|
|
Post by Alpha1 on Jan 10, 2009 9:09:42 GMT -6
I have returned to starsiege to warn you about a very easily exploited security risk in starsiege. as you all know, the master server ip&port are displayed in the form IP:n.n.n.n.n:n (n as in Number), if you remove the last number set and add the IP address to the remote shutdown dialog, You probably can figure out the rest.  |
|
|
|
Post by alpha1 on Jan 10, 2009 10:33:08 GMT -6
I found a way to shut down any windows computer remotely from my own using the IP address of that computer. and i know that the master server is windows run. but i know a LOT more dangerous hard hacks that are made easy by having the victims IP.
|
|
|
|
Post by eye on Jan 10, 2009 12:41:05 GMT -6
Ok let me say this , I have been attacked by Ip and what u saying is BS .. in alot of ways ... I will not go into it but beware of what your talking about if you try because you could end up on the darkside of the moon .... It is a area of the Computer 0001 to 0010 that can hang a person . Let me also say yes nothing is safe but for most it is , People from all over the world has tried and then in the states thers alot of people ban from there computers for life for dummmm stuff .. look it up it , you really need to be good at computers any more to pull it off and not leave a trail ... here a serch link to look at copy paste it to address bar search.yahoo.com/search;_ylt=A0geu90GI2lJZn4BanZXNyoA?p=computer+game++hackers+sent+to+jail&y=Search&fr=yfp-t-501&ei=UTF-8eye I found a way to shut down any windows computer remotely from my own using the IP address of that computer. and i know that the master server is windows run. but i know a LOT more dangerous hard hacks that are made easy by having the victims IP. |
|
rom
Site Member 
Posts: 76
|
Post by rom on Jan 12, 2009 12:06:53 GMT -6
Observations: - A "hard hack" is one that involves manipulating physical hardware (e.g. soldering wires on a graphics card to turn on disabled functionality).
- Showing a server IP number is not a security risk. Even if SS didn't show it, your operating system knows the server IP number through the TCP stack (it has to) and that can be found with a single command.
- Windows Remote Shutdown command requires the remote computer to be on your domain and for your account to be an administrator on the box.
- A decent firewall will block improper traffic inbound to the server.
|
|
