True colours of =V= and their so called "admin"

[$carface]

I know this place is relatively drama free. But just a memo to anyone who have dealings with Qwerty or V administration. No doubt we will get that chopper coming over here hollering about some shit.

Anyway...

http://www.unrealadmin.org/forums/showt ... hp?t=31207
http://www.unrealkillers.com/f28/true-c ... #post57571

http://hofgamingclan.com/forum/topic.as ... 121&#97574
http://hofgamingclan.com/forum/topic.asp?TOPIC_ID=7128

[UT99.org]

The allegations of server crashing is not a huge deal, the server admin should look into a fix. should it go on for weeks on end and is ongoing at the time of investigating you might want to look into what is causing it, maybe you have an open ubertunnel etc. I couldn't count the times I've left this program running and advertised. Then you need to put it into context, is the server that is being crashed running private/stolen mods without permission, was he thrown out of the server unjustly and is sending it as a 'reminder', was the admin there asking him to test for exploits etc. Are the logs even real etc because they definitely match up.

The grooming is something I can relate to unfortunately, when I was young I would IRC without parental supervision and made friends who were maybe a little bit over-eager to review my work and write up good reviews. Well, the one guy, was slightly older than me but then later after a year it came out he was much older. Then thinking about some of the conversations I had with him I decided to diss-associate myself. Sure enough he turned up through mutual friends in the same place as me and was able to recite an address I had given at one point. The mere fact someone would write down an address and paste it into a file for later actually scares the shit out of me. Anyway THIS is something that concerns me deeply thinking he is crashing servers and hosting shitty home-connection servers to groom children, in MY game of UT. I am a more than a little disgusted

[JackGriffin]

A few weeks ago Chopper and Q asked me to help design a new RX for VM. I wasn't really doing anything so I told them I'd give it a shot. I joined VM as a coder/consultant (not really a playing member) and started work on it. Chopper made me a "major" or something in the clan so I could access the private forum, etc. I even ran the teamspeak for them for a short while (more on that in a second).

Along the way Chopper asked me to look at the server crashes that V was getting. It was clear that these were done on purpose because of the timing and nature of them, and that they were grouped exactly like someone would expect if you were testing a server crasher. Chopper has access to the server logs and I asked him to send them to me, which he did. Looking over the server logs it was clear that someone was crashing the server on purpose with the SecureValidate exploit. The part that really bothered me about it was that it was done not to harm but to test because it was done when the server was busy but not enough that it affected playercount. There were two, three crashes then it stopped. Never enough to run people off or ruin the server.

I told Chopper I wasn't interested in pursuing the server security end of things. I said it was too time consuming but the truth was I honestly felt like one of the VM core members was doing the crashing. I did not suspect Q then (however it makes sense in hindsight) but I did guess that whomever was responsible was going to create a real shitstorm when they were outed and I did not want to be involved. I ended up leaving V completely a few days later anyway but it was over their tolerance of sexual talk between adult men and very young teen girls in teamspeak. I don't abide by that shit *AT ALL* and I shut down my involvement completely over Chopper not stopping it. Men in their early twenties need to have their ass kicked for what I heard being said to a 14 YO girl.

<Breathe Kelly.....breathe......>

OK.

Let's be clear on a couple of things here too since I'm piping in on this nice little turn of events. I don't care much for Chopper but I don't think he was involved with this. He honestly wanted to know what the hell was going on and got the unfiltered logs for me probably without Q knowing (I can only imagine what Q must have thought when he knew I was looking at them). Also spend a little time researching this exploit and how it's done before you go defending Q. Shiva has his ass nailed to a wall on this and Q should be removed from the UT community completely and with total prejudice.

I'd just be somewhat careful with lumping all of V into this shitpile as I don't think the rest of the leadership knew the truth. I can't imagine Jad or Chopper ever going along with hurting another server. Neither ever asked me to do anything to anyone other than to secure their server and mods.

[$carface]

You know, I'm not one to gloat.

However, as I posted at HoF and uK forum. I always suspected him. We had our fair share from I suspect him which is why his IP address was firewalled a long time ago. Around the time HoF was crashing 24/7.

You're right Kelly, I do have his ass nailed to the wall, which is why he shut his servers down, no quibble. And also the same reason why I had an almost instant response from Verizon on the matter. I've had to wait weeks on end on previous responses. And as I tried to explain to the doubters, I am not a rookie. If I was in charge of the E-201, I'd be purchasing a dedicated before reporting any of this, and using a packet sniffer to nail this son of a gun even harder.

It's not an issue. I am confident Verizon will nail the abuse on him too.

[JackGriffin]

Yep, his actions speak the loudest for me. It's a shame too because I'd have enjoyed reading what was said on the VM forums but he kicked it all offline without a fight. He's done, and that's for the best.

Nice work. Remind me to never mess with you

[$carface]

Yep, his actions speak the loudest for me.

Exactly. Anyone who "knew" him, this would be extremely strange. The reason he gave at UA was he is not allowed to run servers from his residential address. However, looking at Verizon Fios' TOS I don't see that anywhere. Just that traffic shaping will be enforced if x amount of bandwidth is transferred within x amount of time.

Nice work. Remind me to never mess with you

I won't need to. You're a good boy

[UT99.org]

Sorry, I wasn't defending him or anyone. I think that is what you were implying. I think context is important is all. In all honesty the way the guy talks and acts I would never defend him I would prefer to say nothing if the opportunity had ever came up. Guess that's my ego talking

[Feralidragon]

Just case in point: I am going to allow this topic here because DDOSing is a serious felony in the web and UT overall, since many times servers got empty through those actions thus loosing precious players who otherwise would still be playing nowadays.
The DDOS affecting Philp came undoubtedly from Qwerty's end, that's not even up to debate, it's a fact. If either he did it on purpose or he was unaware of it (through PC hijacking, wi-fi 3rd party usage or other), that's honestly arguable, and only Qwerty knows the truth.

As I pointed at HoF, I am not taking sides on this. I already gave some input there, as (quoting myself in the eventuality the thread gets moved):

Spoiler

I won't really butt in and take sides nor any of that shit, but there's something I must say:
Obviously anyone from =V= or who is a friend of him will defend Qwerty, while others will drop his face in the mud.

Now, keeping in mind what I said before (not taking sides, being perfectly as much impartial as I can here), let's look at the facts:
- philp clearly shows in his logs a DDOS attack, using a known UT exploit, preventing players to join his server normally;
- in such logs it's always the same IP making the request;
- that IP matches solely Qwerty's, confirmed by pretty much everyone, apparently Qwerty himself as of now at UA.

So, from this point forward, you cannot deny it didn't come from his end. If you deny this, you lost the cause already, because there's empirical conclusive proof on this, and he is responsible for what his end does.
Pretty much when you own a car. If the car is yours, and someone else drives it, you're responsible for that person's actions on the wheel (unless you report it to the police as stolen).


Then we move on to either or not Qwerty was aware if that was happening.
That's frankly arguable, and this is where Qwerty's friends may defend him saying he was a victim of someone else, and the others not so much saying that he did on purpose.
I don't know either, no one knows but Qwerty himself, but having noticed how Qwerty could flip you one when you least expect it when things don't go his way (and it happened with me at least once), it's possible he could have done it on purpose, on another hand however, having also noticed that there were always other servers around of the same kind as others of his and weren't crashed afaik and since he brought some good to the community and the game, it's also possible that his end got hijacked by someone else.

But this begs the question: what if any of your trusted friends had his IP caught cheating in a server for example? Remember, one could as easily remotely launch the game with cheats on it, or someone else could have access to the computer, or someone could have been using his router (wi-fi?) having his IP, it's all very possible... but what would you do then if it was cheat and posted publicly?
Hypothetically speaking of course.


Now, to both sides arguments:

- Qwerty's not so friendly people: if you found some evidence on one or another attack, you can't blame him for every single other one.
You can blame him (his end) for this one, and others with his IP all written over it, but not all.
If you had no proof previously on the other ones, you don't have it now either. You can suspect, and yes there are a lot of weird coincidences, but you can't say with 100% certainty it was him, so I would ask you guys to not go around publicly accusing him for "every" crash in the world, it's not fair for him nor anyone else for that matter.

- Qwerty's friends: I admire your unwavering faith on Qwerty, you're truly good friends of him, but you can't just deny, deny, deny with this evidence presented to you. I was that naive once with some of my friends, UT and not UT, and fact is you never actually know them completely, either you know them personally or not.
You should keep supporting him if you feel that way, but don't do it blindly with "he's my friend, he wouldn't do it", but rather present logically "why" he wouldn't.
Within the why's, ask those questions to yourself first, and replace Qwerty with another individual for an instant, because for instance:
"why would he crash his own server?" can go both ways: he wouldn't (which is logical) but also he could have done so to not look suspicious. Think about it, if you were crashing rival servers, wouldn't you crash yours too by the same time to avoid suspicions?
Not saying he did so, but dismissing actions on the fact that his servers crashed in some way is not a good argument on this.


"Innocent until proven guilty", but now there is evidence that he's guilty (consciously or not) of at least on philp's server attacks, but now it's up to him (and perhaps his friends help) to prove otherwise if that's the case.


Again, to be clear, I am not defending nor attacking anyone, and I am not in favor nor against Qwerty in all of this, but I would like you guys to not go overboard in both ways and in both sides, I am just trying to lay out the facts as impartial as I can be.

And:

Spoiler

Jad i was going to respond to something you said that was ON TOPIC before it took a more serious turn.

We shouldn't lose perspective here.

Contacting the DOJ?

This is a gaming server issue Shiv, not an international crime syndicate we are talking about.

True enough.. The punishment should fit the crime. Worst case, it was an annoyance. It's not like there were monetary damages.

Actually I have to disagree here. There ARE monetary damages involved.
When you host a server, any server, you have to pay for it somehow, generally host a forum along with it and that payment is an investment with the purpose of having people playing and staying there.

DDOSing is a crime, no matter how you put it or go around it, it is a crime and it has contributed for this game's death immensely, it's just most people don't act.
By doing it the server owner is loosing the money he spent to host it in the first place, since his service he's paying for is down through the malevolent actions of someone else.

Perspective? Here's perspective for you:
It's not different from someone putting something in your car so it doesn't even start. That is a crime too, no? What you would you do, just suck it and dismiss it as well?

Want even more perspective? Said money is won through hard working family heads, fathers, mothers, etc, you name it.
There's many times sweat in that hard earned money, and rendering it useless for someone who's only intent is to bring relaxing times and joy to a community, is rendering useless many hours of hard work of said person.

Again, still not accusing anyone, but it kinda pisses me off people dismissing what's actually a serious deal.

[EvilGrins]

/start insane rant

He steps on your toe, you stomp on his toe.

He crashes your server, you send his server to the morgue.

That's the Chicago way!

/end insane rant

[Wises]

That particular exploit I believe is only patched via (justme's?) Ipserver.u?

Are there any-other mods/patches to protect against this exploit?

have contacted {G}ott to see if he can maybe patch XserverQuery.

which detected this attack to start with.

[UT99.org]

It's already fixed in XQuery although an option to turn logging off would be useful

funny how Qwerty was one of the ones who helped bring securevalidate into XQuery/XBrowser

And TNTJustMe is from the same country as you, silly, http://www.youtube.com/user/TNTJustMe

[Wises]

You can turn logging unknown queries off.

But is better to leave then on imo..

[JackGriffin]

This is just one way of doing malformed packet crashing in UT. You have to remember that this was the early age of internet gaming and the engine reflects a lot of vulnerabilities that don't exist in newer games.

I went into detail about how you deal with this stuff on a couple of forums. Generally when you get a server crasher you have to social engineer it as much as technically diagnose things. In hindsight the reasoning for this crashing was very clear and was suspected by several people. More should have been done to find out and less respect given to an elder statesman of UT if they are being considered.

Let's not lose sight too that Scarface stuck his neck waaay out over this and should be commended for his leadership. Because of his actions a major impediment to jets servers has been silenced. Well done Scarface and I thank you for your work.

[Wises]

so , doesn't ServerCrashFix block this ?

MalFormedString Exploits?

[$carface]

No it doesn't.