Why do people destroy servers, why?

Yamia · Apr 11, 2014, 07:46 PM

http://fable-ragnarokonline.com/ipb/index.php?/topic/1018-listen/#entry9378

Once again a server being hacked. It's sad. Why do people do that, it just a game.. I mean ...come on.

firefox509 · Apr 11, 2014, 09:07 PM

My Theory:
Because most of these pre-renewal mid-rates aren't actually "hacked", I'm pretty sure its 1 or 2 people putting up servers, then fakeing a "hack" incident as an excuse to close that server down, and open a near one to reap in more starter donations.
You think every server that pops up is actually ran by someone different? I doubt there's any more "new" server owners going around at this age in RO, especially with all the "hacking" going on.
Its just a cycle of starting a server, reaping in initial investment donation deposits, once donations slow, the server is "hacked" and within no time another one comes up. Final-Rag's admin told me that his paypal account was almost blocked, due to "suspicious activity" of almost 2,500 Euro within a month. About the time the server was becoming stable and settled down out of constant changes, all the players already donated all they need, it was "hacked" and put offline, without ever hearing a word from the admin again.

I've stopped playing on mid-rates, or even new servers, due to their inevitability of going down within 2 or 3 months tops. All of them promising the same stuff, each has their own little unique feature, but chances are if it gets popular, its one of the chain servers that's just up to take in donations. And if it isn't popular, well I don't prefer to play on small servers, which are going to end up going down anyway.

Thats my theory anyway.

Zleepy · Apr 11, 2014, 09:26 PM

It's business you invade someones scene better expect a response. Or they could be faking but at that point I don't know why you'd stick with RO and not goto a much more profitable game.

skyglow · Apr 11, 2014, 10:00 PM

I don't think this is the case. They still have a lot more of donation to get.

dontknowright · Apr 11, 2014, 11:12 PM

The staff team at Fable is extremely inexperienced and unprofessional.

They simply don't know how to properly troubleshoot, test, and resolve issues. Expect more of the same once they are up and running again.

Final-Rag · Apr 12, 2014, 01:09 AM

Ontopic:

I'm sorry to hear that another bites the dust, too many idiots with too much time on their hands ruining others fun for their personal entertainment.
Kinda curious when the emulator scene will finally open their eyes....

Quote from: firefox509 on Apr 11, 2014, 09:07 PM
My Theory:
Because most of these pre-renewal mid-rates aren't actually "hacked", I'm pretty sure its 1 or 2 people putting up servers, then fakeing a "hack" incident as an excuse to close that server down, and open a near one to reap in more starter donations.
You think every server that pops up is actually ran by someone different? I doubt there's any more "new" server owners going around at this age in RO, especially with all the "hacking" going on.
Its just a cycle of starting a server, reaping in initial investment donation deposits, once donations slow, the server is "hacked" and within no time another one comes up. Final-Rag's admin told me that his paypal account was almost blocked, due to "suspicious activity" of almost 2,500 Euro within a month. About the time the server was becoming stable and settled down out of constant changes, all the players already donated all they need, it was "hacked" and put offline, without ever hearing a word from the admin again.

I've stopped playing on mid-rates, or even new servers, due to their inevitability of going down within 2 or 3 months tops. All of them promising the same stuff, each has their own little unique feature, but chances are if it gets popular, its one of the chain servers that's just up to take in donations. And if it isn't popular, well I don't prefer to play on small servers, which are going to end up going down anyway.

Thats my theory anyway.

Hi FF, Ryu from Frag here,

i actually know that there are some people doing exactly what you described, but us not being one of them, get proof before you spread rumors about calypso or me, thanks.

About the paypal thing, it was 2,500 USD in the span of 1 year (i received payments for freelance jobs in the year 2013 (before even opening frag) so that still counted to the 2,500 USD limit).
And "suspicious activity" is wrong too, it's rather the EU requires an identification from you when you reach that limit.

The reasons why you "never heard any word" from us anymore, because the so called emulator "programmers" didn't really care about said issue, so we left the statement on our website and gave up on it. The so called "hack" is an exploit in emulator cores, believe what you want, i just wanted to clarify the matter.

paradise2 · Apr 12, 2014, 02:04 AM

Gimme please your access log from IPB & website + other logs in auth.log
+ errors log. I can alalyze that in my free time.
I will tell you a true story about your hack.

Emulator DO NOT have any 3rd party connections, i was check it manually times.
Are you really thinking about around 10k community in server development (rathena & hercules & old eathena) can ignore so big trouble in sources?

In 99% of all hacks the problem is: administrator who do not care about their server security.

There is very simple steps to protect servers: disable dangerous functions in php, open-basedir, disable extra connections to mysql server, remove php in uploading folders. Do not run any application from root, ACL settings for folderes, etc.
Disable all ports except RO server, normal login system what e-mail you every day & event trigger on the system.

+ very stupid method against cheaters
OnPCLoginEvent:
if (getgmlevel()) {
atcommand "@block "+strcharinfo(0);
announce "SOMEONE LOGIN INTO GM ACCOUNT!!! CONTACT TO GM AS FAST AS THAT POSSIBLE!",bc_all,0xFF0000;
atcommand "@mapexit";
}
end;

Avid · Apr 12, 2014, 03:52 AM

We was having this issue at Avid-RO when we started out however we managed to migrate and fully protect.

It comes at a cost though, its not cheap.

Someone has definitely got it in for mid-rate Pre-Renewal servers.

paradise2 · Apr 12, 2014, 05:31 AM

as i know, you using blacklotus right?
It's hurts! And it's crappy)
Why so hurts protection you may choose?

Gardosen · Apr 12, 2014, 08:51 AM

to be true, if i check this board of this server, they need more then 12 hours for an emergency maintenance or maintenance.
the last two weeks the server crashed nearly every day. this is sad to see. it seems the admins dont know how to work with the server software or program c.

i cant beleave that someone realy needs 12 hours for a maintenance.
prepareing a maintenance, uploading the stuff, compiling the devtest server, checking the changes, preparing the client and patcher, then shuting down the live servers, compiling the live server, patch initiation, restart. system done. this is work of arround 2-3hours where the players only have to wait between 10-30 minutes depending on the compiling speed of the system.

Yamia · Apr 12, 2014, 09:57 AM

they stated in the link i gave that they needed that long because they were attacked... so uhm i think that is justified.

Gardosen · Apr 12, 2014, 10:47 AM

i dont want to be rude, but if you want to host a server, you should at least have a developer who knows how to protect the server.and not just "woho our server hoster have a ddos protection, we are safe!"

FableRO is the best proof that not everyone should host a server. having good ideas and beeing able to compile a server, doesnt make you a good server hoster. they dont know how to secure their server, they dont know how to build a propper client that is stable and server secure, they dont know how to implement harmony correctly, people they dont even know how to make a clean and correct maintenance.

face the truth, these people need core developer/client developer who know what they are doing, or this server will die.

Aerys · Apr 12, 2014, 10:58 AM

lol at people here acting like they know everything about security... You wouldn't say that when your server gets attack 24/7. I know this because i had experienced this myself and boosting your security won't help if the attacker knows what he is doing.

the best thing you can do about it is to outsmart your attacker.

Gardosen · Apr 12, 2014, 11:56 AM

Quote from: Aerys on Apr 12, 2014, 10:58 AM
lol at people here acting like they know everything about security... You wouldn't say that when your server gets attack 24/7. I know this because i had experienced this myself and boosting your security won't help if the attacker knows what he is doing.
the best thing you can do about it is to outsmart your attacker.

i can tell you what my expectation of the most used attacks of scriptkiddys is (and people who are attacking those servers, ARE script kiddys)

bruteforcing the login with passwords and ids? - Solution: Block IPs who failed a certain times in a specific timerange
someone uses XSS against your serverpage? - Solution: you should make your Page XSS secure (one of the most common attacks)
someone uses SQL Injection against your server? - Solution: dont use a basic Flux and make your search forms statement secure. (SQl Injections are especially well used on basic Flux control panels)
someone ddos your server? - Okay this is realy a part where you cant do much as the owner, you just have to find a hoster who offers a good ddos protection which is hardware based.

against people who are hacking sony or others, you are not able todo anything. also experts for botnet attacks are nearly impossible to block.
but 90% of the privat servers are using flux. and only 50% of these people are modifiying the basic source of this CP that its less attackable. Imagine yourself how much servers got hacked, without the recognition of the admins.

dontknowright · Apr 12, 2014, 12:58 PM

Quote from: Aerys on Apr 12, 2014, 10:58 AM
lol at people here acting like they know everything about security... You wouldn't say that when your server gets attack 24/7. I know this because i had experienced this myself and boosting your security won't help if the attacker knows what he is doing.
the best thing you can do about it is to outsmart your attacker.

I can say that I know a lot about security - from systems, to networks, to protocols, packet modification, port manipulation, to stuff like surveillance, physical access control, attack mitigation, etc.

I've been involved in 'security' for over 17 years, and 'access control' for over 9. I do it professionally.

That said - look at how amateurish this is:
http://fable-ragnarokonline.com/
(Just in case it changes - its a full FluxCP critical error log with full details of errors, directory structure, etc)

They are developing on an unprotected and unrestricted live host. These people have learned nothing at all. It isn't hard to be cautious, careful and properly prepared.

Another one bites the dust - or will soon. Don't waste your time there. Your time has value.