Solved

Fighting Hackers on MSN Chatrooms

Posted on 2001-06-24
17
338 Views
Last Modified: 2006-11-17
I desperately need someones help! For the last 9 months I have been running !!!! Advice Room for Teens in the MSN Chat Rooms, We have a team of 12 Hosts and deal with about 300 teen guests and their problems a week. Three times last week we have been attacked by hackers with 'bots' which flood the room with up to 30 multiple copies of themselves flooding the screen with messages and making the room impossible to run for hours at a time.
They use a loophole in MSN software that enables them to create eg Guest_2D-D12 etc
Question 1: How do they introduce their code to run in the Chat rooms?
Question 2: Anyone here clever enough and willing to write an anti-hacker 'bot'?
Meanwhile a lot of desperate teens are not gettin any help
0
Comment
Question by:Schoolware
  • 7
  • 6
  • 2
  • +2
17 Comments
 
LVL 3

Expert Comment

by:Beluga
Comment Utility
Hi,

I'm afraid I don't know the answer, but try posting a zero-point question in the Security topic with a link back here. There's plenty of anti-hacking knowledge over there.

The sad fact is that the "hackers" who are invading your site are probably the ones who need help the most....
0
 

Author Comment

by:Schoolware
Comment Utility
Thanx Beluga - will try that. Yer - agree they are sick peeps . But i just got his email addy so im lodging complaints with MSN and his ISP - and a lot of good that'll do :(
0
 
LVL 24

Expert Comment

by:SunBow
Comment Utility
0) Recalling, Yahoo was going to share with Microsoft, then bowed out claiming Microsoft was making it too insecure. We were forewarned. But expect that.

1) If we knew how-to, it would be less than appropriate to broadcast that here. So let's reduce to Microsoft should respond to that, with one of their announcements of patches after another

2) Anti.. since you've done the legwork to identify ISP, perhaps individual, then you have near term solution. Get your firewall to ban the IP, if fixed, and ban the ISP if it will not comply with your request. Granted, that will likely lose a percent of your audience, but they can possibly switch to ISP that is more favorable. Consider this another chat topic, to let your audience in on it.

Send him simple eMail, simply asking what is wanted. Follow with another stating your intentions. Intentions may include being more public in identification, as well as leading to removal from 'net. Note, that the eMail address may have been purloined or highjacked from another, so be wary of pointing fingers too early. A good ISP would do the verify here, and handle the disconnection formalities.

In old days, software would require time to elapse between events such as human keystrokes, logonID requests, and transmission requests, and allow for balance.

EE has even had its share. With some wares you can kill bad IDs, later clock ranges, either based on common format or source ID. Helps to have code or at least support for site admin. Sounds like you have little support, and may just want to go shopping again, with eyes more attentive to supplemental needs.

How about simply eye-balling accounts/lists, and having a 'freeze' on allowing newbie interactivity during your critical time until a passing of human review? 300 is not really that much to monitor 'just enough'. Rename file for account creation if you have to.
0
 

Author Comment

by:Schoolware
Comment Utility
Thanx Sunbow for yr thoughtful comments. We stick to MSN Chat Rooms rather than restricted communities because of the exposure to casual users looking for help - and we are easily found.
This means we have no control over who comes into the room. We tried shunting them from there into a 'secure' room, but we lost too many on the way
As you surmise, support from MSN is non-existent. "It is up to the Hosts to control the behaviour in their own rooms" Regardless that MSN software wont let us.
We have informed FreeServe, the ISP of the hacker, and await results. We have written with threats to the email addy of the hacker.
Would Yahoo be a better place for our room?
0
 
LVL 3

Expert Comment

by:Beluga
Comment Utility
Any luck? I'm interested to hear if you got any response from the hacker or the ISP.

0
 

Author Comment

by:Schoolware
Comment Utility
Thanx for yr interest Beluga! MSN actually came up with a 'human' reponse, and said the prob had been passed to their products Team - followed by a long silence. There is a flood of other room managers with similar complaints - but no action.
I emailed FreeServe but no reponse. I emailed hacker and told him wot we were doing - several contacts verified it was his genuine addy.
He left us in peace for a few weeks, but as no-one took any action he's back again.
Not much help here then?  First time ever Ive not had a solution from the Experts! :(
0
 
LVL 3

Expert Comment

by:Beluga
Comment Utility
Which e-mail address did you use for Freeserve?

Try: webmaster@freeserve.com and abuse@freeserve.net

If still no luck, you can try Planet Internet in the UK, who I believe are still the hosts for Freeserve, and run their infrastructure.

See their abuse page at http://www.abuse.theplanet.net/integrity/integrityfr.htm . You can either e-mail abuse@energis-squared.com , or phone them on (+44) 113 234 5100.

0
 

Author Comment

by:Schoolware
Comment Utility
I emailed comment@freserve.co.uk
They certainly dont make it easy to find the right addy to complain on do they. I wonder y???
Thanx for response
We'll try the others
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 3

Expert Comment

by:Beluga
Comment Utility
Knowing how similar ISP's work, the "comment" mailbox will probably be read by someone in marketing or sales who may not understand the problem.

"webmaster" accounts usually go through to Technical Support people, and "abuse" accounts often go to a dedicated anti-hacking team.

There's a good FAQ at:
http://ddi.digital.net/~gandalf/spamfaq.html
that gives the e-mail addresses of many popular ISP's, together with more general advice on tracing the source of rogue postings and e-mails. It may help now or in the future.
0
 

Author Comment

by:Schoolware
Comment Utility
Thanx Beluga for yr regular suggestions! I am amazed no-one else is interested in this discussion :(
0
 
LVL 3

Expert Comment

by:Beluga
Comment Utility
Well, Exchange Server probably isn't the best topic for this question. But it's also gotten quieter because of the summer holidays. :o(

Did you try my earlier suggestion to post a link in the Security topic? Ask a new question in the Security topic, assign it zero points, and title it something like "300 points - Hackers on MSN Chatrooms". In the text, just copy and paste the URL:
http://www.experts-exchange.com/jsp/qShow.jsp?ta=exchangesvr&qid=20140851

You might also want to try the same in the Internet Service Providers/ISP's topic.

That'll direct more people in here. You may get more help, you may not, but it's worth a shot. :o)


0
 
LVL 3

Expert Comment

by:Beluga
Comment Utility
Schoolware,

I saw this Q was still open, so wondered if you managed to resolve the problem (still happy to help if not).

I'm also curious as to how well the various ISPs handled your query!
0
 

Author Comment

by:Schoolware
Comment Utility
Well done Beluga for yr persistence! I wish that was shared more by others!
I tried several of yr suggestions, including re-posting in Security and got a nil response. Like wise contact with Freeserve webmaster a nil response
However . . .
Maybe MSN did listen, because several months later the 'Guest' facility in Chatrooms was removed, which is where most of the 'bots' were introduced anonymously.
After a peaceful month or two, hackers have come back with some new 'bots'. Some attack individual users computers. but after installing myself a better firewall, i have had no more. But they can still flood the room with phony IDs
As this rarely happens, Im afraid Ive given up actually fighting them :(
But many thanx for yr continued interest.
Perhaps I ought to clos off this Quest??
Dave
0
 
LVL 27

Expert Comment

by:Asta Cu
Comment Utility
Hopefully you've already been helped with this question, but thought you'd appreciate knowing this.  It would be great if you could bring this question to a conclusion, awarding the experts above who helped you with points or a comment to them on your status today.

Re. WindowsUpdate and the .net environment. More here  http://www.microsoft.com/net/

The .NET topic is being considered for addition to our All Topics link soon, so this may interest you as well:
http://www.experts-exchange.com/newtopics/Q.20276589.html

EXPERTS POINTS are waiting to be claimed here:  http://www.experts-exchange.com/commspt/Q.20277028.html

":0)
Asta


0
 
LVL 3

Accepted Solution

by:
Beluga earned 300 total points
Comment Utility
asta: Paste in haste, repent at leisure?!

Schoolware: I was browsing the web and came across the following. I don't know if you've seen it, but it may be of some help:

http://downloads-zdnet.com.com/3000-2150-7060389.html?tag=lst-0-1

"MSN Chat Kicker is an essential tool for MSN Chat hosts. It allows kicking and banning at the click of a button and now comes with extensive documentation to get you started. Once you've got the hang of this tool, you won't need to get frustrated at the kick menus - a click of a button will keep your room trouble free."

More info is at:
http://www.home.mastersites.com/technonotice/

0
 
LVL 1

Expert Comment

by:Moondancer
Comment Utility
Thank you, Asta, for trying to revive these old and forgotten questions and adding some value in the process.

Perhaps you would benefit by posting a zero point question in the topic area representing your Operating System if you still have not gotten what you need, include the link here to point to it.

Question(s) below appears to have been abandoned. Your options are:
 
1. Accept a Comment As Answer (use the button next to the Expert's name).
2. Close the question if the information was not useful to you, but may help others. You must tell the participants why you wish to do this, and allow for Expert response.  This choice will include a refund to you, and will move this question to our PAQ (Previously Asked Question) database.  If you found information outside this question thread, please add it.
3. Ask Community Support to help split points between participating experts, or just comment here with details and we'll respond with the process.
4. Delete the question (if it has no potential value for others).
   --> Post comments for expert of your intention to delete and why
   --> YOU CANNOT DELETE A QUESTION with comments; special handling by a Moderator is required.

For special handling needs, please post a zero point question in the link below and include the URL (question QID/link) that it regards with details.
http://www.experts-exchange.com/jsp/qList.jsp?ta=commspt
 
Please click this link for Help Desk, Guidelines/Member Agreement and the Question/Answer process.  http://www.experts-exchange.com/jsp/cmtyHelpDesk.jsp

Click you Member Profile to view your question history and please keep them updated. If you are a KnowledgePro user, use the Power Search option to find them.  

Questions which are LOCKED with a Proposed Answer but do not help you, should be rejected with comments added.  When you grade the question less than an A, please comment as to why.  This helps all involved, as well as others who may access this item in the future.  PLEASE DO NOT AWARD POINTS TO ME.

To view your open questions, please click the following link(s) and keep them all current with updates.
http://www.experts-exchange.com/questions/Q.20143273.html
http://www.experts-exchange.com/questions/Q.20140851.html




*****  E X P E R T S    P L E A S E  ******  Leave your closing recommendations if this item remains inactive another seven (7) days.  If you are interested in the cleanup effort, please click this link http://www.experts-exchange.com/jsp/qManageQuestion.jsp?ta=commspt&qid=20274643
POINTS FOR EXPERTS awaiting comments are listed here -> http://www.experts-exchange.com/commspt/Q.20277028.html
 
Moderators will finalize this question if in @7 days Asker has not responded.  This will be moved to the PAQ (Previously Asked Questions) at zero points, deleted or awarded.
 
Thank you everyone.
 
Moondancer
Moderator @ Experts Exchange
0
 
LVL 1

Expert Comment

by:Moondancer
Comment Utility
Zero response, finalized.
Moondancer - EE Moderator
0

Featured Post

Do email signature updates give you a headache?

Constantly trying to correctly format email signatures? Spending all of your time at every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

Join & Write a Comment

Suggested Solutions

Utilizing an array to gracefully append to a list of EmailAddresses
Following basic email etiquette rules will help you write a professional email and achieve a good, lasting impression with your contacts.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now