AwakenedRage

We are currently experiencing a service outage in our servercenter, which is causing DCE, MySQL, Mumble,MC and email downtime. Our administrators are working on identifying the cause. We will make sure to update this post as soon as we have further information. We apologize for the trouble and appreciate your patience. Update #1: The Operating System is having issues and has to be reinstalled, we will be setting up a temporary MySQL/MariaDB in the next 10 hours. The server should be back up and running by tomorrow. Update #2: TEMP VPS bought for Demoria Usage, but for right now it will host CU's DB until the original DBServer is fixed. Update #3: SFTP has been installed, now MySQL will be installed Updated #4: MySQL has been installed,but still has to be configured, because my SSH client does not allow data entry. such as Y or N because WINSCP sucks and I cannot use PuTTY on this computer ._. Update #5: Someone tried to login to the VPS from China 155 times. Wow, Update #6: MySQL has been configured on the server side. Permissions have to be setup next. Finished 6-7PM Update #7: Noticed that someone successfully got into an Administrator Account on the Forums. MySQL efforts now put on hold Happened at 7:30PM Update #8: MySQL Permissions Setup 10PM Update #9 The database is having trouble importing due to the file being 1.07GB compressed. Efforts will be made later today to import only the required databases instead of all of them in a single contained file.

Last night I meant to reinstall the operating system but never did, the reason is because I was extremely exhausted and the fact the server had quiet down. Tonight the server will be going down for maintenance to ensure future quality assurance. No server health management applications will be added, it is debatable whether bug-tracking will be enabled for the system. Planned Server Configuration Changes: The server's player count will be reduced to 70. More Ranks will be added, and some possibly removed to reduce stress on the permission system. To accommodate for Demoria System Administrators being able to administrate if needed. Plugins that are unused, will be removed. Particularly the Clockwork Planter plugin. Backups now scheduled automatically by the system. Amount of Memory used will be decreased. to give the system some ram to use for file transfers. EPEL will be installed correctly RPM Forge will be installed correctly If lag still occurs then more changes may occur. *SUBJECT TO CHANGE

CU will continue to run, because I'm already used to these type's of events and won't be as affected as you are. This is due to the fact that this isn't my first experience regarding a fatality or a death of someone close. One of our developer's as you might know passed away last August, and with his parents partially blaming me for the incident (because I could of prevented it, if I gave someone else the extra work I gave him that day he would of been somewhere else) , I know exactly how your feeling right now. It took me 2 weeks to get over the thought of his death. I won't be on until later, but it you need someone to talk to let me know. Take your time and hope you feel better, ~ Michael If you need to contact me ASAP email me at [email protected]

post

Just private message me on here. It will be a while until I get out of school and finsih studying.

Hey everybody this is Michael aka Awakened Rage I want to clarify something. What I did last night was a joke, but when Aly thought I was going to distribute his information that he gave to me in text chat and kept referencing the non-existant laws and incorrect facts it irritated me more and more and made me act irrationally. It made me want to prove him wrong by getting into his network which I threatened I would do, but in reality I was only going to check if the IP was active and what ports were running on the network. (Which I admit I was fluking, and probably if I did that in that context it would be illegal) This threat was seen by Alycat in different context than I intended. . This would have been fixable if I didn’t find out that Aly was talking behind my back by saying that I was “ruining cu”. This made me act harsh towards him on my last chance of possibly fixing this incident, rather because I have contributed a lot of resources to CU and I was offended. I told him to apologize and I would remove him from being unable to oonnect to my network. Which I admit, I regret entirely. This post is supposed to give me closure so I am going to be 100% honest. This act was very hypocritical of me, by getting mad at Maverick in December about being doxed when I did the same act that he did, but to a much less extent. I am no longer interested in doing this, I will never do it again due to this incident and I promise all of you that you can feel secure on the server. I admit that this was extremely prejudice. I feel extremely guilty, you have no idea. I regret my actions last night, I should of apologized to Aly but I didn’t. There is no excuse for this, but I feel you should all know that this can be done involuntarily by me. You all may have noticed this repetitive behaviors of me, I no longer feel comfortable hiding this from you but I am diagnosed with Aspergers Syndrome. Asperger’s rarely affects me anymore, except for yesterdays case where I was unable to handle the situation properly. I do not want pity for that, nor do I want to be treated differently. People with Asperger syndrome display behavior, interests, and activities that are restricted and repetitive and are sometimes abnormally intense or focused. They may stick to inflexible routines More Information will be released in the future, but my point of view has been hidden because I feel that it is disrespectful to Alycat and that he didn’t deserve to hear what I said. Thanks, Michael/ AR

I have removed the information regarding the last post, due to me realizing that I didnt handle the situation properly and over reacted. If you didn't see the previous post on the attack yesterday then let me fill you in on what happened. Around yesterday afternoon at 3PM about 15 accounts joined in about 60 seconds with the same ip. We had this happen before and didn't think much of it and we just banned the IP address. But nothing happened when we banned the IP and the server was having trouble kicking them off the server due to a packet related issue. When we got on their server and asked them about it, they took credit for the spam attack and laughed. I admit that the attack was very well thought out and bypassed our regular safety measures. Upon looking in the logs farther we found that business IP's were used in the attack and they were not classified as VPN's. At first I thoughtt that perhap's they worked at these companies, but now I realize that they were probably trafficing through that network to mislead where they really are at. The IP's they had were very unique and started with a single digit, these IP's are typically used by dedicated servers, which made me think "Are they the ones who has been attacking us since December?" The normal script kiddy attacker would not use a dedicated IP address or an IP Associated with a business to hide behind, so its a possibility. All staff keep an eye on the IP's of players that join and if you find multiple users using the same IP question them for an explaination. Apologies, AR

You deliberately spawned an enderdragon before. Care to shed some light on that?

Actually, I was the person who banned you. But point is, we've found that this isn't the first incident. Care to confess on your other incident?

Some service's for the Minecraft server such as Plotme are disabled until farther notice. As for VOIP Servers the mumble is currently inaccessible until father notice. We sincerely apologize for the inconvenience caused.

Last night the VM for Chaotic United was corrupted, as you all probably know from how many times I've had to pull the server down last night. However we lost everything for Teamspeak and since I have to set it up once again I have decided to go for Mumble due to it being open source. The MC Server is down because of a external issue with the environment around the machine, it is not known when the server will be back up. I have to mess around with Fan Controls just to make it quieter. I'll post in the shoutbox when the MC Server is back online.

Poll has been closed because Teamspeak uses less resources and would be better.

Hello all, All the high staff of Chaotic United has decided to add a VOIP server, however I am somewhat against a Teamspeak server due to lack of knowledge on setting it up. Would you all be willing to use a mumble server? Please vote in the poll. Thanks, AwakenedRage

We are pleased to confirm the recent DDOS attack has been fully mitigated. Security on the firewall has been uped to maximum security Whoever was responsible was repeatedly crashing the Minecraft Server in hope of data corruption I am assuming. This would be triggered whenever the player tried joining, it would confuse the server because he was not showing any IP address to the server Keep the malicious occurances coming, the more you try to harm us the stronger Chaotic United becomes.

Hi there, There is a DDOS effecting RTG's Network currently, our team is already working to mitigate the attack, service will be restored within the next 20 minutes. approx. We apologies for the inconvenience caused.

I know other Servers aren't allowed to be talked about, but this is a topic that will affect this community. This is the only way I can contact the staff. For the past couple weeks we have been receiving packets, last week we received more packets from a different source after our staff started communicating with ND Staff, I blacklisted the IP and didnt expect anything more, that was until After having a personal conversation this weekend with staff members of ND. My firewall was detecting traffic against a blacklisted IP through Skype. Upon farther investigation we have matched the IP's of those ND members with the IP's that have been DDoSing us. This has been our course of action: Forum Moderators check this IP below and you will clearly see that it leads to a Staff Member of ND IP Address:149.76.228.179 We have compiled a report of information of where exactly this IP originates but will not post it until provoked farther. This didn't go well for the last person who we did this to. This is 100% legal Removal of this post will result in us posting more proof. We've already been on good terms with Atomic/Nuke and have already notified him of this incident. We do not want to wreck this community farther, but we will do anything to make this end.

Lol, thats an understatement. Mind PMing your Skype or something? I run the server currently, upgrading it soon to. HP Proliant DL585 G5 AMD Opteron™ 8393 SE Quad-Core Processor NOTE: Support for 2 or 4 processors Memory: 128GB (256GB Max) Just want to ask a couple questions. You probably know what its about.

Maverick, the person who caused this mess is an extremely dangerous individual. He threatened to leak my personal information such as Address, IP Address, Social Networking Accounts etc. As PurpleFreeze said, Their decision to use a DDoS attack is a good sign. We've repeatedly received various threats from these individuals about breaking into the servers in some manner or another, at some certain time, for them to do some certain damage. Each time, these threats have proven to be completely false. Reverting to a DDoS attack is comparatively far less harmful and extremely unsophisticated, so this can be taken as a sign that they're ragequitting the "subvert our actual security" plan. From the thing Maverick has tried to do to me I would say he tried to get onto our database server, to start getting the IP's of the players and slowly dox all their information. But because of him doing this once before, I activated SSL on the DBServer which I agree was excellent timing to do so. We then decided that he would have to be doxed in order for any of this to stop. The difference from us doing it is that we used it from information that he left behind logging on to our servers, this made it 100% legal as long as we didn't distribute information to the public. I have put the minimum amount of information to show what had to be done. We eventually were able to establish an address. Well I do have a particular development, Authorities have gotten involved in the case. Its currently still being investigated. But according to one of his former partners (Who betrayed him). He is locked up tight, either way I supplied enough evidence to prove that he is the culprit. Even if he isn't in jail, he will be within the next 2 weeks. 17 other servers were DDoSed at the same exact time that this occured Only reason I was dragged into this mess is because of me being part of the community and my involvement with the community. None of our Databases were compromised and Maverick never saw your information. I made sure of that. I will never use logs or databases to get your personal information, I only do it if you threaten to do it to me, my family and my friends. No more downtime for a while I apologize for the server going down randomly this past week. DDoS attacks werent the only cause, our house is being renovated as well and the connection would cause players to get kicked all of a sudden. However they were able to reconnect shortly after.

Somewhat, since my PC is back up and running.

I'm posting this on behalf of PurpleFreeze, Demoria's former lead developer of DCE (Demoria Custom Engine) Warning: Not all information is given to prevent the attacker's from gaining advantage from what we know. Hey everybody this is PurpleFreeze (AKA Alex H) Demoria and Chaotic United are safe for the meantime. 2 weeks ago last Sunday, there were a couple staff members and player's on when suddenly connection for the server just dropped. That was because the server's ethernet was overloaded and made Superdoctor 5 (Our hardware analysis program) disable ethernet as we had set it to that option to prevent the ethernet adapter from shorting out from receiving too much data. You might be asking, how did someone figure out a server that barely anybody from the public would know about? Let alone the port number's that Demoria uses. It is very easy to find out what ports are open on somones network with a quick scan and a program that can send a large amount of packets to take it down. Originally, we ran Demoria with no firewall because it was easier to run. But now we see that people want to put an end to our ambitions. So Michael spent 3 hours configuring a firewall that separate's all ethernet connections to a certain speed and filter's packet's. The firewall has worked perfectly since then. Their decision to use a DDoS attack is a good sign. We've repeatedly received various threats from these individuals about breaking into the servers in some manner or another, at some certain time, for them to do some certain damage. Each time, these threats have proven to be completely false. Reverting to a DDoS attack is comparatively far less harmful and extremely unsophisticated, so this can be taken as a sign that they're ragequitting the "subvert our actual security" plan. Michael and I have deliberately avoided working with the server to put our next plan into action The impression that this guy is trying to make is that he can just waltz into anyone's account whenever he wants and delete everything. This is not the case: the users affected all had weak enough passwords that he could crack them after about 60 guesses. Additionally, we have account recovery features that we have used to restore the items and return them to their rightful owners. Now you may be thinking that 60 guesses is a lot. Most of these things are not done by hand, but rather through a simple program or script to try passwords from a pre-defined list and record the successful ones. This is where we must admit a small mistake on our part: the industry-standard way to protect against this is to put a rate limit on how quickly a given computer may attempt logging in. When we designed our accounts database, we were only focused on the (extremely small) alpha test, and features like that didn't get implemented yet. We finally implemented rate-limiting by returning fake results when a dictionary attack is detected, which interestingly enough caused our attacker to come storming into our IRC and immediately demand to speak to a developer I'm really not entirely sure where his sense of self-entitlement comes from, but I suspect he was frustrated by the numerous fake entries he ended up with thwarting his plans. To better understand his attack, we allowed him to continue under careful control and monitoring - a technique known in the industry as "honeypotting." A honeypot is essentially an isolated sandbox that you can put naughty kids like this into to keep them away from "real" information and better understand their behavior. That is why exactly we "intentionally made the database's go into DIRM mode (Dictionary Intrustion Recovery Measures) This stop's all information from being written but instead it was marked as read-only Nothing of value was lost, but it was showed to him that he is not welcome on our server's and he was trolled and that he is wasting his time. Clues Left: The first character he intruded was named Hocesta venatus which translates into This is a Game. He was moved to an non-existant zone in the game called Ageiterum, which means Try Again? Items were unable to be used and he would constantly be moved to an area that he was at before, as if he was lagging and hurting our servers. LOL No On that last point: As he's already been shut out of the system, and working from a list of compromised accounts from Monday. Finally I ran a security audit on all of our systems. This involves double-checking the logs, configuration, and behavior of each node to ensure that nothing has been comporomised and nothing has been accidentally misconfigured. I'm pleased to report that there is still no evidence that our database is (or ever was) accessible to anyone else (and if it was, why go through all this trouble? Just rename all the Characters to something offensive). Thanks for reading and bearing through with us as we worked this out, Sincerely, PurpleFreeze

Maintenance is now over, thank you for your patience. Close Please

Below is the specifications of the machine's used, I currently allocate 4 to 5 GB to Chaotic United and the rest to Demoria. Whenever the server is operating with both the CPU goes to 85% average. It only goes to 100 when the Minecraft server is starting up. I want Chaotic United to at least have funds enough for a years worth of 4GB hosting before moving to another host. Pretty much any host will beat my server regarding processor speed. However, memory is another story. The only reason why I lean towards a years worth of hosting is because you have alot of time before you to pay it again and can get alot of donations in that time. Database Server: Operating System Windows Server 2008 R2 Enterprise 64-bit SP1 CPU Intel Core 2 Duo E8400 @ 3.00GHz 34 °C Wolfdale 45nm Technology RAM 4.00GB Motherboard Supermicro X7SBL (CPU 1) 24 °C Graphics Standard Monitor (1680x1050@60Hz) XGI Technology (eXtreme Graphics Innovation) Standard VGA Graphics Adapter (Super Micro Computer) Storage 698GB Seagate ST3750640AS ATA Device (SATA) 44 °C 931GB Western Digital WDC WD1002FBYS-02A6B0 ATA Device (SATA) 42 °C 465GB Western Digital WDC WD5000AAKS-41TMA0 ATA Device (SATA) 47 °C 931GB Western Digital WDC WD1002FBYS-18W8B0 ATA Device (SATA) 43 °C 931GB Western Digital WDC WD1002FBYS-18W8B0 ATA Device (SATA) 45 °C 931GB Western Digital WD My Passport 0748 USB Device (USB) 931GB TOSHIBA External USB 3.0 USB Device (USB (SATA)) Game Server: Operating System CentOS 7 CPU Intel Xeon ® CPU 3110 @ 3.00GHz 34 °C Wolfdale 45nm Technology RAM 8.00GB Motherboard Supermicro X7SBL Graphics XGI Technology (eXtreme Graphics Innovation) Standard VGA Graphics Adapter (Super Micro Computer) Storage Maxtor 160GB

Hello, Everybody I'm AwakenedRage, Chaotic United's Server Technician. The Minecraft server has been successfully transfered to a new machine and now has a playercap of 200 players. Hourly Backup's are not properly setup as of right now and Survival Games are having issues. But neverless the server is up for testing! At 11:30AM Chaotic United's server will be going down for updates, and reconfiguration. During this time us Server Technicians will be manually be inputting all the information for plotme into a database for easier accessiablity.This mean's all passwords for login security will be reset and you will have to register once again. The following plugins will be transitioning to databases - Plot Me - Coreprotect - MCMMO - Residents - Prism - Votifier - Login Secuirty (Not recoverable) - Grief PreventioN Data - Hawkeye The amount of time is not clear as of right now, but the shoutbox will have any future updates regarding the maintenance. Lastly, If you notice that any of your data for MCMMO, or Plot me please contact a staff member here on the forums for assitance and a technician will change it in the database. Sincerely, AwakenedRage Server Technician