you're an idiot, you're only banning their IP and NOT removing their OP powers. They aren't hacking, you're just banning his IP and leaving his account with OP powers. :\
/banip F4c0grnm
The IP from which he has been connected can no longer connect. He just rebooted his router and it changed.
/deop F4c0grnm
Removes his OP powers, you haven't done this at ANY point.
Guys, can someone tell me how this hack actually works? Looking to patch it out of TA, and it does seem to work :tongue.gif:
There isn't a hack. When banning someone via IP you're ONLY banning their IP, their account can still connect just from a different IP. The problem in this situation was someone joining, being made OP, setting up other people with OP privileges, abusing and getting IP banned, then rejoining.
You know, i'm not suprised that a 'custom server' gets hacked in some form or way to where people may be Op'd in some form, possibly packets i aint sure.
You guys really don't think a hack can be created that, oh, I don't know, makes someone who is an OP type (or appear to the server to type) /op ? You may all be thinking too far into this.
If this is directed at me, I have no idea why. He is not hosting anything for me. I don't run any servers, I just help OP a bunch. I was only (trying to offer or) offering a counterargument to what you fine young lads are saying.
You guys really don't think a hack can be created that, oh, I don't know, makes someone who is an OP type (or appear to the server to type) /op ? You may all be thinking too far into this.
Personally, no. I think the issue is either down to; poor custom server building, verify names being off or people rogue oping others.
Pure java code is effectivly immune to buffer overflows, and this is a small project, small projects/open source are more secure than bigger ones because the coders can communicate better about the code, and what bits of it does.
With one person, the communication issues drop to 0. So if Notch finds a piece of code that does odd stuff, he can just remove it.
Finally, it's a small target, no one will have the time to try to find an exploit(if there is one).
BTW, I will bet that your bank will probably be less secure than minecraft.
Rollback Post to RevisionRollBack
I disagree with you, therefore you are wrong.
Quality of output = Skill * Effort
/banip F4c0grnm
The IP from which he has been connected can no longer connect. He just rebooted his router and it changed.
/deop F4c0grnm
Removes his OP powers, you haven't done this at ANY point.
Seriously, stop posting so much. Also, IPS CAN BE CHANGED. Ban his ACCOUNT and DEOP HIM.
but yes i did forget to deop him but still how would he get in with same ip
sorry about lots of posts :sad.gif:
He was IP Banned, change his IP, reconnected, then you banned his account and he reconnected. If I see correctly...
There isn't a hack. When banning someone via IP you're ONLY banning their IP, their account can still connect just from a different IP. The problem in this situation was someone joining, being made OP, setting up other people with OP privileges, abusing and getting IP banned, then rejoining.
Former #minecraft channel operator.
A client hack is easy. A server hack is near goddam impossible, and really not worth the effort.
Rouge opping is easier.
Quality of output = Skill * Effort
Ain't no party like a [SSSS] party 'cause a [SSSS] party [VV] [tnt]!
If this is directed at me, I have no idea why. He is not hosting anything for me. I don't run any servers, I just help OP a bunch. I was only (trying to offer or) offering a counterargument to what you fine young lads are saying.
Ain't no party like a [SSSS] party 'cause a [SSSS] party [VV] [tnt]!
Personally, no. I think the issue is either down to; poor custom server building, verify names being off or people rogue oping others.
Simply, there is no way to gain op. It's serverside, not client side. There is no packets you can send that will give you op serverside.
It's mostly rouge ops. Just delete your goddamn admins.txt and remake it.
Pure java code is effectivly immune to buffer overflows, and this is a small project, small projects/open source are more secure than bigger ones because the coders can communicate better about the code, and what bits of it does.
With one person, the communication issues drop to 0. So if Notch finds a piece of code that does odd stuff, he can just remove it.
Finally, it's a small target, no one will have the time to try to find an exploit(if there is one).
BTW, I will bet that your bank will probably be less secure than minecraft.
Quality of output = Skill * Effort