Bungie.net Community
This topic has moved here: Subject: intrusion attempt?
  • Subject: intrusion attempt?
  • gamertag:
  • user homepage:
  • last post: 01.01.0001 12:00 AM PDT

thanx for the help

  • 02.10.2005 11:36 AM PDT
  • gamertag:
  • user homepage:
  • last post: 01.01.0001 12:00 AM PDT

no seriously does anyone from bungie have an explanation for this -blam!- ?

  • 02.10.2005 11:45 AM PDT
Subject: intrusion attempt?
  • gamertag:
  • user homepage:
  • last post: 01.01.0001 12:00 AM PDT

i dont know if this is the right forum to post in but anyways last night and today every time i was on the forum my computer frose, i couldn't use my keyboard or mouse and i had to remove my laptops internal battery to restart my computer.
I also got an intrusion attempt message from Norton that was very fishy:

Attempted Intrusion "MSSQL_Null_Packet_DoS" against your machine was detected and blocked
Intruder: www.bungie.net(64.4.59.143)(http(80))
Risk Level: Low
Protocol: TCP
Attacked IP: HOMEUSE(xxx.xxx.x.xxx). i didn't state my ip for security reasons
Attacked Port: ms-sql-s(1433)

The info from Norton on this attack was:
MS-SQL_NullPacket_DoS
Attack Category: Denial of Service
Severity: High
This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
Description
This signature detects an attempt to exploit the NULL byte vulnerability in MS SQL Server. If Microsoft SQL Server 7.0 receives a TDS header with three or more NULL bytes as data, it will crash. The crash will generate an event in the log with ID 17055 "fatal exception EXCEPTION_ACCESS VIOLATION."

If anyone or someone from bungie could explain to me what is happening it would be nice





  • 02.10.2005 11:30 AM PDT
  • gamertag:
  • user homepage:
  • last post: 01.01.0001 12:00 AM PDT

Recon 54 your post was so funny i cried of laughter and fell on the floor. I am waiting for the day u'll have your own show on comdedy central. Untill then try to be more helpfull

  • 02.10.2005 12:11 PM PDT

"FOR YOUR OWN PROTECTION: Ensure brain is engaged before putting keyboard into gear."
Need a ninja?
Got a cheater? [email]h2cheats@microsoft.com[/email]
Forum Rules.
FAQ.
I'm certifiable.

Here's another guess... you were accessing bungie.net when the forums were acting up, the forums kicked some corrupted packets at your system, and the firewall looked at the packets and matched them to an exploit known to be used in Denial of Service attacks. *Bam!* Up goes the blockage.

I have NIS myself, and every now and then it errs to the side of caution and flags network faults as potential attacks. You can avoid this in the future by making bungie.net a "trusted" site in your NIS preferences... fire up the NIS interface, select "personal firewall", click on "configure", then select the "networking" tab. Select the "Trusted" option on that page, then click the "add" button at the bottom. Make sure the "individually" radio button is selected on the page that pops up, and put "www.bungie.net" into the address bar at the bottom. Then click "okay".

NIS will never autoblock a network address listed as a Trusted computer. The only risk is if someone corrupts your DNS to redirect "www.bungie.net" requests elsewhere, but I think NIS will warn you if an application tries to do that.

-- Steve hopes this will help... but you're probably safe leaving it alone entirely. NIS only sets 30-minute blockages and won't automatically add computers to its "Restricted" list.

  • 02.10.2005 5:31 PM PDT
  • gamertag:
  • user homepage:
  • last post: 01.01.0001 12:00 AM PDT

Is there anything recon doesn't know!?

  • 02.10.2005 10:44 PM PDT
  • gamertag:
  • user homepage:
  • last post: 01.01.0001 12:00 AM PDT

Posted by: ðcherryð
Is there anything recon doesn't know!?


How to play Halo 2.

I don't blame him though, he's always on here.

  • 02.11.2005 4:31 AM PDT
  • gamertag:
  • user homepage:
  • last post: 01.01.0001 12:00 AM PDT

well this could be a very serious problem you should trace the attacks if possible then report them, or hack them........ whatever floats your boat.

  • 02.11.2005 9:11 PM PDT
  • gamertag:
  • user homepage:
  • last post: 01.01.0001 12:00 AM PDT

thanx a lot for the advice i changed some options in my firewall settings and the'res no problem for now with this site yet. But today i kept on getting a lot of intrusion attempts from a lot of different ip's but i couldn't get more info on them. when i checked these ip's with an ip sofware it happend to be trusted compagnies like sony, aol time warner, bell canda and tellus. I don't have any sofware from any of these compagnies, never visited their websites... I mean come on not only u have stupid geeks trying to hack u now u got compagnies on your back??? I hope there's another explanation for this...
and for what i am just an internet regular usar. to me the internet is more of a big pile of chit than anything else.

  • 02.12.2005 1:50 PM PDT

"FOR YOUR OWN PROTECTION: Ensure brain is engaged before putting keyboard into gear."
Need a ninja?
Got a cheater? [email]h2cheats@microsoft.com[/email]
Forum Rules.
FAQ.
I'm certifiable.

It's not that the companies are trying to hack you, it's most likely that some users on their networks have been sloppy with their anti-virus stuff and have become "zombie" computers for other people's exploits.

Don't worry about them... that's what NIS is for. Just make sure you keep your firewall up-to-date and you'll be fine.

-- Steve also recommends Ad-Aware SE to keep malware under control, and will end this post before it gets too far off-topic.

  • 02.13.2005 9:14 AM PDT