[Help]Hacker protection

LoRDCaRLoS · Post by **LoRDCaRLoS** » Fri May 11, 2012 3:33 am

If you want to receive support we need this info to help you properly.
» Find Revision
L2J Revision Number:4497
L2JDP Revision Number:7780

how can i protect mi server from hackers.
my database has a password.
but hackers edit items, write gm messages, and create gm chars whit out the gm accesslevel

LasTravel · Post by **LasTravel** » Fri May 11, 2012 3:36 am

Close your server.

Or, your website probably sucks and have any way to acces your bd.

badboy29 · Post by **badboy29** » Fri May 11, 2012 3:43 am

LoRDCaRLoS wrote:If you want to receive support we need this info to help you properly.
» Find Revision
L2J Revision Number:4497
L2JDP Revision Number:7780

how can i protect mi server from hackers.
my database has a password.
but hackers edit items, write gm messages, and create gm chars whit out the gm accesslevel

With some brute force attack is possible break passwords and your server will be fucked

I recommend you set strong password, database permissions properly and will be fine

Starter · Post by **Starter** » Fri May 11, 2012 7:24 pm

Don't use "root" as username and maybe not "1234" as password..

And besides that forbid remote mysql database usage..

Micr0 · Post by **Micr0** » Sat May 12, 2012 8:27 pm

change you User name on mysql a program mysql brute need only ip / user name to decode you password you use default user name "Root" and verry easy to decode you password "Don't Use >Root< User Name"

Post by **Szponiasty** » Sat May 12, 2012 11:17 pm

Limit network access to database server, to be allowed only by your homepage server and your home PC. You can do that within MySQL table "user" (database mysql). Additionally add firewall rules to block all incomming connections on port 3306 (except for connections from your home page server IP, game/login server IP, and eg. your home PC IP). Also check your homepage code for eg. mysql injection vulnerability (thats probably most likely the source of "hacks")

Starter · Post by **Starter** » Sat May 12, 2012 11:34 pm

Szponiasty wrote:Limit network access to database server, to be allowed only by your homepage server and your home PC. You can do that within MySQL table "user" (database mysql). Additionally add firewall rules to block all incomming connections on port 3306 (except for connections from your home page server IP, game/login server IP, and eg. your home PC IP). Also check your homepage code for eg. mysql injection vulnerability (thats probably most likely the source of "hacks")

Personally I wouldn't graduate the most guys that high as the most guys try the simplest things ever and that is bruteforcing.

Post by **Szponiasty** » Sun May 13, 2012 9:04 am

Bruteforcing is of no use, when server actively rejects network connections from IP's out of "allowed" list

Post by **Zoey76** » Sun May 13, 2012 3:17 pm

Szponiasty wrote:Bruteforcing is of no use, when server actively rejects network connections from IP's out of "allowed" list

Agreed, but Starter meant that "15yo hackers" try the simplest way, like bruteforce

L2J Server

[Help]Hacker protection

[Help]Hacker protection

Re: [Help]Hacker protection

Re: [Help]Hacker protection

Re: [Help]Hacker protection

Re: [Help]Hacker protection

Re: [Help]Hacker protection

Re: [Help]Hacker protection

Re: [Help]Hacker protection

Re: [Help]Hacker protection