open All Channels
seplocked EVE General Discussion
blankseplocked CCP is preemptively banning accounts based on IP addresses
 
This thread is older than 90 days and has been locked due to inactivity.


 
Pages: 1 [2] 3

Author Topic

Jeddak Tarkas
Kinetic Cartel
Posted - 2010.01.19 14:36:00 - [31]
 

What I dont get is why CCP wont support the use of RSA securID tokens as some other MMO's do. You could easily set one up per customer so they can use it on more than one account if they have them. The seperate accounts can all still have different passwords and usernames as the securID is just an additional step before you can log in any account it is protecting.

I am sure many people would be happy to pay a small fee for the tokens if it means greater security for their accounts I know I would.

Bal'Ayle
Minmatar
Exodia Industries
Posted - 2010.01.19 14:58:00 - [32]
 

yeah i would happily spend money on some form of fob verifier similar to what blizzard do for WOW, and i think CCP are genius's for thinking this up, it protects your PC from base line hackers, sure a competent hacker or thief would use a proxy address but that is a select few who are interested in profit, really profit, for the run of the mill account thief this will crimp his style and nail him to the proverbial cross of his IP address

and be honest CCP have some of the fastest response time on account support of any MMO [[based on section and severity of issue]] and im sure if your account was banned for any prolonged period of time, providing you were polite im sure as a gesture of goodwill they will probably give you back the days you lost.

remember you don't have to have an account to make a ticket =]

Furb Killer
Gallente
Posted - 2010.01.19 15:04:00 - [33]
 

Waiting a month with a pre-emptively banned account is fast compared to others? They must really suck.

I dont think in the end that many people would be interested in a key generator dongle thingie, especially when we add CCPs shipping rates.

Jeddak Tarkas
Kinetic Cartel
Posted - 2010.01.19 15:42:00 - [34]
 

Originally by: Furb Killer

I dont think in the end that many people would be interested in a key generator dongle thingie, especially when we add CCPs shipping rates.


There is no need for a hardware token anymore you can setup software tokens on a mobile phone or PDA now.

Details here


Rodj Blake
Amarr
PIE Inc.
Posted - 2010.01.19 15:42:00 - [35]
 

Originally by: Wacktopia
Edited by: Wacktopia on 19/01/2010 12:31:20
Edited by: Wacktopia on 19/01/2010 12:30:29
Edited by: Wacktopia on 19/01/2010 12:29:58
Originally by: Obeih
can you say ranges again? it makes me hot...


You're cute. I like you.

Personally, I think the following would work well and could exist as an optional security setting.

1. When connecting to EVE from an IP address that has not been used on your character yet you see a message saying "you need to authenticate IP xxx.xxx.xxx.xxx".

2. An email will be sent to your registered email address (or SMS mobile phone) with either a link or a short confirmation code.

3. You enter the code in the EVE client and the IP is added to your 'safe' list.

4. In EVE a/c management there is a list of accepted IP's with a 'remove' option (but no add option, to prevent a would-be hacker from simple manually adding their ip).

This system would satisfy those with one or more fixed IP addresses; those with dynamically-assigned home broadband IP addresses; and those who use internet cafes.

TADAAAAHHH!! :)

Edit: Note the key addition here is to use a third part system, such as email or sms, to authenticate. So having a players username and password (ergo a/c management access at present) is not enough on it's own to enter the game from a new IP.

Also, the list valid IPs in a/c management could be partly masked to deter a hacker from IP spoofing...

???.???.123.231 [x - delete]
???.???.9.21 [x - delete]



That would work quite well, unless the hacker has also used their keylogger to get into your email.

Anthal
The Warp Squad
Deadly Unknown
Posted - 2010.01.19 16:05:00 - [36]
 

Yes, most ISP's do use DHCP for their clients. However, the bigger ISP's now assign you an IP address based on your MAC address. Even if you unplug the device for weeks at a time, you'll usually get the same IP address once you reconnect everything. For those with ISP's that don't practice this, do you have a home router? Is it always on? If so, your IP address will likely never change. You actually have to go out of your way to get a new IP address these days.

That leaves a handful of options left.
-You or someone else on your local network are participating in some shady practices
-Your wireless network is wide open, or not locked down enough
-You, by chance, did get a new IP address recently, and got unlucky

If it is the latter, I'm sure dealing with eve's support staff can get all of this handled for you. I doubt that you would have grabbed the same IP as a hacker on the /16 or whatever your area is on, but it could happen!

For the record, I actually am a network engineer for an ISP. Most of what has been said in this thread is correct, or close to it.

Zartanic
Posted - 2010.01.19 16:10:00 - [37]
 

Edited by: Zartanic on 19/01/2010 16:10:47
Originally by: Rodj Blake
Originally by: Wacktopia
Edited by: Wacktopia on 19/01/2010 12:31:20
Edited by: Wacktopia on 19/01/2010 12:30:29
Edited by: Wacktopia on 19/01/2010 12:29:58
Originally by: Obeih
can you say ranges again? it makes me hot...


You're cute. I like you.

Personally, I think the following would work well and could exist as an optional security setting.

1. When connecting to EVE from an IP address that has not been used on your character yet you see a message saying "you need to authenticate IP xxx.xxx.xxx.xxx".

2. An email will be sent to your registered email address (or SMS mobile phone) with either a link or a short confirmation code.

3. You enter the code in the EVE client and the IP is added to your 'safe' list.

4. In EVE a/c management there is a list of accepted IP's with a 'remove' option (but no add option, to prevent a would-be hacker from simple manually adding their ip).

This system would satisfy those with one or more fixed IP addresses; those with dynamically-assigned home broadband IP addresses; and those who use internet cafes.

TADAAAAHHH!! :)

Edit: Note the key addition here is to use a third part system, such as email or sms, to authenticate. So having a players username and password (ergo a/c management access at present) is not enough on it's own to enter the game from a new IP.

Also, the list valid IPs in a/c management could be partly masked to deter a hacker from IP spoofing...

???.???.123.231 [x - delete]
???.???.9.21 [x - delete]



That would work quite well, unless the hacker has also used their keylogger to get into your email.


An issue is that some of those who are likely to get loggers are also slack enough to have the same names and PW's for email. When I was playing WOW I came across many friends hacked over the years. Most were not due to keyloggers but them using the same name and PW for every site they used, including the crappy ones which got hacked. And most of those also got their Emails compromised. A few also seemed to fall for the most obvious phishing mails, they simply could not grasp how they worked. The ones that got keyloggers always used Explorer, never heard of noscript and rarely if ever bothered to update.

The fact is nothing will stop some peoples ability to give away their personal details with the simplest of tricks. This means only a small percentage of those likely to be hacked will actually bother to buy and use a key fob or bother to use the IP option. It also means no matter what CCP do some people's incompetence will find a way to get round their efforts.

Trebor Notlimah
Lone Star EVE Group
Veni Vidi Vici Alliance
Posted - 2010.01.19 16:26:00 - [38]
 

Edited by: Trebor Notlimah on 19/01/2010 16:27:37

Well CCP created this environment. By banning the 50,000+ ISK farming accounts, they doubled/tripled the value of ISK from RMTs. Now with limited 'legitimate' ingame sources of ISK to sell at the now inflated price -- hacking accounts is more profitable as ever. And while there have some crafty little key loggers floating around, its much easier to hack someones e-mail than to implement a key logger.

Mag's
the united
Negative Ten.
Posted - 2010.01.19 16:39:00 - [39]
 

We need extra measures to be made an option, a hardware based authenticator for example.

Please mark this thread, if you agree.

Arkeladin
Posted - 2010.01.19 17:10:00 - [40]
 

Originally by: Wacktopia
Edited by: Wacktopia on 19/01/2010 11:02:15
Originally by: Sibane
I have one thing to say to you CCP:
ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?


Yes, that's right. Dynamic IP ranges mean that, as a consumer, you could end up with pretty much any IP number series in the entire world. I mean, dividing up IP addresses into ranges and allocating these ranges, and indeed sub-ranges, to organisations and individuals would be crazy. I'm sure that the end consumer IP range is the same as those ranges available to other internet uses.

CCP probably don't reference the equivalent of a DUL before banning an address in case it is dynamically assigned and frequent to change. Yeah, they probably don't do that.

Yeah, you're completely right and bang on the money. Gold star.


I SERIOUSLY hope you're being sarcastic here. If so, kudos, If not, learn2internet. And yes, I've run into people who'd actually believe thatugh

Van PokerAlho
Posted - 2010.01.20 11:30:00 - [41]
 

yes game should have an option to allow logins from different locations, that would solve many things as most people will connect from one or two places, house and work. My understanding about this issue is around 0 but this seems to be a good way to have a better security system.

Marko Riva
Posted - 2010.01.20 13:06:00 - [42]
 

I think there's a very good reason why the OP used some nameless alt to post this with, because it's ****.

Cobalt Sixty
Caldari
Perkone
Posted - 2010.01.21 01:11:00 - [43]
 

Originally by: Johnette Napolitano
You guys seem to give CCP a lot of leeway here, and yet this is the same company that overwrote the boot.ini file of peoples' computers in one of their patches.

I remember that day.

They said I was mad, MAD! - can you believe it? - for switching to Windows Vista! MUHUHAHAHA! Well I showed them ... mostly by sitting by myself in Ventrilo, wondering where everyone else had gone ...

Isurus Paucus
Posted - 2010.01.21 13:36:00 - [44]
 

Originally by: Caldari Citizen20090217

Even highly mobile clients would be able to use the system. Player attempts to connect from new location -> server promptly logs attempt and denies access. Player logs into acount management, looks at login attempt list, ticks "trust this IP" box, logs in again, success. OK so its clunky, but only needs doing once per location, and as you say should be optional.
This doesn't work since anyone who could potentially log into Eve can log into your account management as well. It would need to be some sort of extra authentication step that doesn't get used very often. ie some banks require an extra password to access certain areas inside of their online banking service.

The problem, of course, is that there's always a chance that if they got one part of your info, they got it all. Travelers would be particularly vulnerable since that extra password would be typed almost as often as the normal one.

In the end, I think password-based security has its realistic limit and we're pretty much at it. Adding an extra layer just wouldn't do much for the investment involved. It's cheaper just to fix end user mistakes than implement any extra measures.

Wacktopia
Sicarius.
Legion of The Damned.
Posted - 2010.01.21 13:40:00 - [45]
 

Originally by: Arkeladin
Originally by: Wacktopia
Edited by: Wacktopia on 19/01/2010 11:02:15
Originally by: Sibane
I have one thing to say to you CCP:
ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?


Yes, that's right. Dynamic IP ranges mean that, as a consumer, you could end up with pretty much any IP number series in the entire world. I mean, dividing up IP addresses into ranges and allocating these ranges, and indeed sub-ranges, to organisations and individuals would be crazy. I'm sure that the end consumer IP range is the same as those ranges available to other internet uses.

CCP probably don't reference the equivalent of a DUL before banning an address in case it is dynamically assigned and frequent to change. Yeah, they probably don't do that.

Yeah, you're completely right and bang on the money. Gold star.


I SERIOUSLY hope you're being sarcastic here. If so, kudos, If not, learn2internet. And yes, I've run into people who'd actually believe thatugh


Your sarcasm-sense serves you well, Lord Vadar.

Ripcha Headov
Enterprise Estonia
Northern Coalition.
Posted - 2010.01.21 13:45:00 - [46]
 

I for 1 am thankful for ccp monitoring hackers IPs and banning any account they log into. I would probably of lost msot my stuff if CCP hadn't done this.

Let the CCP unholy rage continue strong! Very Happy

Valnor D'Sylvae
Posted - 2010.01.21 14:00:00 - [47]
 

Now what about dynamic IPs huh? if i had to add every single IP i get assigned to into a Safe List i'd simply stop playing, most EU
countries that provide ADSL use dynamic IP adresses

seany1212
The Scowling Men
Posted - 2010.01.21 14:08:00 - [48]
 

Originally by: Wacktopia
Edited by: Wacktopia on 19/01/2010 12:31:20
Edited by: Wacktopia on 19/01/2010 12:30:29
Edited by: Wacktopia on 19/01/2010 12:29:58
Originally by: Obeih
can you say ranges again? it makes me hot...


You're cute. I like you.

Personally, I think the following would work well and could exist as an optional security setting.

1. When connecting to EVE from an IP address that has not been used on your character yet you see a message saying "you need to authenticate IP xxx.xxx.xxx.xxx".

2. An email will be sent to your registered email address (or SMS mobile phone) with either a link or a short confirmation code.

3. You enter the code in the EVE client and the IP is added to your 'safe' list.

4. In EVE a/c management there is a list of accepted IP's with a 'remove' option (but no add option, to prevent a would-be hacker from simple manually adding their ip).

This system would satisfy those with one or more fixed IP addresses; those with dynamically-assigned home broadband IP addresses; and those who use internet cafes.

TADAAAAHHH!! :)

Edit: Note the key addition here is to use a third part system, such as email or sms, to authenticate. So having a players username and password (ergo a/c management access at present) is not enough on it's own to enter the game from a new IP.

Also, the list valid IPs in a/c management could be partly masked to deter a hacker from IP spoofing...

???.???.123.231 [x - delete]
???.???.9.21 [x - delete]



I would rather not see this implemented, my ISP allocates new IP's everytime i connect so this would have to be done everyday and yes i am using a router but some people do not wish to waste energy by leaving it on for the rest of eves life.

Jckruz
Posted - 2010.01.21 14:08:00 - [49]
 

Being deployed to Afghanistan our local ISP uses a sattellite connection that's stepsite is in somewhere in eastern europe. WHen i first logged on to eve got insta banned. Contacted CCP and they had my accound unbanned in less then 30 minutes.

Not that big of a deal.

Don Knots
Gallente
In Bacon We Trust
Posted - 2010.01.21 14:12:00 - [50]
 

Originally by: Anthal
Yes, most ISP's do use DHCP for their clients. However, the bigger ISP's now assign you an IP address based on your MAC address. Even if you unplug the device for weeks at a time, you'll usually get the same IP address once you reconnect everything. For those with ISP's that don't practice this, do you have a home router? Is it always on? If so, your IP address will likely never change. You actually have to go out of your way to get a new IP address these days.


And here is the way to 'unblock' your blocked IP address from CCP.

All you do is re-MAC your firewall/router/NAT-PAT device, and a new IP comes down the pipe (you may have to place a phone call to reauth the MAC). Magic unban pill. For every 'security' procedure created, there is a way to get around it. Mice quickly become smarter than the mouse trap.

Kazang
Wrecking Shots
Posted - 2010.01.21 14:21:00 - [51]
 

Pro tip, don't play through public proxy's associated with or enabling illegal activity.


T'Amber
Garoun Investment Bank
Posted - 2010.01.21 14:28:00 - [52]
 

Originally by: Chribba


...Snip...

But I'm all for such an OPTIONAL ADDITION to the account, so anyone who wants to can lock down to ranges or even single IP's.


As per your suggestion this was brought to CSM4 and passed. Lets hope it goes further :)

-T'amber

Azuse
Veto.
Veto Corp
Posted - 2010.01.21 14:30:00 - [53]
 

Originally by: Chribba
Originally by: Caldari Citizen20090217
Aforementioned armchair network expert checking in...

My be totally up the wrong tree here but:
Most ppl connect from a static location, so a fixed IP/range of IPs.

Why don't CCP log logins and the usual IP range used by an account, allowing connects from the usual IP/range but disallowing login attempts from the questionable/new IPs. There could even be a section on the accounts management page (when they get round to giving this thing a seperate pwd) showing trusted IPs/login attempts and allowing users to block/allow IPs at their discretion.

Awaiting flaming from someone who actually knows what they are talking about....
Welcome to years ago, I've suggested similar ideas as an option to increase account security. The reason CCP won't do it right now is most likely because people DO connect from other places than just their homes, and thus may have completly different access ranges, locking down thus wouldn't be a good thing.

But I'm all for such an OPTIONAL ADDITION to the account, so anyone who wants to can lock down to ranges or even single IP's.


This man speaks the truth Very Happy

Although really, if it's true ccp is doing this it really is ignorant. For so many technical reasons it's simply absurd, but then everyone knows hackers all use the same ip, probably their own home one, every single time with absolutely no way of abusing someone else's. It's also a know fact that every eve player has a static ip and they never, ever use anything else ugh

Many companies have over the years tried to control access to their services by ip. All have failed. Usually with the added bonus of making their customers lives more difficult and diverting resources to something they simply cannot control. Hulu is the best current example

John Ellsworth
Gallente
Posted - 2010.01.21 14:31:00 - [54]
 

Relax there Big Boy the IP's they are "pre-emptied action against are all In China or some other 3 world "hacker haven Country" so if you account got frozen because one of those jerks access "Your Account" from there Country...... then They are doing you such a favor by .....
1. they have seen it before
2. hacker invents a crazy 3rd party program that is just So helpful you have to have it..(key logger built-in)
3.they get your information
4.they take a peek to see if you have anything of value..
5.if you did the next time they log (its all gone and your account and characters are TRASHED)
6.Proxies out of the country .. IE Iceland .. are identifiable
7.you owe most of us an apology IMO including CCP




Sparkinator
Gallente
The Scope
Posted - 2010.01.21 14:33:00 - [55]
 

Edited by: Sparkinator on 21/01/2010 14:35:41
Quote:
And here is the way to 'unblock' your blocked IP address from CCP.

All you do is re-MAC your firewall/router/NAT-PAT device, and a new IP comes down the pipe (you may have to place a phone call to reauth the MAC). Magic unban pill. For every 'security' procedure created, there is a way to get around it. Mice quickly become smarter than the mouse trap.


Your ISP does not keep track of you via your router...it uses your cable modem. Your router does not get the IP address, it just translates it.

Quote:


Posted - 2010.01.19 12:59:00 - [28] - Quote
Report

Originally by: Obeihcan you say ranges again? it makes me hot...



You're cute. I like you.

Personally, I think the following would work well and could exist as an optional security setting.

1. When connecting to EVE from an IP address that has not been used on your character yet you see a message saying "you need to authenticate IP xxx.xxx.xxx.xxx".

2. An email will be sent to your registered email address (or SMS mobile phone) with either a link or a short confirmation code.

3. You enter the code in the EVE client and the IP is added to your 'safe' list.

4. In EVE a/c management there is a list of accepted IP's with a 'remove' option (but no add option, to prevent a would-be hacker from simple manually adding their ip).

This system would satisfy those with one or more fixed IP addresses; those with dynamically-assigned home broadband IP addresses; and those who use internet cafes.

TADAAAAHHH!! :)

Edit: Note the key addition here is to use a third part system, such as email or sms, to authenticate. So having a players username and password (ergo a/c management access at present) is not enough on it's own to enter the game from a new IP.

Also, the list valid IPs in a/c management could be partly masked to deter a hacker from IP spoofing...


Good idea, except all they need is to get into your email. If they can get into your account, considering most people use the same passwords for email and other accounts, it wouldn't be that difficult, especially if they use web-based mail with such lax security such as yahoo and gmail. If they really want to get in they would just setup spoofing sites and intercept packets, tricking many dull minded players into fake authenticating IPs.

Mac cloning and IP spoofing are not very hard, however it does cost money to use a true anon proxy service. That is really the only way you are truly anonymous on the internet, and even then you aren't. Banning an IP is really the simplest measure, it is unlikely the people hacking these accounts for profit are going to spend more money just to get into a few. The OP seems to not understand subnetting at all and think there is 1 single ISP who randomly selects a random assortment of numbers and hands it to you. If I tried to hack, and my IP got banned, that's it. I most likely would not get a new IP even with mac cloning, they know you by your cable modem.

If you managed to get a new one, lets say you bought a new modem, or DHCP eventually got around to you (it can be months or a year or more for some providers) , you are still on the same subnet. I am still on the 64.128.xxx.xxx network. They would look at that, notice someone in my city AGAIN tried hacking, and ban. Most likely, it is not my neighbor who happens to also want to hack an EVE account.

Most hacking is social engineering and server side stuff, there isn't much you can do on the client side. Contrary to what people think, ISP's and big companies like CCP do know what they are doing :P The fact the internet works is because you really aren't anonymous, if at any point you find a way to completely hide yourself you will lose all connectivity and then you wouldn't be a very good hacker, would you?

Hera Ominae
Posted - 2010.01.21 14:39:00 - [56]
 

Originally by: Sibane
http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1125764&page=1#3
Originally by: CCP Fallout
Unfortunately, Customer Support has to take preemptive action when accounts have been accessed by IPs frequently used by hackers, even though nothing has been stolen yet


I have one thing to say to you CCP:
ARE YOU ****ING INSANE? DO YOU EVEN ****ING UNDERSTAND HOW THE INTERNET WORKS? proxys? dynamic IPs allocation?
Don't buy ISK. Don't use proxy to play games... LOL some dudes think they're 'lone gun men' Laughing Laughing Rolling Eyes

Sakari Mikko
Posted - 2010.01.21 14:39:00 - [57]
 

/me wonders if half of the people here even know what IP stands for.

Helicity Boson
Amarr
The Python Cartel.
The Defenders of Pen Island
Posted - 2010.01.21 14:41:00 - [58]
 

Derp.

Maybe because dealing with a few "false positives" and preventing thefts is less work to deal with than cleanup after a theft.

Sparkinator
Gallente
The Scope
Posted - 2010.01.21 14:44:00 - [59]
 

Originally by: Sakari Mikko
/me wonders if half of the people here even know what IP stands for.


you mean Internet Protocol, part of the TCP/IP suite? The set of Internet protocols developed and maintained by a group of international organizations who create rules and qualify new protocols?

Yea, some of us might. ;)

Sakari Mikko
Posted - 2010.01.21 15:01:00 - [60]
 

Originally by: Sparkinator
Originally by: Sakari Mikko
/me wonders if half of the people here even know what IP stands for.


you mean Internet Protocol, part of the TCP/IP suite? The set of Internet protocols developed and maintained by a group of international organizations who create rules and qualify new protocols?

Yea, some of us might. ;)


Originally by: Sparkinator

If I tried to hack, and my IP got banned, that's it. I most likely would not get a new IP even with mac cloning, they know you by your cable modem.


If your internet protocol were to be banned which one would you use?

Oh I get it you mean your internet protocol address.


Pages: 1 [2] 3

This thread is older than 90 days and has been locked due to inactivity.


 


The new forums are live

Please adjust your bookmarks to https://forums.eveonline.com

These forums are archived and read-only