Argonath RPG - A World of its own

Community => News and Announcements => Topic started by: Teddy on January 28, 2016, 07:11:24 am

Title: Annual Security Report, 2015
Post by: Teddy on January 28, 2016, 07:11:24 am
Hi,

We've never published these before... or really ever kept track or dug into it... but I believe in transparency so I'll leave this here. These are based on logged incidents from when we moved to our newest server until December 31st, 2015.

Main Dedicated Server
Intrusion Attempts: 368
Successful intrusions: 0

Virtual Servers
Intrusion Attempts: 283/avg per VM (mostly targeting Linux VMs)
Successful intrusions: 3

The IV:MP & SA:MP virtual machine were both successfully breached by a Chinese bot net within the first week of their setup before more advanced security settings were put into place. The bot net turned the servers into zombies and utilized them to carry out malicious activity for an entire night before it was detected and rectified. The source of this problem was human error on our end.

The database virtual machine was breached by a Russian bot net in Autumn of 2015, the breach was locked out within less than a second by intrusion detection software. The account accessed had no permission to access any data, the account was a service used for starting and stopping a third-party monitoring software and it's permission was very very limited.

There have been no breaches of databases in 2015.

All virtual machines have been updated on a regular schedule leading to the installation of over 2,500 security related patches (Linux total only). The servers are all responding under 80% usage of RAM, CPU and disk space; the optimal target range for server best performance.

We've had 8 server caused/related outages (outages longer than 3 minutes) leading to a total downtime of 6 hours and 32 minutes.

The average up-time is 43.4 days (Linux totals only).

- Teddy
Title: Re: Annual Security Report, 2015
Post by: [NP]Monte Montague on January 28, 2016, 07:19:48 am
What of any phishing attempts etc?
Title: Re: Annual Security Report, 2015
Post by: Teddy on January 28, 2016, 07:22:03 am
Quote from: [NP]Monte Montague on January 28, 2016, 07:19:48 am
What of any phishing attempts etc?

None that have targeted the dedicated servers or it's virtual machines themselves; as this report is about. In terms of game servers themselves, I only know of one recently targeting SA:MP.
Title: Re: Annual Security Report, 2015
Post by: Blommen on January 28, 2016, 09:00:47 am
Nice, keep the good work going Teddy!  :D
Title: Re: Annual Security Report, 2015
Post by: eymas on January 28, 2016, 11:15:38 pm
Always the eastern side that wants to zombify servers for botnets  :uhm:
Title: Re: Annual Security Report, 2015
Post by: ahmedXD on January 30, 2016, 09:50:29 am
Their intentions is to steal the server scripts maybe.
I mean its rare that Russians or French hackers attempt to hack Argonath server.
Title: Re: Annual Security Report, 2015
Post by: Teddy on January 30, 2016, 08:27:12 pm
Quote from: ahmedXD on January 30, 2016, 09:50:29 am
Their intentions is to steal the server scripts maybe.
I mean its rare that Russians or French hackers attempt to hack Argonath server.

They likely have no idea what Argonath RPG is, they're just bot nets that try and infect as many machines as possible in order to grow their numbers. Most of them appear to be bot nets.
SimplePortal 2.3.7 © 2008-2025, SimplePortal