Got Hacked? - Help/Protection on battle.net
Got Hacked?
SECTION 1: How to get your account back if you ARE hacked:
(written by HipHopHobo)
If your account gets stolen here is some steps you will need to take.
1.Scan your computer with a virus scanner. Norton(because it sucks ass) will not
work. You can get an online virus scanner here 1.
http://housecall.antivirus.com/
2. Remove any found viruses.
After you have done that call blizzard. Yes call the blizzard offices and they
will reset your password (as in they will create a randomly generated one and
change it to that) You will get your account back but you may not get the items
back.
Blizzard’s number:
1-949-955-1382
Password support page and form:
http://www.blizzard.com/support/?id=adt0410p
http://www.blizzard.com/support/?id=epassword000
Now you can just use the account recovery system that was recently added in but
this info is here if you never got around to registering.
SECTION 2: How to not get hacked:
(written by kennyj)
1. Do NOT download any hacking programs.
You never know what is included with them, or even if they will do what they
advertise (which they usually don't.)
If you want maphack, go here:
http://forward.to/mousepad
Bots, the best and safest place is here:
http://www.d2jsp.org
I'd rather just give you the right place to look than have you look in the wrong
place...
Note that neither of these will do anything that's really "hacking," Maphack
just gives you information that the game normally doesn't, while D2JSP is a
framework for bots and scripts (the popular ones are usually safe.) If you want
real hacking utilities, you're asking for trouble.
2. Keep an antivirus installed and updated.
I recommend the lastest version of Norton; its great because it'll always allow
you to update it. Once a week is a good idea.
Avast! is also a nice personal antivirus that has come into its own since I
wrote the above. A few false alarms may show up on occasion, but it's also
picked up a few things that Norton and McAfee glossed over. Overall, it's a very
nice little utility and you can't beat the price of $0.
3. Get a firewall.
A - If you have broadband, you may have considered a home broadband
router/gateway. These are the simplest firewalls, so to speak, as their very
nature will stop most incoming attacks such as port scans, trojan probes, et al.
If you have one or are planning to get one, it'll provide decent security for
your purposes. They ARE the most limited type of firewall as well, more on the
limitations of there and other firewalls below.
B - If you have broadband or a home network, see about getting a real firewall
set up between your computer and the outside world to protect you. There are
appliance (also known as hardware) firewalls that can be purchased to do the
job, or you can make a firewall from a computer (anything from a Pentium or K6
and faster will suffice, and it'll need to have two network cards - one for the
connection to the outside world and one that connects to your computer or
network.) There's information on this if you search at Google, basically you'll
want to install a product like Freesco, Smoothwall (recommended) or something
similar. Smoothwall will do a good job especially if you don't know what you're
doing with firewalls; if you do know what you're doing then you probably don't
need this guide. "TYPE=PICT;ALT="
It should be noted that a system like Smoothwall running on an old computer will
allow you to firewall a dialup connection as well, assuming your ISP is not AOL
and uses PPP connections (research this if you're not sure.)
C - Install a personal firewall. There are programs you can install on your
computer that will act as firewalls. They aren't as effective as a standalone
firewall from a security perspective, but they have the added advantage of being
able to control exactly what programs can and can't access the internet - this,
alone, can stop many hacks dead in their tracks (but not all.) There are two
good free firewalls for Windows, the first (for new users) is ZoneAlarm (search
for it) which is free but will mention it's commercial verson when you use it,
and Tiny Personal Firewall for those who know what they're doing with a
firewall. There are other firewalls that you can pay for like BlackICE (so
shitty I wouldn't use it if it were free) and Norton (not bad, but not worth
paying for. Last I heard, Zonealarm was more secure anyway.) If in doubt,
install Zonealarm or Tiny Personal Firewall which is (IMO) better than ZoneAlarm
because it is A. less bloated B. more stable and C. offers finer-grained
control. Although, the reverse can be said due to ZA's IDS feature (where it
bans access from IPs that attempt known cracks) but this isn't a big deal for
home users. Then again, in a corporate environment, I'd favor a well-configured
*nix firewall over ZoneAlarm Pro, at least at entry points. This aside, I have
found that TPF is more stable in some configurations, such as finnicky SMP
hardware, but most people here aren't likely to even see such a computer anytime
soon.
Bart-ware Personal Firewall includes some spam filtering in the free version
(though you're better off using the Bayesian filtering built into Thunderbird)
while Kerio's personal firewall is more fully-featured, comparing to ZoneAlarm.
This is as far as I am able to comment, as I have not tested either application.
It's worth pointing out that you can use multiple firewalls if you want. A
personal firewall will never hurt unless you're on a VERY slow computer (around
300mhz or so) and the ability to control program's internet access is a nice
thing to have. Excellent security when that's doubled up with a standalone
firewall or a broadband gateway.
Note on the limitations of broadband gateways: they are not all created equal;
it's a good idea to research them first to see how good the ones available at
your local computer store of choice (or internet store of choice) are. Those
that have features like actual firewall technology, and things like port
forwarding, are more desirable. Some approach the security of standalone
firewalls as well.
Of course, whatever route you take, make sure that you keep up to date on
software updates. Even hardware firewalls and appliance home broadband gateways
get updated, through firmware patches. No code is ever perfect, and these
updates make sure that the firewall will keep chugging along with as few
problems and as much security as possible. This is especially important for
software firewalls, and of course applies to any software you run on your
computer as well.
4. Use some common sense.
I once had a Database Management Systems teacher (also a hardened unix admin)
who told me, "You can make it idiotproof, and they'll build you a better idiot."
Don't blindly download and install anything - read up on it first. Make sure
that you know what's going onto your computer. Make sure you got it from the
right place (since anyone can take a program, put a virus in it, and then offer
it for download.) Don't go the sites that people spam in Diablo chat rooms (they
almost always are packed with trojans.) Don't listen to people that tell you to
download something to make or change an item (see well above.) Don't rely on
anything that you do to protect your computer to save it from the stupidity of
anyone that uses it. No firewall will stop a virus, no antivirus program will
catch every virus, and many hacker programs like keyloggers (which steal
passwords) and Diablo-specific hacking trojans will pass right by antivirus
programs since they're not really viruses in the first place. The measures I
outline here will protect you from random chance, but not against an outright
mistake. Watch what you're doing and exercise some common sense, and don't be
afraid to ask about something if you think it might cause any damage. I'd rather
field newbie questions about whether or not programs X Y and Z are safe than
field questions about how to get a stolen account back.
It should be noted that you can get a virus by simply accessing a web page when
your web browser has a security vulnerability. Bugs in a browser's rendering
engine can allow someone to take control of it by using the right Dirty Little
Tricks, which are usually very specific to a single browser and even specific
versions of said browser. Running the newest version of your browser of choice
helps. Not running Internet Explorer helps even more, as it has more known flaws
than every other modern browser combined (and likely will for the forseeable
future.) I highly recommend Mozilla Firefox, available at
http://www.mozilla.org/products/firefox as a fast, reliable browser that
actually gets updates and bug fixes on a regular basis.
Email clients work the same way. Always use the most up-to-date version
possible, and stay the hell away from Outlook and Outlook Express. Mozilla
Thunderbird, at
http://www.mozilla.org/products/thunderbird is a decent alternative.
And make sure that whoever else uses your computer isn't a moron, and if they
are, take a moment to teach them how NOT to screw it up. Supervise if necessary.
While I'm at it, if you're serious about protecting your computer, search Google
for information on how to secure and tweak whichever operating system you're
using. Disable programs that don't need to be running, keep an eye on what IS
running, close up what holes you can. Do keep in mind that Microsoft has one of
the worst reputations for security in the industry and that when they say
something is secure, it's cause for you to double-check that everything is
kosher. Apple is better but far from infallible, if you're on OS X then there's
almost certainly some room for improvement depending on how your computer is set
up. You probably don't need to be running Apache and ftpd on a home system,
after all.
To field a few questions and make a few comments:
Avast! is a nice personal antivirus that has come into its own since I wrote the
above. A few false alarms may show up on occasion, but it's also picked up a few
things that Norton and McAfee glossed over. Overall, it's a very nice little
utility and you can't beat the price of $0.
Tiny Personal Firewall is (IMO) better than ZoneAlarm because it is A. less
bloated B. more stable and C. offers finer-grained control. Although, the
reverse can be said due to ZA's IDS feature (where it bans access from IPs that
attempt known cracks) but this isn't a big deal for home users. Then again, in a
corporate environment, I'd favor a well-configured *nix firewall over ZoneAlarm
Pro, at least at entry points. This aside, I have found that TPF is more stable
in some configurations, such as finnicky SMP hardware, but most people here
aren't likely to even see such a computer anytime soon.
Now, it seems there are a few new players in the free personal firewall market.
I haven't tested these, but they look interesting:
www.kerio.com/kpf_download.html
www.bart-ware.net/fw2/
Bart-ware Personal Firewall includes some spam filtering in the free version
(though you're better off using the Bayesian filtering built into Thunderbird)
while Kerio's personal firewall is more fully-featured, comparing to ZoneAlarm.
This is as far as I am able to comment, as I have not tested either application.
If you want to learn about computers or hacking, STAY THE HELL AWAY from viruses
and cracking utilities. True hackers work by learning all they can about what
they use and what can be done with it. People that muck about with others'
computers are crackers; hackers are instead experts who, for better or for
worse, have an intimate knowledge of the most poorly-understood technology yet
created by man. In fact, if you act by using tools you don't understand, you
effectively get to wear the Script Kiddie label. As one would guess, the title
garners only disrespect and derision.
The right way to do it is to read all you can, and them start messing around
with things on your own equipment. Good sites to read are slashdot.org,
arstechnica.com, tomshardware.com, hardocp.com, and... hell, search Google for
tech news and reviews sites. They are often packed with good information, and
link to other sites.
The benefit of a dedicated appliance (hardware) firewall is that it is not
subject to the maladies of a personal computer. Personal software firewalls can
crash, can be compromised, can be worked around via severe security holes in an
operating system (albeit rarely,) can be deleted or otherwise imparied by a
virus or trojan, etc. It's running on something that isn't entirely reliable in
an attempt to make it less unreliable, and as such it is inherently less
reliable than a specialized, stand-alone computer built for the task.
You can get a virus by simply accessing a web page when your web browser has a
security vulnerability. Bugs in a browser's rendering engine can allow someone
to take control of it by using the right Dirty Little Tricks, which are usually
very specific to a single browser and even specific versions of said browser.
Running the newest version of your browser of choise helps. Not running Internet
Explorer helps even more, as it has more known flaws than every other modern
browser combined (and likely will for the forseeable future.) I highly recommend
Mozilla Firefox, available at
http://www.mozilla.org/products/firefox as a fast, reliable browser that
actually gets updates and bug fixes on a regular basis.
Email clients work the same way. Always use the most up-to-date version
possible, and stay the hell away from Outlook and Outlook Express. Mozilla
Thunderbird, at
http://www.mozilla.org/products/thunderbird is a decent alternative.
Now, the reason that Blizzard makes life so difficult for third-party
applications is simple: to keep everyone's gameplay as balanced and fair as
possible. That's the concept behind it, anyway. Bitch all you want about how
Maphack should be allowed, I'm not going to argue about it. I'd personally still
have D2JSP but I'm not paying for the priviledge of screwing with an outdated
game I've played the hell out of already. That BS aside, they actually can sniff
out Maphack and other programs but only when something happens that raises a red
flag, so to speak. Is it possible to make using Maphack impossible? Yes and no.
Certain measures can be taken to keep a particular executable from running, but
they are almost all either easily worked around, or impractical. The few methods
that could theoretically work, would also render the game unplayable due to a
performance hit. So, in short, you can get away with using certain third-party
hacks, as long as you don't do anything obvious.
It should be noted that Blizzard is more than capable of going after 3rd-party
programs that interfere with their software. It's very difficult to, say, go
after Maphack because they haven't really done anything blatantly illegal.
However, a google search for bnetd will reveal examples of a 3rd-party app they
DID send lawyers after. If they feel something is a threat to their business and
that they have a good chance of going after it, they are more than well-enough
equipped to do so.
It should also be noted that as far as making people want to play the game more
goes, Blizzard only benefits when someone buys a new copy of DII. The miniscule
amount of revenue they might get off of banner ads in the chat portion of the
game doesn't come anywhere near the costs of maintaining a service that is free
to use for those who have paid a one-time fee. In a sense, the more you play a
copy of DII after it's purchased, the less money Blizzard has made off of said
copy. It is, in all seriousness, about maintaining the integrity of the gameplay
and the integrity of their network. I'm sure we can all remember the occasions
when rampant use of widespread Pindlebots combined with a widespread unpatched
dupe hack caused new game creation waiting lists to reach five figures... they
want to avoid that crap, and with good reason. It pisses everyone off, and it
sucks down their (not free) bandwidth.
I'd like to add a few more recommendations as well:
1. Download and install Spybot. Does a great job of finding and stopping all
kinds of crap that antivirus programs don't bother with. It's well worth it, if
only for the option to monitor for attempts to make crap run at Windows
start-up.
2. Windows Update is your friend.
3. Never connect Windows to the internet unless it's behind some kind of
firewall, not today. Way too many worms, especially for 2000 and XP.
4. Research how you can get rid of unneeded services running on Windows 2000 and
XP. There's a few (at least) on every new installation that you can afford to
turn off.
5. Learn to type, god ****ing damnit. u is a letter, you is a word. Excessive
capital letters hurt the eyes. And please, for the love of all that is good and
just, don't accuse anyone whose opinion differs from yours of being a noob. It's
a good way to get your ass made a fool of.
Mods, please feel free to edit the original post to your liking in order to
include any relevant information from here or elsewhere. In retrospect I think I
did a halfway-decent job on my little guide considering it was something I threw
together in half an hour for shits and grins, but it's a wee bit dated now and I
don't think of it as being complete in any sense of the word.
|
|
