NatM Posted September 5, 2011 Share Posted September 5, 2011 Someone in RL told me that he was able to access Linden Lab servers and get screen shots of my avatar that were saved there. I was emailed two of them and he said they were dated. Is this possible? Link to comment Share on other sites More sharing options...
Nalates Urriah Posted September 5, 2011 Share Posted September 5, 2011 Can you be a little more specific? Each time I login I access the SL/LL servers. I can take pics and upload them to save the image in those servers. So, someone may just be yanking your chain. There are LL servers like the web site that can be accessed with a standard browser. There are a number of API's that developers can use for various purposes. There are various ways to stalk an avatar in SL. If you are being stalked file an Abuse Report. There are viewers with radar that allow them to jump their camera and only the camera to your avatar. So, they can appear to be getting pics without beng there. Link to comment Share on other sites More sharing options...
NatM Posted September 6, 2011 Author Share Posted September 6, 2011 He said something about pinging the website from the command prompt and then trying ip addresses in "My Network" then trying generic passwords if prompted. Like pass@word or admin. Link to comment Share on other sites More sharing options...
Lynda Klossovsky Posted September 6, 2011 Share Posted September 6, 2011 Really ? go to command prompt and type in (without the "" ) "ping google.com" and see the answer you get on your screen, thats a simple test to see if you have a connected internet connection... The other bit could be a password sniffer...but it is possible they are still yanking your chain. (ever thought of just changing your password ? ) Link to comment Share on other sites More sharing options...
Peggy Paperdoll Posted September 6, 2011 Share Posted September 6, 2011 The easiest and first thing you should do is change your password. If this person is guessing your password, then that's a pretty good indication that you don't have a very good password. People seem to use passwords that easy for them to remember which in seldom a password that cannot be guessed by a determined stalker or griefer. For instance a password with your favorite vacation spot is probably not a good one...........especially if you've told people how much you loved that vacation. People who want to gain access to your account (or other private information) pay attention to details like that and will use it. Pick a password that is random (not easy for you to remember and not easy to guess)....generally at least 8 characters long with both capital and lower case letters with numbers inserted and a symbol or two. And, just to be a little more causious, change it regularly (again to some random set of letters, numbers and symbols). I don't think anyone has hacked the LL servers (though that is possible). Anyone hacking the servers are not going to be interested in taking pictures of your avatar and taunting you with them............they are going to be looking at something that will gain them some form of financial gain (such as CC information or indentity information). Link to comment Share on other sites More sharing options...
NatM Posted September 6, 2011 Author Share Posted September 6, 2011 Exact instructions were: Ping lindens website from a command prompt Get the IP address go to My Network Search for the IP address When you get it try to access some of the servers listed Once you get in you can search for your own avatar name They keep logs of everything 90 days. probably for legal reasons. If you are prompted for a password try obvious ones like linden1 or pass@word or admin or administrator I don't know if this is possible or would be considered a security breach but I certainly would consider it an invasion of my provacy since he claims to have gotten screen shots. One entitled "last bitmap image" and the date and sim where it was taken. Link to comment Share on other sites More sharing options...
Lynda Klossovsky Posted September 6, 2011 Share Posted September 6, 2011 Did u try it yourself..? if so, what happened ? You can also find info about this in your sl browser.. for example..scapoli sim is located at sim9124 agni.lindenlab.com 216.82.47.60:13003 so you know the ip adress already... Link to comment Share on other sites More sharing options...
Persephone Emerald Posted September 6, 2011 Share Posted September 6, 2011 If this is true, that someone can get this information this way, this thread will probably be deleted as soon as a moderator sees it. I suspect there are holes in Linden Lab security that they don't want people to know about. Link to comment Share on other sites More sharing options...
Lynda Klossovsky Posted September 6, 2011 Share Posted September 6, 2011 If you ping secondlife.com the ip is 216.82.2.17 its hardly a secret but to get access to a server, it is possible, but you would really really need to know what you were doing... some people earn a living that way.. Link to comment Share on other sites More sharing options...
WolfBaginski Bearsfoot Posted September 6, 2011 Share Posted September 6, 2011 There are possible criminal charges here, for unauthorised access to a computer system. California State Law, US Federal Law, and if the perpetrator is in another country, that country's law. And it's not easy to prove. But I'm not entirely sure that this is a Linden Lab server that the pics came from. The image is created by your machine, even if it gets uploaded to the asset servers for storage. How good is your own machine's security? Link to comment Share on other sites More sharing options...
Tahl Posted September 6, 2011 Share Posted September 6, 2011 What's being alluded to is that the secondlife server is a windows box with SMB file sharing open to the internet. If that is true, LL would be the largest security joke on the planet. I suspect it's not true and sadly can't check as I block SMB for my entire ISP, as many other ISPs do. Link to comment Share on other sites More sharing options...
w1zard Posted September 6, 2011 Share Posted September 6, 2011 @NatM - I think we are all eager to see the screen shots that you have. If this is true that there is a hole, then it wouldnt take much for a clever hacker to exploit a SMB vul using metasploit It would most likley have to be this specific vulnerability as it affected a wide range of windows os's, which is quite old though.. Microsoft Security Bulletin MS08-067 – Critical Vulnerability in Server Service Could Allow Remote Code Execution (958644) see how its done: personally I think they just have an invis avatar and took screen shots of you to sh1* you up lol :matte-motes-big-grin-squint: Link to comment Share on other sites More sharing options...
NatM Posted September 6, 2011 Author Share Posted September 6, 2011 The picture is in a Word Doc. and I can figure out how to link it to this board. It is basically just a screen shot showing where I was standing, It was the entire screen including the address bar at the top. Thanks for the input all. Link to comment Share on other sites More sharing options...
Acheron Gloom Posted September 6, 2011 Share Posted September 6, 2011 I'm going to say its a 99.9% chance they're screwing with you Link to comment Share on other sites More sharing options...
Elite Runner Posted September 6, 2011 Share Posted September 6, 2011 Hacking into servers isn't a very good idea. Someone could get into critical information and hack into them, maybe creating an exploit that can distrupt services, like the Second Life Grid, that may cause regions to go down, people being logged out, asset servers going awhack and bringing the grid offline, and that could take many hours or days to recover... Link to comment Share on other sites More sharing options...
NatM Posted September 6, 2011 Author Share Posted September 6, 2011 I have a help desk ticket in with LL. I'll let you know what they say. If anything. Funny thing, I responded to the original email with the picture attachment. When I went into my sent items there was a youtube video embedded in the body of the email about something called Metasploit. It wasn't visible in the original email they sent and I did not add it when I replied. This just keeps getting stranger, Link to comment Share on other sites More sharing options...
NatM Posted September 6, 2011 Author Share Posted September 6, 2011 Never mind. He's been running a collection script on my computer for months. Link to comment Share on other sites More sharing options...
Nalates Urriah Posted September 7, 2011 Share Posted September 7, 2011 The steps sound like a setup. If they can get you to follow a set of steps that are for hacking a system, you may trip the intrusion detection and end up with problems of your own. Its like someone telling you to go in a bar, pull a gun, demand the money in cash register because it is so easy and big money. They just neglect to tell you it is a cop-bar and everyone in there has a gun. Also, the Lindens deal with sophisticated hacking attempts everyday. Doing something as dumb as leaving a server password set to the default is highly unlikely. It could happen. I doubt it is the case. The more I hear the more I think someone is just playing you. Link to comment Share on other sites More sharing options...
Nalates Urriah Posted September 7, 2011 Share Posted September 7, 2011 Most of the game and utility servers at LL run Debian Linux. Link to comment Share on other sites More sharing options...
Hope Dreier Posted September 7, 2011 Share Posted September 7, 2011 I would bet dollars to doughnuts that LL doesn't run Samba on it's Linux based servers. My network indeed ROFL. Link to comment Share on other sites More sharing options...
Recommended Posts
Please take a moment to consider if this thread is worth bumping.
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now