to subscrive so you, :P i've gotten 20donators per month now = D, aye...who cares, but i followed your guide and i burn that hacker to tha ground.

[Ekorren2]

Sorry for the double post ih ave no idea why it's 2 when i only clickt once =S

[Forrest]

Halo, I'm not quite sure if that'll work. Correct me if I'm wrong but that just disallows people from connecting to edit your database. Not your server. The moment your server is turned on, its directly affiliated with your database.

just saying or you could do this
1. when setting up your mysql in the password step just uncheck the "allow connection from remote users" and thier you go

Heres my 2 cents worth from a CCNA on what to do if a hacker got onto my server and effectively screwed up everything (pardon me if I get anything wrong):

1) Turn off my router, effectively shutting out any connection to the internet.
2) Run a deep-scan on my computer with latest update as well as on all computers previously using the same router connection for viruses, worms or trojans.
3) Restore mySQL database from a fresh dump not forgetting to backup account and character information.
4) Shutdown tcp ports on both router and computer that were previously used for the server and open new ones for server use.
5) Enforce a 128-bit WEP encryption(I don't think we have to go to WAP here) for local connections if you haven't done it yet. The hacker might be your neighbour for all you know.
6) Apply to your ISP for a proxy filter, being the first defence from packet attacks that your ISP will be bearing the brunt for you.
7) Set my router to block anonymous WAN requests, filter Proxies, Cookies, ActiveX Controls and Java Applets.
Upgrade my security software to something that has Live monitoring if I haven't already.

Irregardless, if a hacker has already planted his/her own customised trojan/worm on my computer and its a first, I'm also probably screwed. If that happens I'll have to backup my database to another comp and reformat my harddrive and hope that works. Anyway I don't know why a hacker would want to go so far with my comp, unless he wants loads of free ******

[Baracus]

I need some help connecting to a private server, none of the guides i use work. I cannot seem to connect to Navicat.

[therealdeal316]

not sure if this is an appropriate thread to post this but whatever. I was just wondering how exactly bliz would go about catching someone running/using a private server. Are there any do's or do not's in regards to protecting yourself from blizzard? I ask only because I just recently created a private server and noticed when I started the wow exe there was updated information regarding the over population on some of the live servers. Thar concerns me.

[Forrest]

I need some help connecting to a private server, none of the guides i use work. I cannot seem to connect to Navicat.

Try using mine on MMOwned, for Mangos private server, its super-detailed amd long. My advice, be hardworking and read it.

http://www.mmowned.com/forums/mangos...os-server.html

Baracus, this thread seems like an inappropriate place to post your request for help?

not sure if this is an appropriate thread to post this but whatever. I was just wondering how exactly bliz would go about catching someone running/using a private server. Are there any do's or do not's in regards to protecting yourself from blizzard? I ask only because I just recently created a private server and noticed when I started the wow exe there was updated information regarding the over population on some of the live servers. Thar concerns me.

Indeed, if caught, Blizzard can rightfully sue you and you'll be in deep poo.

Emulators / private servers are against Blizzard's EULA. If you have an active account with WoW, you agree to this every time you logon after a patch. Your account can be banned for playing on a private server. You might want to weigh whether losing access to your characters is worth it. :banned:

Running (making) a emulator / private server is actually illegal. Blizzard is one of the only game companies to win court cases against the operators of private servers.

Q u o t e:
Only Blizzard or its licensees have the right to host the Game. You may not host or provide matchmaking services for the Game, or intercept, emulate or redirect the proprietary communication protocols used by Blizzard in connection with the Program, regardless of the method used to do so. Such prohibited methods may include, but are not limited to, protocol emulation, reverse engineering, modifying the Program, adding unauthorized components to the Program, or using a packet sniffer while the Program is running.

Q u o t e:
(iv) facilitate, create or maintain any unauthorized connection to the Game or the Service, including without limitation any connection to any unauthorized server that emulates, or attempts to emulate, the Service. All connections to the Game and/or the Service, whether created by the Game Client or by other tools and utilities, may only be made through methods and means expressly approved by Blizzard. Under no circumstances may you connect, or create tools that allow you or others to connect, to the Game's proprietary interface other than those expressly provided by Blizzard for public use.

However, the key here is to NOT DRAW TOO MUCH ATTENTION to your server. True, you might be very excited and want to kickstart your server with as much people as possible, so you start advertising crazily on every forum and website you know etc. My advice here would be to start with your friends and build up from there as they intro more friends. IT WOULD BE A BAD IDEA to get your server listed as TOP 10 or TOP 20 of any WoW emulator website(although it is hard).

Another important thing is to NOT earn ANY MONEY from the running of this server, irregardless of whatever reasons you might have. If you get caught, the norm would be a warning to "cease and desist" but you'll be in deeper poo if Blizzard finds out you're earning MONEY from THEIR GAME.

My twocents worth please. Correct me if I'm wrong.

[Clain]

Meh the worst blizzard can do if you are caught running a private server is ban your account on retail LOL. unless you have a server like wowscape, burning wow, etc then you can be sued. Emulators arent illegal. using blizzards maps, and their dbcs are

[Forrest]

Meh the worst blizzard can do if you are caught running a private server is ban your account on retail LOL. unless you have a server like wowscape, burning wow, etc then you can be sued. Emulators arent illegal. using blizzards maps, and their dbcs are

I stand corrected, thanks for the clarification. However, I'm still doubtful whether WoW server emulations are legal because we don't know if the source code was leaked and reverse engineered or someone packet-sniffed the communication protocols such that we have Mangos and Ascent today? Obviously they must have some basics to start building their Visual C on right? If I was good enough to get a team of programmers to work on an MMORPG, I wouldn't run an emulator. I would release my own game. But we'll never know will we? Laws related to the Internet are always dodgy.

[pbrocks]

Nice....(claps hands)

[bagel99]

Great info .....