I’M BEING HACKED WHEN I ENABLE MINETEST ON PUBLIC

Post Reply
User avatar
ParaklataChotou
Member
Posts: 209
Joined: Sat Jun 18, 2016 17:09
GitHub: paraklatachotou
IRC: CareBearWhoCares
In-game: AutistCortana

I’M BEING HACKED WHEN I ENABLE MINETEST ON PUBLIC

by ParaklataChotou » Post

Hi. 2 months ago I built a new server called FLUTOPIA (plentyworld.dynns.com, or flutopia.zapto.org), and Capture Flag (Derpy Wars) (derpywars.zapto.org). Since I did my servers I didn't had problems about my internet connection. But then, my internet router began to disable and enable my internet connection. I know that it's caused by something or someone who uses my minetest files to get access to my internet router. Because when I removed on minetest the public option, on windows firewall, the problem disappeared. I'm really worried not only for me, it's because the whole community. I need an answer and help to solve this issue. I can show you that it's real this issue.

Sadly, Minetest is being infiltrated by some people for hack minetest players' pcs. I'm not using minetest as a server for one month. Two days ago I reopened my server and the problem with the internet router became again. I need an answer, or I'll consider this software (minetest) as a virus. I need some assistance. I'm being hacked when I enable minetest on public.
Visit my server: freextress.ddnsking.com 30002 . mobs, npcs, interesting places, pvp.

User avatar
BirgitLachner
Member
Posts: 393
Joined: Thu May 05, 2016 10:18
In-game: Bibs

Re: I’M BEING HACKED WHEN I ENABLE MINETEST ON PUBLIC

by BirgitLachner » Post

I don't know if Minetest is/was the reason, but I know that open the own homenetwork might cause big problems.

What about the rights of the folder, where you had your Mintest-Installation? The adress of the server was avaiable via server list and may be hackers can get access to execute and can read, write and execute commands.
What about the Firewall. Was it fully open or only port 30000?

I'm not able to setup a server with a secure enviroment but I know that thoose points are important!

And minetest as a virus? ... of cause if the hacker can get access to the folder where minetest is installed, if can change easily the files and may be add a function with bad ideas.

User avatar
ParaklataChotou
Member
Posts: 209
Joined: Sat Jun 18, 2016 17:09
GitHub: paraklatachotou
IRC: CareBearWhoCares
In-game: AutistCortana

Re: I’M BEING HACKED WHEN I ENABLE MINETEST ON PUBLIC

by ParaklataChotou » Post

BirgitLachner wrote:I don't know if Minetest is/was the reason, but I know that open the own homenetwork might cause big problems.

What about the rights of the folder, where you had your Mintest-Installation? The adress of the server was avaiable via server list and may be hackers can get access to execute and can read, write and execute commands.
What about the Firewall. Was it fully open or only port 30000?

I'm not able to setup a server with a secure enviroment but I know that thoose points are important!

And minetest as a virus? ... of cause if the hacker can get access to the folder where minetest is installed, if can change easily the files and may be add a function with bad ideas.
Yes, it was on port 30000 (flutopia), and 30004 (capflag derpy wars). And on Firewall settings, the firewall was enabled but I allowed the minetest.exe to be public online, it's the only way to allow my server appear on serverlist in minetest. Let me try if I change the port and see if the problem solved. Thank you for your answer.
Visit my server: freextress.ddnsking.com 30002 . mobs, npcs, interesting places, pvp.

User avatar
rubenwardy
Moderator
Posts: 6972
Joined: Tue Jun 12, 2012 18:11
GitHub: rubenwardy
IRC: rubenwardy
In-game: rubenwardy
Location: Bristol, United Kingdom
Contact:

Re: I’M BEING HACKED WHEN I ENABLE MINETEST ON PUBLIC

by rubenwardy » Post

Pfft. You're definitely not being hacked. Your router or computer isn't good enough to handle the number of incoming connections, so it becoming unresponsive. This is unlikely to be intentional/malicious
Renewed Tab (my browser add-on) | Donate | Mods | Minetest Modding Book

Hello profile reader

trainwrecktony
Member
Posts: 67
Joined: Sun Jun 08, 2014 05:24
In-game: trainwrecktony
Location: NJ USA

Re: I’M BEING HACKED WHEN I ENABLE MINETEST ON PUBLIC

by trainwrecktony » Post

As a server owner and network engineer i'd ask

1) what model of router? If your router has weak cpu or low ram it could be overwhelmed and temporarily stop traffic. Your router may also have an agressive packet filter that even despite fowarding ports and enabling a public service it may throttle your connections. How are you forwarding ports? is it just a range like 30000-30004 or is your pc in the dmz open to all open port requests

2)what isp and upload bandwith? Your ISP might be throttling your connection due to too many connections or upload use.

3)Do you have any other services open to public? www, ftp, mumur, plex, vpn, teamviewer, vnc,rdp, etc? Are the applications or device firmware up to date?

I'd be most concerned with the remtote desktop apps like teamviewer, vnc, and rdp.

teamviewer had a big security over the summer if you use it update it and change any old passwords

vnc is very unsecure by default. Its possible to run vnc with no password and have both an open application port and http java viewer port. Traffic is also unencrypted

RDP is builtn to windows pro/ulitmate/enterprise editions. By default runs on port 3389. It has been recent target of bruteforce attacks. At my job i have seen these bruteforce attacks scan and attack ports other than 3389. If you look in your eventvwr , security log and see lots of audit failures from random users names then someone is trying to get in
Server Owner trainwrecktony.serveminecraft.net:30000 irc.freenode.net ##minetest-trainwrecktony

User avatar
ParaklataChotou
Member
Posts: 209
Joined: Sat Jun 18, 2016 17:09
GitHub: paraklatachotou
IRC: CareBearWhoCares
In-game: AutistCortana

Re: I’M BEING HACKED WHEN I ENABLE MINETEST ON PUBLIC

by ParaklataChotou » Post

rubenwardy wrote:Pfft. You're definitely not being hacked. Your router or computer isn't good enough to handle the number of incoming connections, so it becoming unresponsive. This is unlikely to be intentional/malicious
Oh, so could it be that my router couldn't support a server? Hmmm... My internet speed is 2 m. And... When I blocked any public shared files on windows firewall, the problem with my router disappeared. Now I'm playing my server to test if this happens again. flutopia.zapto.org port: 30000.
Visit my server: freextress.ddnsking.com 30002 . mobs, npcs, interesting places, pvp.

Post Reply

Who is online

Users browsing this forum: Google [Bot] and 10 guests