"Player" is somehow able to gain access to in game admin controls. Provider acknowledges this and is unable to identify offenders.
Description
Details
- Legacy ID
- 3112914114
- Severity
- None
- Resolution
- Fixed
- Reproducibility
- N/A
- Category
- Server
Event Timeline
That's good to hear :) I'll close the ticket for now then, and we'll take the information regarding the group in focus and see what we can come up with.
In case you encounter any further problems, please feel free to submit a new ticket.
Regards,
JStewart
Hello,
Have you already been in contact with your GSP regarding this issue?
Regards,
JStewart
Could you send a copy of your correspondence with your GSP to the following email address please: support@dayz.com?
Just in case they need the details on your server, could you list the server IPs/port numbers in here as well please?
I'll set the status to "private" so only you and I can see the info.
[=UN=/-ZaP-] DayZ Private Hive #1 192.210.238.84:2502
[=UN=/-ZaP-] DayZ Private Hive #2 192.3.53.50:2402
Thanks for the help
To add.
When the first signs of this occurred (a player using global) I took a screen shot of the player list. 8 or so were on and when it happened again (global and restarts), the admins on the UN took screen caps too. We've since cross referenced both and banned two players (who were on during both cases) and listed the reason GameHack#404. We only ban with evidence, but saw little option here and await an appeal from either of the two players.
Really appreciate your help and wonder if there is a more direct location where info can be exchanged in real time. Like an official TS or some kind of chat?
Found many occasions as of late where emails with providers and such leave us in a state of unknown. It's good to communicate live in these cases.
Which brings me to a recent concern. Is it possible for individuals to create/alter their GUID's? Tweeted Hicks and Eugene, but dont wanna give too much info out over that app.
Encountered this
Steam ID: 76561198009910033
GUID: bdcc1a67535b6fc558650867fb84dead
We had two people looking into a hacker report. One via steam, and one via DaRT. Found them to be linked to the same person. He/she is also in a hacker group, Lizard Squad...
Does any of that info standout to you or staff? Or have the constant DDoS/Skiddie attacks left me paranoid?
Unfortunately, we don't have a portal for communicating real time.
Regarding your concern on users being able to create/alter their GUID's; no, you can rest easy. It is not possible to change your Steam ID and thus your GUID.
We'll be happy to have a look at the player account that you submitted info for. Also, in this case I don't think that you should feel like "looking over your shoulder" constantly :) If the player is in fact affiliated with that group, it is most likely just coincidental that the person has stumbled upon your particular server.
Just a heads up. The investigation is still ongoing. Have you encountered the same issue recently?
Thanks for the update and all your efforts. We haven't experienced anything quite like that global/admin tool take over, in part due to the fact that we've embraced the whitelist approach.
We did however have a run in with those who have made personal attacks on our servers in the past. One of our members ran into them on CSGO where out of the blue they openly admit to DDoSing our servers. We have it all recorded along with the individual's profile + the group he's affiliated, which is riddled with players that have VAC bans and I believe to be responsible for many attacks on servers (DDos attacks/hacking). I had the member of my community with the evidence package that and the providers response to the attack. He's not currently on atm, but I will include that here as well once he gets on.
Can't tell you how happy it makes players in my community and across the board seeing you guys taking out the trash. So thank you and keep doing what you guys are doing!
Here's the info from our provider, regarding the attack.
Matthew Carey || Staff
Clint,
The server should be back online. I'm able to access RDP remotely now.
After looking into there have been periodic attacks being sent to 192.187.125.122. At the moment the largest to come in was 8.5gbps/2,500,000 PPS.
If the attacks continue to come in the IP may be null routed for up to 24 hours.
If you have any other questions or concerns do not hesitate to let us know.
Matthew Carey
Vilayer LTD
www.vilayer.com
Video of them later bringing it up/admitting to it, in a random CSGO match.
https://www.youtube.com/watch?v=Cxh4bWjz-R0
Twitch recording included in the video description.
Here's his steam: http://steamcommunity.com//id/BadNewsEthan
And the groups that we believe to be behind the attacks (global coms and DDoS)
http://steamcommunity.com/groups/EcstasyServers
http://steamcommunity.com/groups/Ecstasygamingcom
Known affiliates who were originally banned and we believe the attacks were a response.
http://steamcommunity.com/id/mcgee007
http://steamcommunity.com/id/mewmew108
http://steamcommunity.com/id/mox09
http://steamcommunity.com/profiles/76561198116780035
http://steamcommunity.com/id/_Iceman2213_
I know this is a lot of info and I'm sure you guys are super busy. Just hope you can do something with it and perhaps put a stop to these assholes.
Thanks again