Thanks Arideni.Also the link for the authenticator to. Have a safe holiday!Yes you take Wall O' Text crit but after taking that you get a buff that not only heals you fully but keeps you playing WoW and all your other favorite PC (or mac) games. So read it.Edit: added remark to read comments for they shall help you.
Great post! People really underestimate how many password stealers are out there.With regard to the updates, the Malicious Software Removal Tool by Microsoft includes game password stealers as per and is released every month, so make sure you run it!http://blogs.technet.com/mmpc/archive/2008/06/20/taterf-all-your-drives-are-belong-to-me-1-one.aspx
Before we starting talking on how to prevent account comprising we need to know how someone can steal your information. The information above is correct but there is more to that. First let me say that I am an IT Systems Administrator working on getting a BS in Network Security. First, you need to have your firewall up to date with all firmware updates. This helps you a lot more in security as it is very easy to steal a packet or frame from a resource using packet/frame analyzing tools. I will not mention any here. Make sure that you only allow ports from trusted companies like Bliizzard. Do a little research on Blizzard's websites to find out what ports Blizzard uses in their games. They also have tutorials on how to set up your Routers / Brouter for port blocking and how to use your software from port blocking as well for Windows, and Mac using programs like ZoneAlarm, and BlackIce. Second make sure your not using any programs in the background that can obtain a backdoor leak from your computer. These are called Trojans and they are hidden in your system most likely as a JavaScript file some where in your Cookies area. This makes it a point to delete your cookies every time you exit your browser. This will help keep your system safe from any want to be attackers. If there is a backdoor leak on your computer, any hacker can find his / her way in and corrupt any data you might have. Third and I can not stress this enough. Test out your system before somebody breaks in. If you can find a leak within your security settings, anybody else can to. So do yourself a favor and test your system out. Put a virus on your system (nothing too dangerous for testing) and see how your Anti virus protector picks it up. Same with port blocking and firewall schemes. There are many tools on the net that can help you with this. Fourth, install some kind of Network Monitor on your computer. It can be from Microsoft even with their Network Monitor that is bundled with their Windows 2003 Server Software. This will help you analyze your packets and see where you are most vulnerable. Once you find that information do more research to find out how to help your system out. Also install all security updates either from your Anti virus, OS, or any other security source. Fifth, turn off your guest account. If you find that this is on after you have turned it off more then likely someone got into your system. This is a good test to see if you have been hit with anything including a DDOS attack or been a victim of packing sniffing. Also use a browser that is more secure like Firefox, Opera or Chrome over Internet Explorer. While IE (8 beta 2) is great, it is still less secure than Firefox or Chrome. Some other tips:- Change your password every 14 days. For most packets to be sniffed out it can take up to 10 days before someone has a good size log on everything that you have done on the Internet. During this time the hacker is or has tried to get into your system. Changing your password every 14 days is a good step.- Make sure your password is lengthy. Windows recommends 6 characters. Most websites want 8. Try for something in the 12-15 character range. The longer the password, the harder it is to crack. Also use a combination of letters, numbers, alphanumeric letters, and symbols. A common way is to test your password after you made it. If you can't remember it without looking at it after you made that's a good thing.- While this tip might be a little extreme. Right down your MAC (Media Access Control) address that is found on your NIC (Network Interface Card). It is a long number, but this makes your computer unique to the Internet. It is also how you obtain an IP Address from your ISP. If someone was packing sniffing, he / she can alter your MAC address and give you an APIPIA (Automatic Private IP Address) that will not let you access the Internet, and you would have to go through the hacker's Internet where he will sniff you because the only way out is through his / her Default Gateway. If you think you have been a victim of an attack see if your IP Address has changed. One way is through command line (CMD at run) and using the ipconfig command if your on Windows or Linux / Unix to see what your current IP address is. If you find you have been a victim of an attack your best source is to contact your ISP as they have security experts that can do packet tracing to find out how you were sniffed out. My final bit of advise is if anybody wants in they will do anything they can to get in. Does not matter how secure your network is. If they want to pinghammer you to death to where your bandwidth is dead they will. Our packets do not allow for that much security (IPv4), but with IPv6 coming to most ISPs and networks really soon the more secure it will be. Having 10.0.10.100 is easier for a hacker then something in hexadecimal (a-f, 0-9, 45 characters long)Sorry for making this so long. It is a lot of work to protect yourself from hackers. Cyber crime is huge. You are in luck as more security is on the way in IPv6. Some ISPs have already installed IPv6 into their network. Many who have will of sent you an email or some kind of notice that they have upgraded their security of their network. This means they upgraded to IPv6. If you wonder, I am not a hacker but they teach a lot of this stuff and how to stop it in our security courses and also working as a System Administrator your #1 thing to do for a network is secure the data.
This post was from a user who has deleted their account.
Great post, Ari. I'm gonna get the Authenticator (as soon as gf stops sucking up mah money) and gonna only use my Info on those 4 sites listed. You should all do the same =D
Great Article Thank you
Be more concerned someone may have compromised your system (if you didn't give the password out, then by deduction you have a problem). Good luck, and I hope things get worked out for you!
Internet security is kinda like driving a car, you might buy a car with all the fancy security features, anti lock brakes, anti spin, 4x4, ESP drive assist and all that, but in the end the most important security feature is the person behind the wheel. When it comes to computer security, I'll make a bet and claim that out of your 10 friends, it's always the same 3 that get hacked, attacked by virus and have to format and reinstall on a monthly basis. Of course, even carefull people have accidents once in a while, but you can improve your odds considerably by having a responsible online behavior, just like you can improve your odds of surviving in traffic by driving responsible.My tips on being a safe internet user:- Keep your windows and antivirus updated. Some antivirus software are crap, use google to read reviews before you decide which to use. Personally I use AVGfree which gets nothing but good reviews and test scores.- Downsize your windows installation. In Control Panel, Administrative Tools, Services you can see which services your windows installation runs. A Windows installation default has a lot of services running, some you need and some you don't. For example, I have no printer, so why would I want my windows to run a printer spooler service? Remote Registry "Enables remote users to modify registry settings on this computer."? Hmm, do I really need that?Spend an hour and google the stuff that isn't obvious. If in doubt leave it running. You should be able to cut down quite a bit on unneeded services. Less services running means less stuff that can go wrong and it makes your windows run faster and more reliable. - Right click your task bar and bring up the Task Manager. Switch to the Processes tab and resize the Task Manager so it fits neatly with the number of tasks running. In "idle" with my browser and wow closed, my system runs 26 tasks, so my Task Manager is resized to have room to show exactly 26 tasks. If something extra is running, my task manager gets a scroll bar at the side and it's easy for me to spot the difference. Right now I have 27 tasks running and a scroll bar because I have my browser open. Once I close it down I'm back to 26 tasks and no scroll bar.I don't look at my task manager all the time, more like once a week I check that I still only have 26 tasks running. If something new is running, I try to spot the one I haven't seen before and use google to see what it does. When I download and install new programs, I check too. - Get a decent browser that doesn't install stuff just because it has a certain filename. Some Internet Explorer versions will install just about everything without telling you if only the website you visit claims that the file is okay to install. Personally I use Mozilla Firefox, at least it asks me if I want to have "upgrades" installed or not. As a side note, when you visit that hungarian porn site that suggests you install Shockwave to play strip poker DONT click the link to the shockwave installer they suggest. Instead google for Shockwave and download it from a trusted site. There is a Wiki telling me that Shockwave was created by Macromedia but is now owned by Adobe so going to www.adobe.com and downloading Shockwave from them seems a safe bet. - Which brings me to the next point. Only download from official sites. If you want a program, spend a minute figuring out who made the program and download it from the official site. Dont get stuff off bittorrent, your uncles flashdrive or a random website. Downloading from the official site with get you the newest and most recently updated version and the company developing the software is more likely to give you a clean version without virus, trojans and backdoors as they have a reputation to uphold. - Wow security. Only enter your account name and password on your own computer. If you followed the above steps, you should have some idea that your own computer is safe and clean. If you log on to your account at the local internet cafe or a friends house, you have no idea what kind of internet security they have. You friend might be a very nice guy and claim to have a secure computer, but who knows if he got his shockwave from that hungarian site or downloaded his latest first person shooter from bittorrent and now have a keylogger ready to steal your account name and password? IF you use your account name and password on a "random" computer, change your password the second you get back home to your own safe computer. I only ever log onto wow from my own computer. If my nephew wants to try out my druid he gets to sit a my computer and try it there. Sorry for the wall of text, following the above suggestions won't make you 100% safe, but it helps you be "a safer driver". My personal record is 25+ years with computers and never having to reinstall due to malware.
Just listen what Strandvaskeren says. Hes a smart guy. 100% agree.
So, basically if you get hacked, you were asking for it. DON'T buy gold, powerlevel etc. Make use of AVG free, spybot s&d and all those helpful programs By all means, buy an authenticator. Watch your mates- I share an account with my wife (I know, I know tou etc.) but I wouldn't with anyone else. Lastly- DON'T BUY GOLD, POWERLEVEL, ETC, especially since the outlands nerf there really is no need- I have a 47 priest with 1600g from mine skin and relisting ah stuff. Happy new year to all!
And please, PLEASE, PLEASE, do not think that having an Authenticator means none of the other tips matter. The same keylogger that snags your WoW password will snag your email password, your bank password, etc. The false Blizzard email you click and enter your account info into will (if it asks for enough stuff, and you provide it) allow the hackers to remove the Authenticator from your account.Follow the advice Blizzard gives AND get an Authenticator. They're cheap and cool, you're a geek; what's not to like?Just make sure you put it in the keys basket at the airport, not in your carryon; I've had TSA folks decide to open my bag and inspect these kinds of PRNG fobs when in my carryon, but NEVER when in the keys basket.
Which is a serious flaw because a key chain could contain a blade several inches in length. Considering how dangerous box cutters are, we should all be concerned about the fold-out knives the person in front of you has in the key basket. I've stopped many a knives that way.