It is currently Sat Dec 16, 2017 12:57 am
Change font size

Staff Queries

Chargen Disabled & Security Issues

Official answers to official questions. Pose your questions for staff here. Careful! You cannot edit or delete your posts once you've asked your question!

Moderator: Elder Staff

Chargen Disabled & Security Issues

Postby Jeshin » Fri May 30, 2014 10:06 am

Hey,

Can we get some more information about the last part regarding malicious intent? Was the server compromised and passwords left accessible? Should we be changing our passwords or watching for annoying trying to access other accounts which might share it?
Jeshin
Elf Recruit
 
Posts: 219
Joined: Sun May 18, 2014 6:37 pm

Re: Chargen Disabled & Security Issues

Postby Icarus » Fri May 30, 2014 10:22 am

The server was not compromised, nor were any passwords compromised. All passwords are stored encrypted, so even if they were compromised, they would not be able to get any information from them.

No action needs to be taken on your part.

Adding, I'll post more regarding exactly what occurred.
[Petition: Player] I am ready to begin my interdimensional adventure.

A mutilated little orc murmurs, nodding as he mutters,
"I fought good today. Yuh. Fought good, 'specially for bein' the kitchen-snaga. Yuh, I did."
User avatar
Icarus
Staffer Emeritus
 
Posts: 2837
Joined: Tue Aug 20, 2013 6:45 pm

Re: Chargen Disabled & Security Issues

Postby Holmes » Fri May 30, 2014 10:27 am

Separate from the above, I'd suggest you use a different password for MUDs than you use for anywhere important.

Telnet is by nature an insecure protocol and whenever you log into any MUD you're sending your password over it.
User avatar
Holmes
Elf Recruit
 
Posts: 213
Joined: Fri Aug 23, 2013 3:22 pm

Re: Chargen Disabled & Security Issues

Postby Nimrod » Sat May 31, 2014 8:24 am

This wasn't an attack. It was an over-reaction to a couple of people trying to see what they could do on chargen. I'm very happy with how we responded. Better safe than sorry.

No passwords were hacked. I can't even hack your passwords and I have access to the server. They're all encrypted before saving in the db, so I can't read them without being able to crack the encryption, which I can't.

Nothing in the database was read by the pranksters either. All is safe.

I'll probably re-enable chargen tonight when I get home.
The greatest enemy to propaganda or even counter-propaganda is open, unadulterated channels of free opinion.
User avatar
Nimrod
Game Lead
 
Posts: 5425
Joined: Tue Aug 20, 2013 12:51 pm


Return to Staff Queries

Connect

FacebookTwitter

Login

Who is online

Very smart users browsing this forum: No registered users and 2 guests

Login