Forum Settings
       
This Forum is Read Only

How to Protect AccountFollow

#1 Jan 31 2011 at 2:46 PM Rating: Decent
6 posts
Good afternoon everyone. I just thought it would be helpful to provide information on how to protect your computer and account from being compromised. This is to all the computer amateurs out there who currently have a computer or planning to buy one. It's okay, I've been a computer amateur for a long time and hearing computer talk gave me a head ache! I'm sure everyone hates getting hacked, you work on your avatar for a very long period of time and get kinda attached to it well because, you put so much hard work into it! Anyway, let's talk about the the two most common ways people get hacked. They are KEYLOGGERSand BRUTE FORCE.(Only ones I can think off the top of my head...) It's good to know what you can be facing so you can avoid it.

What is Keylogger?
Keylogger is a dangerous software that executes almost invisibly as a low level system process. It is usually started up in an invisibility mode when your computer is booted – so there is no way the user can detect it. This program logs all the key strokes that you type on the keyboard and then transmits the logged information to the intruder who infected the computer with the keylogger program.

Keyloggers are extremely dangerous and can be used to steal personal information such as your social security number, credit card number, and passwords to just about everything. This may lead to identity theft or theft in general. Keyloggers are especially dangerous to anyone who uses online banking or online cash sites such as PayPal for a large amount of money.


What is Brute Force Cracking?


- Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or "crack" a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.
Crackers are sometimes used in an organization to test network security, although their more common use is for malicious attacks. Some variations, such as L0phtcrack from L0pht Heavy Industries, start by making assumptions, based on knowledge of common or organization-centered practices and then apply brute force to crack the rest of the data. L0phtcrack uses brute force to crack Windows NT passwords from a workstation. PC Magazine reported that a system administrator who used the program from a Windows 95 terminal with no administrative privileges, was able to uncover 85 percent of office passwords within twenty minutes.

How To get Rid of Keylogger and Brute Force Cracking


When you suspect that you are infected with a keylogger, do NOT type any personal information. Even if you are typing in a normal word document, the keylogger still keeps track of everything you type.

If you desperately need to login to your Email or somewhere secure and password protected, there is one way to get around the keylogger.

Click on Start -> Go to All Programs -> Click on Accessories -> Select Accessibility ->Click on On-Screen Keyboard

Executing the above steps opens a keyboard on your screen so that you can click whatever letter you would like to type. Since a keylogger does not track where and what you click, this helps you to get around it in times of urgency. Typing with the on-screen keylogger is a great hassle. The only alternative is to eradicate the keylogger program completely from the computer.

Before you can eradicate the keylogger program and make the compute safe, you will need to detect it. Detecting a keylogger is not simple. It can be installed in over a 100 places on your computer, usually located in one of the system files. However, there is a much easier way to detect if a keylogger is running or not. Right click on your desktop’s task bar and click on Task Manager. Alternatively you can press Ctrl + Alt + Del simultaneously to open the Task Manager. Task Manager displays a list of all the applications currently executing on the computer. Click the tab that says Processes. This gives you information about all the programs, hidden and visible that your computer is currently running.

Unless you know a lot about system processes and application processes, you will have difficulty figuring out what you are looking at. The name of each process is under Image Name. The keylogger will show up on the list of processes as well as many other programs and background processes. However, you may not be able to distinguish between the different processes.

You will need to know which process to end before you can stop the keylogger. There are many sites available on the Internet that provides a vast amount of information on each and every process that you may encounter. One of these sites is Liutilities. This site provides some background information on each process as well as specifying the author and which program it is part of. One of the best features of this site includes a recommendation about what to do with that process. Most of the time, the process you look up will be harmful and simply part of the operating system or another program you are running.

Another fantastic site for information on processes is Neuber. As with Liutilities, Neuber gives you background information on that process. A special feature they have is user created comments. Anyone can rate a process in terms of its security a leave a comment about how to deal with the process. Generally, these comments are very accurate. Neuber also provides a ‘security rating’ for each process based on the average rating by users.

However, some find it hard and long drawn out to research each process individually. Thankfully, there is a program called Security Task Manager that is free to download. It will display information about each of the processes that are currently running, as well as specifying if they are dangerous or not. You will immediately be notified should anything harmful come up. Produced by Neuber, the program also shows the security rating and a random comment made by a user for each process. This program does have its disadvantages though. Processes that the program has never encountered before are not given a security rating or a comment. It is therefore advised that you research these processes individually.

Once you have found the harmful process in the Task Manager, click the process and then click the ‘End Process’ button towards the bottom right. The process you have selected should be terminated immediately.

Once this is complete, you should be safe until you reboot your computer. If you do not delete the keylogger, upon rebooting your computer, the keylogger will start up again.

Once you have stopped the keylogger, run anti-virus and spyware checks on your entire computer. Some free virus scan utilities that are recommended are A2, Dr. Web and AVG. However, highly advanced keyloggers such as TypeAgent, KGB, and SpyOutside can often slip through these scans and remain undetected.

If the antivirus scans fail to show any result, you will need to manually detect and delete the keylogger. Keyloggers are usually located in the system files, so do not delete anything that you aren’t 100% sure is the keylogger. Doing so may lead to errors in other areas of the computer. Go to 411-spyware and search for the type of keylogger that has infected your system. If it is listed, there should be instructions about how to manually remove the keylogger.

A great way to check if the keylogger has been completely removed from the system is to reboot. Remember the name of the keylogger’s process and reboot the computer. If the process is not there when the computer has rebooted, you are safe.

Unfortunately, the only way I know how to be safe from Brute Force is to make a strong password length 10-15 with lower and upper case letters, numbers and symbols. Changing your password monthly or even weekly if you're paranoid. There is also a security token which you can purchase for your account which strengthens your security to around 90%. You can also get hacked from consoles such as Xbox 360, Play station 2 and Play station 3. Brute Force is usually responsible for consoles. If you play on PC and want to strengthen your security more and have an extra computer or laptop around, use one specifically for gaming and one for browsing the internet.

I'm also just going to continue based on what I think is fishy on my mind...but I believe RMT is also responsible for many of the comprised accounts in FF11. I hear they ask for too much information when you purchase gil and I even hear they do a power leveling service!? I also hear they are in other MMOs including this one! So don't do any business with them! Not to mention there are no computer laws in China so...they can kinda get away with these third party programs!

That's pretty much it, thanks for reading!




Edited, Jan 31st 2011 3:47pm by Zacky1720

Edited, Jan 31st 2011 3:48pm by Zacky1720
#2 Jan 31 2011 at 2:50 PM Rating: Default
Scholar
***
2,426 posts
sorry if this sounds glib or whatever, but who in their right mind is going to want to steal anyone's XIV account at this point?
____________________________
monk
dragoon

#3 Jan 31 2011 at 2:59 PM Rating: Good
Avatar
**
257 posts
Or you could use a security token, keyloggers are useless against that and its very unlikly for a brute force to get a password that changes so often
____________________________
FFXI (Long since retired)
Delsus
Server: Cerberus

FFXIV
Delsus Highwind
Server: Ragnarok
#4 Jan 31 2011 at 3:00 PM Rating: Good
**
395 posts
RMT who sell gil on playerauctions or other sites?
People usually hack accounts to resell them, or to steal all the items and sell them. Rarely are accounts just hacked to be played by the hacker.

RMT will usually steal your account, quickly sell it on an RMT site and give bogus product key codes (How can you tell if they are legit?) and make a quick $300 or so.

After of course, taking all your money and selling it for $7 per million or whatever.

_______________
Also a the security token will not protect your account.
Especially not when Square Enix has a crappy system for authentication.

I had a security token, and got hacked in FFXI, and the hacker was able to log in, and remove the security token, and change all the account info to where it took the admins 3 months to give the account back.

Just FYI if your hacked in FFXI or FFXIV, and they change your account info, you have a nightmare process to get it back. Why? Because they ask you to verify the -CURRENT- info to get your account back, so if they change your address and credit card and all the other info SE will refuse to give it back.


What the new hackers do is essentially steal your active session.
You will log in with the program, it will freeze or lock up, and you'll try to log in several times with no result, when you get in all your stuff is gone. Or your passwords changed. They have scripts that run in seconds that can get your account info changed for that 60 seconds your password is valid.

Edited, Jan 31st 2011 4:06pm by Eadieni
____________________________

http://www.prismaticllama.com/
http://www.sologensystems.com
The Prismatic Llama - Peru's llamas got nothing on us.
#5 Jan 31 2011 at 3:07 PM Rating: Decent
A bit of an odd topic for a first post, but one that obviously some folks need to read... there have been a few hacked account threads recently. So even though it doesn't make sense about the why's... it is happening.

Ultimately a good strong password, not used on forums related to the product (preferably no other sites), is the best defense if you don't want to buy a security token.
____________________________
FFXI:Sylph - Perrin 75 Hume THF; Retired (At least from my use any way)
EVE Online:ScraperX; Retired
WAR:IronClaw- Peryn SW;SkullThrone- Grymloc BO; Retired


#6 Jan 31 2011 at 3:13 PM Rating: Decent
**
395 posts
Oh I do recommend you buy the token, I was just saying that don't buy it and think you can't get hacked with it.
It's not as common, but you should always be careful.

Avoid being hacked, do all your account info on a Mac and do your gaming on a PC.
____________________________

http://www.prismaticllama.com/
http://www.sologensystems.com
The Prismatic Llama - Peru's llamas got nothing on us.
#7 Jan 31 2011 at 3:14 PM Rating: Good
Ahhh I figured it out... I love google...

http://www.tech-faq.com/how-to-remove-a-keylogger.html

http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci499494,00.html

Plagiarize much? There's loads more verbetum, it's not usually a good thing to copy peoples works without giving them credit...
____________________________
FFXI:Sylph - Perrin 75 Hume THF; Retired (At least from my use any way)
EVE Online:ScraperX; Retired
WAR:IronClaw- Peryn SW;SkullThrone- Grymloc BO; Retired


#8 Jan 31 2011 at 3:19 PM Rating: Good
**
395 posts
True but he did take the time to compile it together. Should have referenced the articles he got the information from though, if anything it would have added more credibility to his recommendations (Not that they were wrong, but they were coming from a 1st post on zam)
____________________________

http://www.prismaticllama.com/
http://www.sologensystems.com
The Prismatic Llama - Peru's llamas got nothing on us.
#9 Jan 31 2011 at 3:32 PM Rating: Decent
Avatar
**
257 posts
Eadieni wrote:
True but he did take the time to compile it together. Should have referenced the articles he got the information from though, if anything it would have added more credibility to his recommendations (Not that they were wrong, but they were coming from a 1st post on zam)


We dont trust first posts on zam? so thats where i have been going wrong.

JK lol
____________________________
FFXI (Long since retired)
Delsus
Server: Cerberus

FFXIV
Delsus Highwind
Server: Ragnarok
#10 Jan 31 2011 at 3:39 PM Rating: Decent
Eadieni wrote:
True but he did take the time to compile it together. Should have referenced the articles he got the information from though, if anything it would have added more credibility to his recommendations (Not that they were wrong, but they were coming from a 1st post on zam)


The first and last two "paragraphs" are original, everything in between is off of 1 site which in turn was taken from 2 sites, and so on. I'm good with new folks wanting to give helpful information to the community. Quite a few first posts have been very helpful guides on this game or others.

However when you get into computer security you're looking at a barrier of trust. The only thing missing here was links to some 3rd rate spyware program with a monthly fee ^.~ I still rated the OP up for trying, at least it doesn't seem to be a sock or troll post.
____________________________
FFXI:Sylph - Perrin 75 Hume THF; Retired (At least from my use any way)
EVE Online:ScraperX; Retired
WAR:IronClaw- Peryn SW;SkullThrone- Grymloc BO; Retired


#11 Jan 31 2011 at 4:06 PM Rating: Good
Eadieni wrote:
RMT who sell gil on playerauctions or other sites?
People usually hack accounts to resell them, or to steal all the items and sell them. Rarely are accounts just hacked to be played by the hacker.

RMT will usually steal your account, quickly sell it on an RMT site and give bogus product key codes (How can you tell if they are legit?) and make a quick $300 or so.

After of course, taking all your money and selling it for $7 per million or whatever.

_______________
Also a the security token will not protect your account.
Especially not when Square Enix has a crappy system for authentication.

I had a security token, and got hacked in FFXI, and the hacker was able to log in, and remove the security token, and change all the account info to where it took the admins 3 months to give the account back.

Just FYI if your hacked in FFXI or FFXIV, and they change your account info, you have a nightmare process to get it back. Why? Because they ask you to verify the -CURRENT- info to get your account back, so if they change your address and credit card and all the other info SE will refuse to give it back.


What the new hackers do is essentially steal your active session.
You will log in with the program, it will freeze or lock up, and you'll try to log in several times with no result, when you get in all your stuff is gone. Or your passwords changed. They have scripts that run in seconds that can get your account info changed for that 60 seconds your password is valid.

Edited, Jan 31st 2011 4:06pm by Eadieni


SE has done alot of things wrong. you getting hacked isnt one of them. Its very possible to run FFXI on a windows based PC and not get hacked.
the security token is everything but idiot proof. you having a key logger doesnt equal SE having crappy authentication. Its not like they just manifest themselves on your PC, something you did compromised your security. so dont blame SE or even microsoft for that.

Also SE uses Previous/past credit card information when investigating a compromised account as well as specifics about the account itself. the process is hardly a nightmare and the only bad part about it is having to get a statement from SE notarized.

____________________________

Does hating a game I wanted to love make me a troll?
or does trying to love a game I hate make me a white knight?
#12 Jan 31 2011 at 4:27 PM Rating: Decent
7 posts
Quick question regarding the security token... Where do I buy one? Only way I can see is to buy the Collectors Edition...

Anyone know where?
____________________________
#13 Jan 31 2011 at 4:42 PM Rating: Good
Scholar
**
812 posts
I didn't see this in this thread, so for an added level of security use a different username on your SE account than you do on public forums and such.
____________________________
Abaddon Active Player Roster
- All your Fabul Sever are belong to us! -


#14 Jan 31 2011 at 4:43 PM Rating: Good
Scholar
**
812 posts
Nethr wrote:
Quick question regarding the security token... Where do I buy one? Only way I can see is to buy the Collectors Edition...

Anyone know where?
the SE support website
____________________________
Abaddon Active Player Roster
- All your Fabul Sever are belong to us! -


#15 Jan 31 2011 at 4:48 PM Rating: Decent
7 posts
Sorry but that still doesnt help.. I look at their support website and i find some information about the security token but still no place that i can actually purchase it. Is it possible that you could provide a direct link?

Thanks for your time :)
____________________________
#16 Jan 31 2011 at 5:47 PM Rating: Good
Scholar
**
812 posts
there's a link to it on the square enix account log in page

http://www.square-enix.com/na/account/otp/

Edited, Jan 31st 2011 6:47pm by Jefro420
____________________________
Abaddon Active Player Roster
- All your Fabul Sever are belong to us! -


#17 Jan 31 2011 at 5:56 PM Rating: Decent
***
1,608 posts
Best way to protect your account is to not download hacks and scripts.
____________________________

#18 Jan 31 2011 at 9:03 PM Rating: Good
**
650 posts
Or get a dedicated PC only to play FFXI/XIV, No thing else. No other apps installed, now browsing either. You buy another machine for browsing and other PC stuff that you need. :p
____________________________
Mikayla Soulfire (XIV), Ul'dah, Istory
Lodestone Profile

Mikael (XI) Bastok, CaithSith
RDM/BST/BLU/NIN/BLM

Thus is our agreement written, thus is treaty made. Thought is the arrow of time; Memory never fades. What was asked is given; The price is paid.
#19 Jan 31 2011 at 9:14 PM Rating: Decent
Scholar
*
88 posts
OP stole my keys
____________________________


DaevaofWar.com
This forum is read only
This Forum is Read Only!
Recent Visitors: 31 All times are in CST
Anonymous Guests (31)