AeRO

Jadajada · Sep 16, 2009, 02:47 PM

As far as I know, it doesn't have anything to do with any old
aeRO server, it just had the same name as an old server. I might be wrong though.

GorthexTiger · Sep 16, 2009, 03:22 PM

Woah woah woah...let's all hold onto our seats now...

Who's to say they hacked the server?

For all intents and purposes, we don't have any proof of ANYONE doing ANYTHING to it.

I hate to play Devil's advocate, but why is everyone so quick to join the bandwagon?

And if they did indeed do it, I'm not really suprised, as Descent said, this is the reason why private servers are dying.

Metafalica · Sep 16, 2009, 04:52 PM

It was hacked. :p The server was only a week or so old.

Zone · Sep 19, 2009, 04:08 AM

Should've called ~~brake depot~~Zone.

Phori · Sep 21, 2009, 05:51 PM

Sorry about my late reply on this matter, I was just linked to this topic. I had picked "AeRO" far before I knew of the old one. Honestly, it's not a name that takes miles and miles of thinking to come up with. By the time I had heard of the old AeRO, the website and banners had already been designed. By that time, I decided to keep going ahead with it since the old AeRO was no more. Cynical and I busted our asses working on the server, and it was doing really well if I do say so myself. Then, as Omi said, it was hacked the day we were doing a full back up. There is no solid proof that the hackers came from the old AeRO (though I did have those basterd's IPs after they snooped around the VN) so I wouldn't be too rash at pointing fingers.

Cynical is remaking the server under his own command and his own name now, and I'm taking a step back. RO servers have too much s*** going on within them, some more so than others. My disatisfaction with the current high rates was what lead me to create AeRO, only to lead myself to more displeasure.

To say that I'm disheartened would make a gross understatement.

Lost~Dreams · Sep 22, 2009, 05:18 AM

For everyone saying "It was old aeRO players" Your WRONG, AeRO was hosted by me and i was there when it was attacked, I worked with Phori as one of her developers. The attack came from someone in the UK. The attacks originated on an older clients VPS, They attacked the other client by accessing their phpmyadmin and removing all their files. About a week later aeRO's VPS was attacked by none the less the same people. Same ISP Just a different IP Address.

Im 100% Positive it was not old ae-ro players because i know exactly who done it and the problem has been resolved. If phori was still talking to me she would know that i have all of her files backed up on my webserver. The files were given back after consulting the guy about the numerous attacks.

This should bring this to an end and it should be closed.

For people wondering "How This Happened" It was not a fault in the hosting security. It was the Server owners fault, Or well i wouldnt say "fault". Easy passwords are usually the case. There was no other access points, he never really "Hacked" anything, He had the correct login information each time he logged into the VPS.

None the less the problem is solved and he wont be back. If it makes you guys feel any better he knew both of the clients he destroyed which is why it made it so easy for him to get in. ;]

@Descent

There is nothing that can be done he did nothing "illegal" He had the correct login information when logging into everything, "NOT 1 FAILED LOGIN ATTEMPT" might i add. This is why it went un-noticed till i started searching for a problem. If he had done something wrong i would have reported it already, No doubt crippling 2 VPS's is wrong but he didn't do anything wrong to obtain information to either VPS.

I want all of you to note that only 2 VPS's were crippled by this person, Its not some HUGE hacker. And like i stated earlier he knew both the clients before hand which helps me prove the point it had nothing to do with us. And the fact he never failed a login completely proves it has nothing to do with us.

@Phori

QuoteCynical and I busted our asses working on the server

Thanks for the Credit for what i done Which was 85% of everything that was done on your server.

Head Monocle of DOOM · Sep 22, 2009, 03:11 PM

Quote from: Lost~Dreams on Sep 22, 2009, 05:18 AM
@Descent

There is nothing that can be done he did nothing "illegal" He had the correct login information when logging into everything, "NOT 1 FAILED LOGIN ATTEMPT" might i add. This is why it went un-noticed till i started searching for a problem. If he had done something wrong i would have reported it already, No doubt crippling 2 VPS's is wrong but he didn't do anything wrong to obtain information to either VPS.

I want all of you to note that only 2 VPS's were crippled by this person, Its not some HUGE hacker. And like i stated earlier he knew both the clients before hand which helps me prove the point it had nothing to do with us. And the fact he never failed a login completely proves it has nothing to do with us.

I should like to point out that unauthorized access access of a computer from a remote location and theft of intellectual properties is indeed hacking.

Hack: To gain access to (a computer file or network) illegally or without authorization: hacked the firm's personnel database.

Here is an excerpt from the Computer Missuse Act of 1990

"Be it enacted by the Queen's most Excellent Majesty, by and with the advice and consent of the Lords Spiritual and Temporal, and Commons, in this present Parliament assembled, and by the authority of the same, as follows:—

Computer misuse offences

1 Unauthorised access to computer material (1) A person is guilty of an offence if—
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at—
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both."

Lost~Dreams · Sep 22, 2009, 03:17 PM

Quote from: Head Monocle of DOOM on Sep 22, 2009, 03:11 PM
1 Unauthorised access to computer material (1) A person is guilty of an offence if—
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at—
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both."

I cannot say he had unauthorized access, He had the correct information each time. It would be a he said she said type of deal.

Server owner says " He logged in without my consent"

He says " I had the correct login information and the server owner gave me the information"

Who am i to deny that he did not get the information from the server owner regardless if the server owner said he didn't?

He "NEVER" failed a login attempt.

Theres nothing that can be done.

Both of the server owners he 'hacked' can press charges if they want. But, they will not have my support on it. The only thing i can say in their defence is he did infact login to their VPS and create backups of his own, But in his defense i would have to say he did have the correct login information which means he had to get it from the server owners.

GorthexTiger · Sep 22, 2009, 03:27 PM

I would also like to point out that if he did indeed intend on "hacking", he HOPEFULLY would've been smarter than to just sit there with his home IP. Go to a library, chainlink proxies, and THEN go and attempt access would be more of a "hacking" attempt.

That fact that he had the access and didn't bother to disguise his IP, leads me to two(2) conclusions:

Either

A) He's an idiot who didn't bother/doesn't know how to disguise his IP and correctly guessed the log-in information (maybe they were friends and it was his friends old login info on another server or a password he "uses for everything".)

or

B.) He's an idiot who didn't bother/doesn't know how to disguise his IP and keylogged the admin. (And in this case, it'd be the admin's fault.)

Just my 2 cents.

Lost~Dreams · Sep 22, 2009, 03:32 PM

Quote from: Catalyst on Sep 22, 2009, 03:27 PM
I would also like to point out that if he did indeed intend on "hacking", he HOPEFULLY would've been smarter than to just sit there with his home IP. Go to a library, chainlink proxies, and THEN go and attempt access would be more of a "hacking" attempt.

That fact that he had the access and didn't bother to disguise his IP, leads me to two(2) conclusions:

Either

A) He's an idiot who didn't bother/doesn't know how to disguise his IP and correctly guessed the log-in information (maybe they were friends and it was his friends old login info on another server or a password he "uses for everything".)

or

B.) He's an idiot who didn't bother/doesn't know how to disguise his IP and keylogged the admin. (And in this case, it'd be the admin's fault.)

Just my 2 cents.

He was in an internet cafe

Where = Yorkshire

Internet cafe = Magabyte-Cybercafe