another high profile trader admin hijacked:
http://www.reddit.com/r/tf2trade/comments/orbjk/iama_mattie_fellow_with_the_largest_unusual_tc/
steamID: Mattie! (busy - sorry)
steamID32: STEAM_0:0:5712733
steamID64: http://steamcommunity.com/profiles/76561197971691194
customURL:
steamrepURL:
This mailing list is for source server administration related topics.
On Sun, Jan 22, 2012 at 8:31 AM, Mart-Jan Reeuwijk mreeu...@yahoo.com wrote:
another high profile trader admin hijacked:
http://www.reddit.com/r/tf2trade/comments/orbjk/iama_mattie_fellow_with_the_largest_unusual_tc/
Correct! However, sorry to burst your bubble, but technically this is
Source server administration related. http://mattie.net/cs/
While it may be on a tangent, there's no need to blacklist a topic like
this from the list!
On 22/01/2012 14:39, Alex Kowald wrote:
This mailing list is for source
Thats a bit of interesting thing in any case anyway, as if that's really
the Mattie and he did have security in order listed on reddit and still
was hacked, then does Steam has security issues again (forums anyone)?
Steamguard ineffective? Interesting to see if he had the fault or Steam.
-ics
Indeed, thats why I put it here, for he's maker of eventscript etc.
And I do think account security is a concern, and knowing Mattie, he's very
rigid on security. In other words, with the long streak of steam accounts being
hijacked... it raises the question if SteamGuard is any use in
I can confirm that he is:
- Author on EventScripts
- Admin on SteamRep.com
- Reddit Admin thorax
- And I did have a slowchat with him on a private section of a forum. He
confirmed to me and others there that the security he listed there was as how
he runs it.
Quote from him from that
There was a recent feature addition to steam that allows email changes
without confirmation for trusted computers.
http://store.steampowered.com/news/7114/
I believe trusted computer in that sense means any account with SG
enabled and authenticated. That would make it a quite frightening change,
Agreed, this was not a very sane change if that's the case.
Sent from my iPhone
On 22 Jan 2012, at 16:53, Ryan Stecker voidedwea...@gmail.com wrote:
That would make it a quite frightening change,
and I believe email confirmation should always be required.
On Sun, Jan 22, 2012 at 10:53:06AM -0600, Ryan Stecker wrote:
There was a recent feature addition to steam that allows email changes
without confirmation for trusted computers.
http://store.steampowered.com/news/7114/
I believe trusted computer in that sense means any account with SG
hmm, I do have hope they mean with that the SteamGuard protected account in
question. And it DOES send a mail after, to notify you of the change and a
link to steam support, see below:
Dear snip,
This email message confirms that your Steam account
SteamGuard can be disabled entirely from a trusted computer without
*any* notification or hassle.
Don't like this.
On Sun, Jan 22, 2012 at 7:06 PM, Mart-Jan Reeuwijk mreeu...@yahoo.com wrote:
hmm, I do have hope they mean with that the SteamGuard protected account in
question. And it DOES send
I think steam guard should be on ALWAYS, theres no point to disable it.
It just take 2 minutes to enable a new computer so shoulnt be an option
to be able to disable it. Just my opinion...
SteamGuard can be disabled entirely from a trusted computer without
*any* notification or hassle.
Don't
What reasoning is behind this? If someone wants to disable it, let them
disable it. It's their fault if they get jacked and obviously it wasn't
worth a few seconds of their time. Why sacrifice choice for... nothing?
Sure, maybe it should be on ALWAYS for you, so leave it on?
On 22/01/2012
I agree, but there seems to be a lot of users with dialups who'se ip's
change all the time and they previously posted on the forums and
complained a lot about it. Perhaps this led to decision to lighten Steam
Guard settings or features.
Atleast Valve added craft recepies for the xmas weapons
As far as i know steam guard check the computer, not ip. Maybe im wrong
but i was never blocked because of a ip change.
I agree, but there seems to be a lot of users with dialups who'se ip's
change all the time and they previously posted on the forums and
complained a lot about it. Perhaps
I don't know what they did but i used to get a lot of promps about
entering the code delivered to my e-mail in order to log in previously.
I haven't seen that dialog for months.
I also know that the thing leaves some sort of imprint to the machine
itself but ip-changes especially did this
Your machine/account is identified by a file in the steam directory. The
file is called a sentry file and it's name is in the form of
ssfnnumbers. The steam client provides a sha1 hash of this file at logon,
and the back-end confirms the validity of it.
Deleting the file would require you to
SteamGuard could use some additional configuration options. I want it
to be enabled at *all* times. I want a personal visit from VALVe staff
if an attempt to disable it is made.
Is that sentry file tied to the actual computer it's generated on?
Maybe that is an attack possibility. Get a hold on
*Edit5*: The hacker used personal information about me to convince
Steam Support he was me and get them to give their account to him. So
none of the above technical approaches fell victim, but he did have
access to enough personal information to social engineer his way in. I
haven't been as
you kidding me? even blizzard ask for a passport scan copy in case you
want to change any info.
*Edit5*: The hacker used personal information about me to convince
Steam Support he was me and get them to give their account to him. So
none of the above technical approaches fell victim, but he did
My server isint behind a NAT and i no one has no problem connecting to the
server. I can see the server fine in the server browser and it updates fine
too. It just spams that error in HLDS, SRCDS doesnt have it at all.
___
To unsubscribe, edit your
If your servers run fine then what is the problem?
Don't fix that that is not broken
On Jan 23, 2012 11:44 AM, PAL-18 pal...@zombiegamer.net wrote:
My server isint behind a NAT and i no one has no problem connecting to the
server. I can see the server fine in the server browser and it updates
I've never liked STEAM GUARD, especially having it forced on all of my
accounts without me knowing. I have 5 accounts due to buying two platinum
packs way back in 1997. Out of all five of my steam accounts, I never once
noticed that STEAM GUARD had been installed, much less activated, and I
Could you never post again? The SNR in here is plummeting.
On 1/22/2012 10:09 PM, Kdog wrote:
I've never liked STEAM GUARD, especially having it forced on all of my
accounts without me knowing. I have 5 accounts due to buying two
platinum packs way back in 1997. Out of all five of my steam
I would have just said if it is sent to spam, it's spam or there's no such
thing as a VAC admin and a Valve staff member will not randomly ask for your
password or just plain old don't be an idiot and share your password.
Honestly, you are just boasting rather than complaining. No one cares if
lol, google passport scan and you get over 2 million picture results... are
YOU kidding me? I'll never scan my passport and put it on the internet for w/e.
Exactly for this kind of reason.
Stop proposing bad measures. SteamGuard was a step in the right direction. Now,
to improve the policy's
Its his own fault for investing $20,000 into a game. Idiot needs to learn
how to secure his PC.
___
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
On 1/23/2012 12:49 AM, James Puckett wrote:
Its his own fault for investing $20,000 into a game. Idiot needs to learn
how to secure his PC.
___
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
Did you (James Puckett) actually read his entire first post? His security
measures weren't bypassed - simple social engineering did the deed.
Still not sure how this pertains to server administration though? Interesting
news yes, but nothing to do with administering a server ... move along
It spams that message in console which in itself isint that bad except it makes
my log files huge.
___
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
Aaron \DJ Zyrphon\ Thompson MORON
- Original Message -
From: hlds_linux-requ...@list.valvesoftware.com
To: hlds_linux@list.valvesoftware.com
Sent: Sunday, January 22, 2012 10:01 PM
Subject: hlds_linux Digest, Vol 47, Issue 52
Send hlds_linux mailing list submissions to
31 matches
Mail list logo