Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 32

Idea to make Hacking Impossible

This is a discussion on Idea to make Hacking Impossible within the General Chat forums, part of the Knight Online (ko4life.com) category; I'm just trying to get aproval before I go put it on the main website. I :wub: you all, that's ...
Page: 2


  1. #16
    Road
    Guest

    Default

    I'm just trying to get aproval before I go put it on the main website. I :wub: you all, that's why I post Idea's to bring this community together.

    Btw Devile your Idea's are good too, but K2 has not been know in the past for professionalism; otherwise, their business grade would be higer than C. :lol:

  2. #17
    Senior Member Private's Avatar
    Join Date
    Mar 2006
    Location
    Michigan
    Posts
    3,342

    Default

    Shouldn't need anything to change password ko's security system should be based on account recovery system simliar to runescape infact all aspects of usko customer support security gms etcetc should be similiar to runescape

    runescape i think most well managed game

  3. #18
    priestish
    Guest

    Default

    I agree with devile, k2 should really get proffessional to look over their secuirty. I am sure anyone who has taken database would know SQL injection. Infact sql injection has been know for over 6 years. It is perhaps one of the first think coders look for.

  4. #19
    flamthrow
    Guest

    Default

    that db hacking is a myth is some serious crap they did hack the database and if not wtf is that?

  5. #20
    ViSeH
    Guest

    Default

    Rofl flame check the name Hercules0rc not orc it has a zero on it it's fake they just want to steal your account as anyone that isn't insane would know! Your not drunk are you -_-

  6. #21
    flamthrow
    Guest

    Default

    i know its a fake but look where the fack they got too... why you think i hod the "code" so that noone here even has the possibility to be dumb enough the log into that site... btw that was yesterday

  7. #22
    mentalstamina
    Guest

    Default

    put a 4digits pw to access inn hostess like RYL this will save some items anyway ( does not work with db hack off course )

  8. #23
    gtaguy
    Guest

    Default

    i have an idea that actually came from another game that i used to play (mu online)

    in the game your inn could have a password on it so every time u opened your inn u had a 7digit password that u had and was done ingame that u had to type in

    this would really help the hacking situation because b4 u log off you can just put your items in your inn and know that as long as your the only one who knows the password your items are safe

    of course this doesnt save you from being delvled and stuff >_<

  9. #24
    __countess__
    Guest

    Default

    What needs to be done is so simple, yet they don't do it.

    First of all, make their db server listen only on localhost. And since i'm pretty sure they use MySQL(yea i know ) i'll just post a one line solution for that.

    Edit your config file for MySQL, and add or edit this line:

    bind-address = 127.0.0.1 <-- make it look like this, restart db daemon, it's easy.

    Add rules to your firewall that deny every single connection from a remote host to your database server. So the database server will only be available from your local subnet(s). I'd really like to see how they're gonna SQL Inject now.

    Create a new db on a new box, use that for your totally insecure forums. Who cares if his forum account gets hacked.

    You wanna change the topology of your network? Even better... you could just add a couple of tiers so you can give the hackers a hard time. You can add a back-end tier(be-net), here goes the db-server/app-server etc. Then you can add a front-end tier(fe-net), here goes any load-balancing software you might have, your firewall(s), etc. and then you can add your i-net tier, here goes all the services/daemons etc that remote users should have access too. Of course i-net can only communicate with fe-net and fe-net can communicate with be-net. Since only fe-net can communicate with be-net, make sure your fe-net is as secure as it can be allowing only access to specific ips(local ips) and ports. And of course, on the be-net, deny all access except any requests that are coming from fe-net.

    Finally, you want to manually access the db server? Add an Enigma Card authentication system, the system gives you a token everytime you wanna login, you put that on your enigma card, it generates a one-time password everytime and you login with that. To do that of course, you might wanna consider migrating from Win 2k3 to a Unix-(like) OS.

    These are the most common security measures that most companies with on-line services use. And no it's not that expensive :-/

  10. #25
    h4x0r Admin Devile's Avatar
    Join Date
    Mar 2006
    Posts
    2,554

    Default

    1. Is not MySQL, is MSSQL.
    2. Access DB locally for 238474982374982 users? Not even with a Superdome HP9000 (32 CPUs and 256GB RAM) will handle that heavy load all in 1 computer. U need remote access so game servers can be in different boxes and query the DB. Obviously all in a secure LAN.
    3. Topology is like that. 3 layers more or less.

    They just need to recode that web and prolly add an IDS. The rest is professional staff to handle all that infrastructure and provide efficient solutions to all problems.

  11. #26
    OneShot
    Guest

    Default

    Devile, why don't u start doing some consultant @ k2? Probably the game would get better and not being rotulated like "USKO were the official language is turkish with dupe methods, at least 3 hack programs running - 2 of them pyed" like i read a thew minutes ago at a mmporg forum...

  12. #27
    WARP
    Guest

    Default

    he did when diez was fine, but a corrupt retard fucked him.

  13. #28
    h4x0r Admin Devile's Avatar
    Join Date
    Mar 2006
    Posts
    2,554

    Default

    Originally posted by OneShot
    Devile, why don't u start doing some consultant @ k2? Probably the game would get better and not being rotulated like "USKO were the official language is turkish with dupe methods, at least 3 hack programs running - 2 of them pyed" like i read a thew minutes ago at a mmporg forum...
    I'm "blacklisted" there as a corrupt GM, eventho "off the record" they know i did nothing wrong. Anyway, I still have some contacts and every now and then i pm them but its up to them if they hear me or not. I can't push it.

  14. #29
    __countess__
    Guest

    Default

    Originally posted by Devile
    1. Is not MySQL, is MSSQL.
    2. Access DB locally for 238474982374982 users? Not even with a Superdome HP9000 (32 CPUs and 256GB RAM) will handle that heavy load all in 1 computer. U need remote access so game servers can be in different boxes and query the DB.
    By locally i mean from hosts on the same subnet. By altering this line you just refuse remote connections to the database. All the applications on the servers on the same subnet that has access to the specific database will keep working

  15. #30
    Senior Member festo's Avatar
    Join Date
    Mar 2006
    Location
    England
    Posts
    2,820

    Default

    Originally posted by Devile+--><div class='quotetop'>QUOTE(Devile)</div>
    <!--QuoteBegin-OneShot
    Devile, why don't u start doing some consultant @ k2? Probably the game would get better and not being rotulated like "USKO were the official language is turkish with dupe methods, at least 3 hack programs running - 2 of them pyed" like i read a thew minutes ago at a mmporg forum...
    I'm "blacklisted" there as a corrupt GM, eventho "off the record" they know i did nothing wrong. Anyway, I still have some contacts and every now and then i pm them but its up to them if they hear me or not. I can't push it.[/b]
    YOU CORRUPT BASTARD! btw ian is back in the KO section ^_^

Page 2 of 3 FirstFirst 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •