Announcement

**Vandroy** · 07-31-2003, 08:53 AM

I have had those reports 2. Not for long time though.

**M_M God** · 07-31-2003, 08:56 AM

Wtf has that to do with staff, like we are hacking you or something

**Nasir** · 07-31-2003, 09:29 AM

Maybe staff is working on something, dealing with hackers or maybe some in staff is abusing server ? or whatever. Staff has direct contact with Dock> and Priitk so they can find out whats going on.

**Verthanthi** · 07-31-2003, 10:04 AM

What program gave you that report?

**Dim** · 07-31-2003, 11:39 AM

Priitk's gone bad!

**Louis XV** · 07-31-2003, 02:08 PM

Two possibilities:

a) On the client side, ports above 1024 are randomly assigned for TCP/UDP connections or reception of datagrams. There are lots of trojans out there that use UDP on various ports above 1024. It may just be a coincidence that your computer was using a randomly assigned port for data transfers with the TW server that happens to be associated with a trojan.

You x'd out the local port and your firewall program doesn't specify what type of trojan it is. Can't tell you much more.

b) (less likely) PriitK is running a program on the computer that probes for trojan-infected clients. Not necessarily to exploit them, but to notify the user that he/she is infected? To make sure that staffers don't get their shit stolen. Dunno.

**Stabwound** · 07-31-2003, 02:15 PM

It was probably just shitty firewall software. When I had ZoneAlarm before it used to say that Kazaa was trying to send an email every time I started it.

**Ralex** · 07-31-2003, 09:28 PM

Your message doesn't mean that the Trench Wars server is trying to hack you lol, it simply means that when your Continuum client accessed the servers to play, it randomly picked the wrong port to play or something.

When your router and the remote server try to talk to each other, they must choose a random port on-the-fly so you may connect and thus enter the game. I guess it randomly picked port 5400 where trojan horses usually lie and then your computer (or whatever gave you the message) noticed this and gave you a warning just to be safe.

**Nasir** · 08-01-2003, 01:54 PM

Well, I just posted it to be make sure. You never know

**WiseCherub** · 08-02-2003, 12:25 AM

I got a friend of mine to investigate the continuum client.. at first he was concerned and thought that the client could act like a RAT (Remote Access Trojan).

But highly doubt PrittK would risk implement RAT code into the continuum client... since it would tarnish his reputation as a software developer... and also would be reported.

My friend checked/searched many security advisories... like places like... www.packetstorm.com and there was nothing...

As far as I know I trust that the Continuum client doesn't create a hole for some SMOD player to peek into my system.

Many people who are ignorant of the technical side of Internet Applications.... get extremely paranoid....

However if Prittk was evil... which I doubt he is... probably a nice guy.... it would be a cool way to get many many IP addresses and have access to everyones client side data.

But I highly doubt it.... don't worry...

Also if any software developer did this, it would be highly illegal and would come under the Computer Criminal Code.... they would pay highly... not just in fines or sentence, but with their reputation (which is not good).

Anyhow, my friend is a white hat hacker and started a local 2600 chapter in the Vancouver area back around 1995.. I trust his judgement that this Continuum client is safe. I feel ok about it...do you now?

**stark** · 08-03-2003, 12:00 AM

Originally posted by WiseCherub

However if Prittk was evil

i doubt many evil people spend hundreds of dollars/month of their own money running a server for a free game

**WiseCherub** · 08-07-2003, 02:30 PM

I did not say Prittk was evil.... just what if....

As for a motive... if someone did pay hundreds/thousands, they might wana get something out of it.

On other places on the internet, information is worth money to marketers....

SubSpace has a young crowd, so there is market potential to advertise or collect emails..etc..

Not saying the above is true, just a possibility.

So I re-state, I did not judge Prittk.... and don't think he would do this.. just saying there is a possibility... cause us humans always have something up our sleaves..heh..

**Mr. Spam** · 08-07-2003, 05:53 PM

Just looks like your firewall software is freaking out because it sees traffic on port 5400 (the port that TW uses, it's not random).

No big deal your firewall software must know of a trojan that uses the same port, but since the traffic is coming from server.trenchwars.org you have nothing to fear.. you should be able to add that hostname or port 5400 to an authorized list so it won't bother you anymore.

For those of you who are unaware PriitK removed all the original backdoors that VIE themselves built into the subgame server and subspace client a long time ago... they had some vicious stuff in there (basically gave a sysop full access to your PC). But that was all removed by PriitK himself when he took over subgame development. Your firewall software is just being paraniod as it sees data being transfered on a nonstandard port.

**Nasir** · 08-09-2003, 05:13 AM

probably yes, but I didnt have the problem before so was just checking. Though my threadname sounds childish

Announcement

WTF TW tries to hack me

WTF TW tries to hack me

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Channels