How to NOT get hacked & how to get your account back when you are

Discussion in 'Maps, Patches, and Mod Archives' started by Guru, Jun 13, 2003.

Thread Status:
Not open for further replies.
  1. Guru

    Guru Premium Member

    Joined:
    Dec 5, 2002
    Messages:
    4,530
    Likes received:
    0
    Trophy points:
    0
    From:
    North Carolina
    UPDATED: 9/11/04

    (All I am doing is combining the two sitckeys to take up less threads/space.)

    http://www.battleforums.com/showthread.php?s=&threadid=11107
    http://www.battleforums.com/showthread.php?s=&threadid=410


    SECTION 1: How to get your account back if you ARE hacked:

    (written by HipHopHobo)

    If your account gets stolen here is some steps you will need to take.

    1.Scan your computer with a virus scanner. Norton(because it sucks ass) will not work. You can get an online virus scanner here 1. http://housecall.antivirus.com/

    2. Remove any found viruses.

    After you have done that call blizzard. Yes call the blizzard offices and they will reset your password (as in they will create a randomly generated one and change it to that) You will get your account back but you may not get the items back.

    Blizzard’s number:
    1-949-955-1382

    Password support page and form:

    http://www.blizzard.com/support/?id=adt0410p

    http://www.blizzard.com/support/?id=epassword000

    Now you can just use the account recovery system, but I will leave the 09 information in here in case you never got around to registering.
     
  2. Guru

    Guru Premium Member

    Joined:
    Dec 5, 2002
    Messages:
    4,530
    Likes received:
    0
    Trophy points:
    0
    From:
    North Carolina
    SECTION 2: How to not get hacked:

    (written by kennyj)


    1. Do NOT download any hacking programs.

    You never know what is included with them, or even if they will do what they advertise (which they usually don't.) See the Common Myths and Misconceptions thread, here: http://new.battleforums.com/showthr...&threadid=10122
    If you want maphack, go here: http://forward.to/mousepad
    Bots, the best and safest place is here: http://www.d2jsp.org

    I'd rather just give you the right place to look than have you look in the wrong place...

    Note that neither of these will do anything that's really "hacking," Maphack just gives you information that the game normally doesn't, while D2JSP is a framework for bots and scripts (the popular ones are usually safe.) If you want real hacking utilities, you're asking for trouble.

    2. Keep an antivirus installed and updated.
    I recommend the lastest version of Norton; its great because it'll always allow you to update it. Once a week is a good idea.

    Avast! is also a nice personal antivirus that has come into its own since I wrote the above. A few false alarms may show up on occasion, but it's also picked up a few things that Norton and McAfee glossed over. Overall, it's a very nice little utility and you can't beat the price of $0.

    3. Get a firewall.
    A - If you have broadband, you may have considered a home broadband router/gateway. These are the simplest firewalls, so to speak, as their very nature will stop most incoming attacks such as port scans, trojan probes, et al. If you have one or are planning to get one, it'll provide decent security for your purposes. They ARE the most limited type of firewall as well, more on the limitations of there and other firewalls below.
    B - If you have broadband or a home network, see about getting a real firewall set up between your computer and the outside world to protect you. There are appliance (also known as hardware) firewalls that can be purchased to do the job, or you can make a firewall from a computer (anything from a Pentium or K6 and faster will suffice, and it'll need to have two network cards - one for the connection to the outside world and one that connects to your computer or network.) There's information on this if you search at Google, basically you'll want to install a product like Freesco, Smoothwall (recommended) or something similar. Smoothwall will do a good job especially if you don't know what you're doing with firewalls; if you do know what you're doing then you probably don't need this guide. "TYPE=PICT;ALT="

    It should be noted that a system like Smoothwall running on an old computer will allow you to firewall a dialup connection as well, assuming your ISP is not AOL and uses PPP connections (research this if you're not sure.)

    C - Install a personal firewall. There are programs you can install on your computer that will act as firewalls. They aren't as effective as a standalone firewall from a security perspective, but they have the added advantage of being able to control exactly what programs can and can't access the internet - this, alone, can stop many hacks dead in their tracks (but not all.) There are two good free firewalls for Windows, the first (for new users) is ZoneAlarm (search for it) which is free but will mention it's commercial verson when you use it, and Tiny Personal Firewall for those who know what they're doing with a firewall. There are other firewalls that you can pay for like BlackICE (so shitty I wouldn't use it if it were free) and Norton (not bad, but not worth paying for. Last I heard, Zonealarm was more secure anyway.) If in doubt, install Zonealarm or Tiny Personal Firewall which is (IMO) better than ZoneAlarm because it is A. less bloated B. more stable and C. offers finer-grained control. Although, the reverse can be said due to ZA's IDS feature (where it bans access from IPs that attempt known cracks) but this isn't a big deal for home users. Then again, in a corporate environment, I'd favor a well-configured *nix firewall over ZoneAlarm Pro, at least at entry points. This aside, I have found that TPF is more stable in some configurations, such as finnicky SMP hardware, but most people here aren't likely to even see such a computer anytime soon.

    Now, it also seems there are a few new players in the free personal firewall market. I haven't tested these, but they look interesting:

    www.kerio.com/kpf_download.html
    www.bart-ware.net/fw2/

    Bart-ware Personal Firewall includes some spam filtering in the free version (though you're better off using the Bayesian filtering built into Thunderbird) while Kerio's personal firewall is more fully-featured, comparing to ZoneAlarm. This is as far as I am able to comment, as I have not tested either application.


    It's worth pointing out that you can use multiple firewalls if you want. A personal firewall will never hurt unless you're on a VERY slow computer (around 300mhz or so) and the ability to control program's internet access is a nice thing to have. Excellent security when that's doubled up with a standalone firewall or a broadband gateway.

    Note on the limitations of broadband gateways: they are not all created equal; it's a good idea to research them first to see how good the ones available at your local computer store of choice (or internet store of choice) are. Those that have features like actual firewall technology, and things like port forwarding, are more desirable. Some approach the security of standalone firewalls as well.

    Of course, whatever route you take, make sure that you keep up to date on software updates. Even hardware firewalls and appliance home broadband gateways get updated, through firmware patches. No code is ever perfect, and these updates make sure that the firewall will keep chugging along with as few problems and as much security as possible. This is especially important for software firewalls, and of course applies to any software you run on your computer as well.

    4. Use some common sense.
    I once had a Database Management Systems teacher (also a hardened unix admin) who told me, "You can make it idiotproof, and they'll build you a better idiot." Don't blindly download and install anything - read up on it first. Make sure that you know what's going onto your computer. Make sure you got it from the right place (since anyone can take a program, put a virus in it, and then offer it for download.) Don't go the sites that people spam in Diablo chat rooms (they almost always are packed with trojans.) Don't listen to people that tell you to download something to make or change an item (see well above.) Don't rely on anything that you do to protect your computer to save it from the stupidity of anyone that uses it. No firewall will stop a virus, no antivirus program will catch every virus, and many hacker programs like keyloggers (which steal passwords) and Diablo-specific hacking trojans will pass right by antivirus programs since they're not really viruses in the first place. The measures I outline here will protect you from random chance, but not against an outright mistake. Watch what you're doing and exercise some common sense, and don't be afraid to ask about something if you think it might cause any damage. I'd rather field newbie questions about whether or not programs X Y and Z are safe than field questions about how to get a stolen account back.

    It should be noted that you can get a virus by simply accessing a web page when your web browser has a security vulnerability. Bugs in a browser's rendering engine can allow someone to take control of it by using the right Dirty Little Tricks, which are usually very specific to a single browser and even specific versions of said browser. Running the newest version of your browser of choise helps. Not running Internet Explorer helps even more, as it has more known flaws than every other modern browser combined (and likely will for the forseeable future.) I highly recommend Mozilla Firefox, available at http://www.mozilla.org/products/firefox as a fast, reliable browser that actually gets updates and bug fixes on a regular basis.

    Email clients work the same way. Always use the most up-to-date version possible, and stay the hell away from Outlook and Outlook Express. Mozilla Thunderbird, at http://www.mozilla.org/products/thunderbird is a decent alternative.


    And make sure that whoever else uses your computer isn't a moron, and if they are, take a moment to teach them how NOT to screw it up. Supervise if necessary.

    While I'm at it, if you're serious about protectiong your computer, search Google for information on how to secure and tweak whichever operating system you're using. Disable programs that don't need to be running, keep an eye on what IS running, close up what holes you can. Do keep in mind that Microsoft has one of the worst reputations for security in the industry and that when they say something is secure, it's cause for you to double-check that everything is kosher. Apple is better but far from infallible, if you're on OS X then there's almost certainly some room for improvement depending on how your computer is set up. You probably don't need to be running Apache and ftpd on a home system, after all.




    A special thanks goes to Kennyj and HipHopHobo
     
  3. kennyj

    kennyj Member!

    Joined:
    Jan 5, 2003
    Messages:
    42
    Likes received:
    0
    Trophy points:
    0
    Whoa... I can't believe that little spiel I wrote up way back when is still up.

    To field a few questions and make a few comments:

    Avast! is a nice personal antivirus that has come into its own since I wrote the above. A few false alarms may show up on occasion, but it's also picked up a few things that Norton and McAfee glossed over. Overall, it's a very nice little utility and you can't beat the price of $0.

    Tiny Personal Firewall is (IMO) better than ZoneAlarm because it is A. less bloated B. more stable and C. offers finer-grained control. Although, the reverse can be said due to ZA's IDS feature (where it bans access from IPs that attempt known cracks) but this isn't a big deal for home users. Then again, in a corporate environment, I'd favor a well-configured *nix firewall over ZoneAlarm Pro, at least at entry points. This aside, I have found that TPF is more stable in some configurations, such as finnicky SMP hardware, but most people here aren't likely to even see such a computer anytime soon.

    Now, it seems there are a few new players in the free personal firewall market. I haven't tested these, but they look interesting:

    www.kerio.com/kpf_download.html
    www.bart-ware.net/fw2/

    Bart-ware Personal Firewall includes some spam filtering in the free version (though you're better off using the Bayesian filtering built into Thunderbird) while Kerio's personal firewall is more fully-featured, comparing to ZoneAlarm. This is as far as I am able to comment, as I have not tested either application.

    If you want to learn about computers or hacking, STAY THE HELL AWAY from viruses and cracking utilities. True hackers work by learning all they can about what they use and what can be done with it. People that muck about with others' computers are crackers; hackers are instead experts who, for better or for worse, have an intimate knowledge of the most poorly-understood technology yet created by man. In fact, if you act by using tools you don't understand, you effectively get to wear the Script Kiddie label. As one would guess, the title garners only disrespect and derision.

    The right way to do it is to read all you can, and them start messing around with things on your own equipment. Good sites to read are slashdot.org, arstechnica.com, tomshardware.com, hardocp.com, and... hell, search Google for tech news and reviews sites. They are often packed with good information, and link to other sites.

    The benefit of a dedicated appliance (hardware) firewall is that it is not subject to the maladies of a personal computer. Personal software firewalls can crash, can be compromised, can be worked around via severe security holes in an operating system (albeit rarely,) can be deleted or otherwise imparied by a virus or trojan, etc. It's running on something that isn't entirely reliable in an attempt to make it less unreliable, and as such it is inherently less reliable than a specialized, stand-alone computer built for the task.

    You can get a virus by simply accessing a web page when your web browser has a security vulnerability. Bugs in a browser's rendering engine can allow someone to take control of it by using the right Dirty Little Tricks, which are usually very specific to a single browser and even specific versions of said browser. Running the newest version of your browser of choise helps. Not running Internet Explorer helps even more, as it has more known flaws than every other modern browser combined (and likely will for the forseeable future.) I highly recommend Mozilla Firefox, available at http://www.mozilla.org/products/firefox as a fast, reliable browser that actually gets updates and bug fixes on a regular basis.

    Email clients work the same way. Always use the most up-to-date version possible, and stay the hell away from Outlook and Outlook Express. Mozilla Thunderbird, at http://www.mozilla.org/products/thunderbird is a decent alternative.

    Now, the reason that Blizzard makes life so difficult for third-party applications is simple: to keep everyone's gameplay as balanced and fair as possible. That's the concept behind it, anyway. Bitch all you want about how Maphack should be allowed, I'm not going to argue about it. I'd personally still have D2JSP but I'm not paying for the priviledge of screwing with an outdated game I've played the hell out of already. That BS aside, they actually can sniff out Maphack and other programs but only when something happens that raises a red flag, so to speak. Is it possible to make using Maphack impossible? Yes and no. Certain measures can be taken to keep a particular executable from running, but they are almost all either easily worked around, or impractical. The few methods that could theoretically work, would also render the game unplayable due to a performance hit. So, in short, you can get away with using certain third-party hacks, as long as you don't do anything obvious.

    It should be noted that Blizzard is more than capable of going after 3rd-party programs that interfere with their software. It's very difficult to, say, go after Maphack because they haven't really done anything blatantly illegal. However, a google search for bnetd will reveal examples of a 3rd-party app they DID send lawyers after. If they feel something is a threat to their business and that they have a good chance of going after it, they are more than well-enough equipped to do so.

    It should also be noted that as far as making people want to play the game more goes, Blizzard only benefits when someone buys a new copy of DII. The miniscule amount of revenue they might get off of banner ads in the chat portion of the game doesn't come anywhere near the costs of maintaining a service that is free to use for those who have paid a one-time fee. In a sense, the more you play a copy of DII after it's purchased, the less money Blizzard has made off of said copy. It is, in all seriousness, about maintaining the integrity of the gameplay and the integrity of their network. I'm sure we can all remember the occasions when rampant use of widespread Pindlebots combined with a widespread unpatched dupe hack caused new game creation waiting lists to reach five figures... they want to avoid that crap, and with good reason. It pisses everyone off, and it sucks down their (not free) bandwidth.

    I'd like to add a few more recommendations as well:

    1. Download and install Spybot. Does a great job of finding and stopping all kinds of crap that antivirus programs don't bother with. It's well worth it, if only for the option to monitor for attempts to make crap run at Windows start-up.

    2. Windows Update is your friend.

    3. Never connect Windows to the internet unless it's behind some kind of firewall, not today. Way too many worms, especially for 2000 and XP.

    4. Research how you can get rid of unneeded services running on Windows 2000 and XP. There's a few (at least) on every new installation that you can afford to turn off.

    5. Learn to type, god ****ing damnit. u is a letter, you is a word. Excessive capital letters hurt the eyes. And please, for the love of all that is good and just, don't accuse anyone whose opinion differs from yours of being a noob. It's a good way to get your ass made a fool of.

    Mods, please feel free to edit the original post to your liking in order to include any relevant information from here or elsewhere. In retrospect I think I did a halfway-decent job on my little guide considering it was something I threw together in half an hour for shits and grins, but it's a wee bit dated now and I don't think of it as being complete in any sense of the word.
     
Thread Status:
Not open for further replies.