|
Post by Pramire on Jul 6, 2018 18:45:34 GMT
1. Approx date and time you suspended the admin. 2:43PM, 7/6/18 2. Why you suspended the admin - include relevant log entries Rogue actions via panel StevenNL2000
3. Did you attempt to correct the admin before suspending him/her to include a short time removal (e.g. 10 mins)? No4. Did you notify the admin that you removed them from and why? No
|
|
StevenNL2000
Forum Admin
Posts: 6,415
| Likes: 6,936
IGN: StevenNL2000
Timezone: UTC+01:00
Member is Staff. Need immediate assistance? Send a PM
|
Post by StevenNL2000 on Jul 6, 2018 18:49:07 GMT
We still need someone to confirm that it was IDNC's panel account who performed the rogue actions; I don't have that access. The forum removal is a precaution.
|
|
Lemon
Veteran Member
Insert status here.
Posts: 2,491
| Likes: 2,165
|
Post by Lemon on Jul 6, 2018 18:56:35 GMT
[20:41:07] [API:IDoNotCare Activity] : Sent to console: `wildcard noob ?` [20:41:07] [INFO]: Running Command: noob Reversi [20:41:07] [INFO]: CONSOLE - Tempbanning: Reversi for 5 minutes. [20:41:07] [INFO]: Reversi lost connection: §cYou have been temporarily banned for five minutes. Please read totalfreedom.me for more info. [20:41:07] [INFO]: Reversi left the game [20:41:07] [INFO]: Running Command: noob mattlawn [20:41:07] [INFO]: CONSOLE - Tempbanning: mattlawn for 5 minutes. [20:41:07] [INFO]: mattlawn lost connection: §cYou have been temporarily banned for five minutes. Please read totalfreedom.me for more info. [20:41:07] [INFO]: mattlawn left th
[20:40:29] [API:IDoNotCare Activity] : Sent to console: saconfig remove StevenNL2000 [20:40:29] [INFO]: CONSOLE - Removing StevenNL2000 from the admin list [20:40:29] [WARN]: Unexpected exception while parsing console command "saconfig remove StevenNL2000"
yeah it's him.
|
|
_Windows
Club 4000 Member
Posts: 7,881
| Likes: 9,611
|
Post by _Windows on Jul 6, 2018 19:08:21 GMT
I am kind of curious as to why he would have done this. I'm pretty sure I made it very clear that abuse from panel is quite easy to catch.
|
|
Lemon
Veteran Member
Insert status here.
Posts: 2,491
| Likes: 2,165
|
Post by Lemon on Jul 6, 2018 19:10:41 GMT
I am kind of curious as to why he would have done this. I'm pretty sure I made it very clear that abuse from panel is quite easy to catch. breached by savnith
|
|
_Windows
Club 4000 Member
Posts: 7,881
| Likes: 9,611
|
Post by _Windows on Jul 6, 2018 19:18:23 GMT
I am kind of curious as to why he would have done this. I'm pretty sure I made it very clear that abuse from panel is quite easy to catch. breached by savnith Any evidence of that? If thats the case we might want to try to find out how. Most likely a skid RAT I would think.
|
|
Lemon
Veteran Member
Insert status here.
Posts: 2,491
| Likes: 2,165
|
Post by Lemon on Jul 6, 2018 19:25:14 GMT
|
|
|
Post by Pramire on Jul 6, 2018 19:27:47 GMT
Any evidence of that? If thats the case we might want to try to find out how. Most likely a skid RAT I would think. I we either need to eliminate panel entirely for clans, or enforce password guidelines and change passwords every few months (which would be tedious).
|
|
StevenNL2000
Forum Admin
Posts: 6,415
| Likes: 6,936
IGN: StevenNL2000
Timezone: UTC+01:00
Member is Staff. Need immediate assistance? Send a PM
|
Post by StevenNL2000 on Jul 6, 2018 19:32:05 GMT
we either need to eliminate panel entirely for clans, or enforce password guidelines and change passwords every few months (which would be tedious). When I create panel accounts, I always set passwords like @akb~:SFmZA;a>LE\#4nk)&\aIt7b>vd}3ye4l|B@HdF0@7&Dai>gV9v0Gdwe|h. If we could disable setting a custom password, it would massively improve the security already. Putting HTTPS on the panel would also help, I suggested that quite a while ago: totalfreedom.boards.net/thread/55186/https-panel.
|
|
_Windows
Club 4000 Member
Posts: 7,881
| Likes: 9,611
|
Post by _Windows on Jul 6, 2018 19:55:25 GMT
we either need to eliminate panel entirely for clans, or enforce password guidelines and change passwords every few months (which would be tedious). When I create panel accounts, I always set passwords like @akb~:SFmZA;a>LE\#4nk)&\aIt7b>vd}3ye4l|B@HdF0@7&Dai>gV9v0Gdwe|h. If we could disable setting a custom password, it would massively improve the security already. Putting HTTPS on the panel would also help, I suggested that quite a while ago: totalfreedom.boards.net/thread/55186/https-panel. Neither of those things would stop abuse that is coming from the IP of someone with access. In that case, either the person went rogue or their LAN was compromised. Since I know Savnith to be involved with script kiddie stuff, a RAT is the most likely thing that would have been used. To me it looks like IDNC was tricked into running the RAT, which is the only way I could see Savnith using IDNC's IP to abuse.
|
|
StevenNL2000
Forum Admin
Posts: 6,415
| Likes: 6,936
IGN: StevenNL2000
Timezone: UTC+01:00
Member is Staff. Need immediate assistance? Send a PM
|
Post by StevenNL2000 on Jul 6, 2018 19:59:12 GMT
When I create panel accounts, I always set passwords like @akb~:SFmZA;a>LE\#4nk)&\aIt7b>vd}3ye4l|B@HdF0@7&Dai>gV9v0Gdwe|h. If we could disable setting a custom password, it would massively improve the security already. Putting HTTPS on the panel would also help, I suggested that quite a while ago: totalfreedom.boards.net/thread/55186/https-panel. Neither of those things would stop abuse that is coming from the IP of someone with access. In that case, either the person went rogue or their LAN was compromised. Since I know Savnith to be involved with script kiddie stuff, a RAT is the most likely thing that would have been used. To me it looks like IDNC was tricked into running the RAT, which is the only way I could see Savnith using IDNC's IP to abuse. There is literally nothing that stops that, so that's not what those security measures are meant to protect against either.
|
|
|
Post by Polaris Seltzeris on Jul 6, 2018 20:08:40 GMT
I think that we should call the armed forces because savnith is a Russian state hacker who has to be stopped.
|
|
|
Post by Pramire on Jul 6, 2018 21:11:22 GMT
I think that we should call the armed forces because savnith is a Russian state hacker who has to be stopped. call the red army on the red army
|
|
Premintex
Club 4000 Member
Coward
Posts: 5,408
| Likes: 2,485
|
Post by Premintex on Jul 6, 2018 21:56:18 GMT
Rip
|
|