Invader attacks during online-poker...?!

aikindoma

aikindoma

Rock Star
Silver Level
Joined
Jun 22, 2010
Total posts
179
Chips
0
Don't know if it's the right place in the forum...

I have a pretty good firewall and it shows me all kinds of
invader attacks on my PC...

Most of them when I'm playing poker on FTP or Stars...

I think(my theory) this must be coming from Russian servers
or any other country in that area...

I am not a PC-Guru and can't find out how to find a proof for this,
but those alerts are mostly during I'm playing online poker.

Does anybody here know more about this...?
 
Poof

Poof

Made in the USA
Silver Level
Joined
May 21, 2008
Total posts
14,419
Chips
0
Sounds like FTP and Stars are trying to hack into your computer.
 
the lab man

the lab man

CardsChat Irregular
Silver Level
Joined
Jan 12, 2006
Total posts
3,557
Awards
1
Chips
1
No Probably Moldavians or slovakians
 
TheKAAHK

TheKAAHK

CardsChat Elite
Silver Level
Joined
Feb 2, 2009
Total posts
5,266
Awards
8
CA
Chips
832
What makes you assume they're Russian?
 
aikindoma

aikindoma

Rock Star
Silver Level
Joined
Jun 22, 2010
Total posts
179
Chips
0
What makes you assume they're Russian?
I am not sure that it comes from Russian servers...

I had once an alert from my anti-virus for some kind of worm.
I googled it and read that it's an old worm sitting on servers
and wait to catch the users from it.

Most of the servers are protected, but some old ones not.
Those are mostly in the former communist block countries.

The most spyware is made in that region too...

But I am not 100% sure...
 
arahel_jazz

arahel_jazz

Unbalanced and Committed
Silver Level
Joined
Apr 6, 2007
Total posts
6,764
Chips
0
Today, you won't be able to tell where most attackers are really from unless they are just script kiddies. Most real attackers use a Tor network to anonomize their IP.
 
aikindoma

aikindoma

Rock Star
Silver Level
Joined
Jun 22, 2010
Total posts
179
Chips
0
I can assure you it is not from those poker sites, run a scan and get rid of it.
I don't have any problems, my firewall works...

...but I keep track when I got attacked...!!!

And this happens mostly when I play poker.

Think you all should be careful and use a strong firewall too.

Hey, maybe I am to paranoid...:s:
 
dmorris68

dmorris68

Legend
Loyaler
Joined
May 27, 2008
Total posts
6,788
Awards
2
Chips
0
Trust me. The likelihood of you being hacked from a Russian server through your poker client is about 0.0000001%. It is remotely possible that you've been infected with something that targets poker clients when they're open, possibly to try and hijack your account or watch your tables, and is communicating to a remote server. Mind you, it would theoretically be possible, but I've not heard of it happening. But there is no way that a remote server can attack you through your poker client, at least not any of the big rooms like Stars or Tilt. They establish encrypted channels that are secured by certificate or PKI, and do not accept any connections that do not come from their servers. Perhaps remote servers are constantly probing the ports your poker clients use, but you don't see them when the clients aren't open and listening -- assuming they even open ports for listening (I haven't I run a packet analyzer yet when a poker client is open to see if it actually listens -- most network clients don't listen, rather they initiate connections to a server who is listening).

Virtually all computers on the internet are constantly being probed by literally millions of botnets and infected machines. I run a self-built linux gateway/firewall, and sometimes just for kicks I'll tail the firewall log and watch connection attempts from all over the world stream by constantly. It's a rough world out there in the tubes, which is why you should always keep your security software up to date and run multiple layers of firewalls when possible (like a NAT router + a software firewall).
 
greenokom

greenokom

Enthusiast
Silver Level
Joined
Feb 19, 2009
Total posts
97
Chips
0
It's recommend that you format your computer once a period and install fresh windows. So you save yourself dealing with all sorts of strange things on the computer. To save myself the time of installation of windows I make, using software called a Norton Ghost, backup file contains new installation of Windows and the softwares in my computer. The recovery of this backup file with this software takes 5 minutes.
 
M

mosseyAJ

Rock Star
Silver Level
Joined
Jun 20, 2010
Total posts
116
Chips
0
My guess from an information security professional standpoint is that at one time when your computer was not properly protected by antispyware or antivirus, an .exe was loaded on your system. Now, coincidentally when you start your poker program a certain port is opened on your firewall, the same port that the software uses, which is why you are getting attacked mostly during that specific time.

This is just a theory however, its hard to say since i haven't seen your system. Also, i really doubt that the attack would be coming from a Russian server. It's probably coming from the damn chinese. They got bored trying to hack my shit at work, and started in on your home PC. lol
 
aikindoma

aikindoma

Rock Star
Silver Level
Joined
Jun 22, 2010
Total posts
179
Chips
0
Trust me. The likelihood of you being hacked from a Russian server through your poker client is about 0.0000001%. It is remotely possible that you've been infected with something that targets poker clients when they're open, possibly to try and hijack your account or watch your tables, and is communicating to a remote server. Mind you, it would theoretically be possible, but I've not heard of it happening. But there is no way that a remote server can attack you through your poker client, at least not any of the big rooms like Stars or Tilt. They establish encrypted channels that are secured by certificate or PKI, and do not accept any connections that do not come from their servers. Perhaps remote servers are constantly probing the ports your poker clients use, but you don't see them when the clients aren't open and listening -- assuming they even open ports for listening (I haven't I run a packet analyzer yet when a poker client is open to see if it actually listens -- most network clients don't listen, rather they initiate connections to a server who is listening).

Virtually all computers on the internet are constantly being probed by literally millions of botnets and infected machines. I run a self-built Linux gateway/firewall, and sometimes just for kicks I'll tail the firewall log and watch connection attempts from all over the world stream by constantly. It's a rough world out there in the tubes, which is why you should always keep your security software up to date and run multiple layers of firewalls when possible (like a NAT router + a software firewall).
Thanks...!!!
 
aikindoma

aikindoma

Rock Star
Silver Level
Joined
Jun 22, 2010
Total posts
179
Chips
0
My guess from an information security professional standpoint is that at one time when your computer was not properly protected by antispyware or antivirus, an .exe was loaded on your system. Now, coincidentally when you start your poker program a certain port is opened on your firewall, the same port that the software uses, which is why you are getting attacked mostly during that specific time.

This is just a theory however, its hard to say since i haven't seen your system. Also, i really doubt that the attack would be coming from a Russian server. It's probably coming from the damn chinese. They got bored trying to hack my shit at work, and started in on your home PC. lol
You are probably right...!
I had problems before and now with my firewall they are all gone...!
Had some tries from my PC contacting anywhere outside, and it got blocked so far. There is maybe something still hidden and not cleaned until I do a clean reinstall of my OS. But still I wonder wher the outside attempts to invade is coming from.
I am sure that the poker software is safe...!
...and my PC should be safe too...!

Thanks for help...
 
aikindoma

aikindoma

Rock Star
Silver Level
Joined
Jun 22, 2010
Total posts
179
Chips
0
It's recommend that you format your computer once a period and install fresh windows. So you save yourself dealing with all sorts of strange things on the computer. To save myself the time of installation of windows I make, using software called a Norton Ghost, backup file contains new installation of Windows and the softwares in my computer. The recovery of this backup file with this software takes 5 minutes.
You're right, it's the safest to do...!!!

But I use my PC to make sounds and produce music, so I have a lot plug ins installed...!
Takes me almost 3-4 days to install all my stuff and set it all right.
I play poker beside to relax and have fun...!!!

Will never make a living of it and have no reason to try...
 
belerophon

belerophon

Rock Star
Silver Level
Joined
Jan 30, 2010
Total posts
346
Chips
0
Trust me. The likelihood of you being hacked from a Russian server through your poker client is about 0.0000001%. It is remotely possible that you've been infected with something that targets poker clients when they're open, possibly to try and hijack your account or watch your tables, and is communicating to a remote server. Mind you, it would theoretically be possible, but I've not heard of it happening. But there is no way that a remote server can attack you through your poker client, at least not any of the big rooms like Stars or Tilt. They establish encrypted channels that are secured by certificate or PKI, and do not accept any connections that do not come from their servers. Perhaps remote servers are constantly probing the ports your poker clients use, but you don't see them when the clients aren't open and listening -- assuming they even open ports for listening (I haven't I run a packet analyzer yet when a poker client is open to see if it actually listens -- most network clients don't listen, rather they initiate connections to a server who is listening).

Virtually all computers on the internet are constantly being probed by literally millions of botnets and infected machines. I run a self-built Linux gateway/firewall, and sometimes just for kicks I'll tail the firewall log and watch connection attempts from all over the world stream by constantly. It's a rough world out there in the tubes, which is why you should always keep your security software up to date and run multiple layers of firewalls when possible (like a NAT router + a software firewall).


Isn't it possible that you could find yourself having to explain your computer analyzing to the poker gods? I'm sure they use all sorts of sniffers to see what your up to while your running a client to prevent bots.
 
dmorris68

dmorris68

Legend
Loyaler
Joined
May 27, 2008
Total posts
6,788
Awards
2
Chips
0
Isn't it possible that you could find yourself having to explain your computer analyzing to the poker gods? I'm sure they use all sorts of sniffers to see what your up to while your running a client to prevent bots.
Not at all. Running a sniffer isn't going to set off any alarm bells. For one, their channels are encrypted so there's no clear data to sniff -- I'd only be looking for port usage. For another, even if I could and wanted to crack their datastream, they don't transmit anything I could use (like hole cards) other than my own. Finally, there is no mention of sniffers or other network monitoring tools in their prohibited software list, not that they could enforce it anyway -- how do you think rooms like Cake and UB were recently found to have poor, breakable encryption?

As far as illegal client software, they're primarily interested in detecting poker-specific cheats, bots, ICM tools, etc. Besides, I don't usually run my sniffer on the client PC anyway, I usually run it from my Linux gateway.
 
arahel_jazz

arahel_jazz

Unbalanced and Committed
Silver Level
Joined
Apr 6, 2007
Total posts
6,764
Chips
0
Not at all. Running a sniffer isn't going to set off any alarm bells. For one, their channels are encrypted so there's no clear data to sniff -- I'd only be looking for port usage. For another, even if I could and wanted to crack their datastream, they don't transmit anything I could use (like hole cards) other than my own. Finally, there is no mention of sniffers or other network monitoring tools in their prohibited software list, not that they could enforce it anyway -- how do you think rooms like Cake and Ultimatebet were recently found to have poor, breakable encryption?

As far as illegal client software, they're primarily interested in detecting poker-specific cheats, bots, ICM tools, etc. Besides, I don't usually run my sniffer on the client PC anyway, I usually run it from my Linux gateway.

Besides, it's fun and educational - pokerstars uses SSHv3, and FullTilt uses TLS. It gives you a chance to see the protocols in action. :cool:
 
aikindoma

aikindoma

Rock Star
Silver Level
Joined
Jun 22, 2010
Total posts
179
Chips
0
Not at all. Running a sniffer isn't going to set off any alarm bells. For one, their channels are encrypted so there's no clear data to sniff -- I'd only be looking for port usage. For another, even if I could and wanted to crack their datastream, they don't transmit anything I could use (like hole cards) other than my own. Finally, there is no mention of sniffers or other network monitoring tools in their prohibited software list, not that they could enforce it anyway -- how do you think rooms like Cake and Ultimatebet were recently found to have poor, breakable encryption?

As far as illegal client software, they're primarily interested in detecting poker-specific cheats, bots, ICM tools, etc. Besides, I don't usually run my sniffer on the client PC anyway, I usually run it from my Linux gateway.
What is a sniffer, please...?
 
dmorris68

dmorris68

Legend
Loyaler
Joined
May 27, 2008
Total posts
6,788
Awards
2
Chips
0
"Sniffer" is a commonly used name for a Network Packet Analyzer. It is software designed to listen for, capture, and analyze network traffic. Commonly used by network admins/technicians and software developers to monitor, troubleshoot, debug, and reverse-engineer network protocols. Obviously hackers find them useful as well.
 
TheOne2Watch

TheOne2Watch

Enthusiast
Silver Level
Joined
Aug 10, 2010
Total posts
49
Chips
0
I use to get those warnings all the time while playing poker, but I have recently got Norton Security on my computer and have not had those warnings since.
 
greenokom

greenokom

Enthusiast
Silver Level
Joined
Feb 19, 2009
Total posts
97
Chips
0
You're right, it's the safest to do...!!!

But I use my PC to make sounds and produce music, so I have a lot plug ins installed...!
Takes me almost 3-4 days to install all my stuff and set it all right.
I play poker beside to relax and have fun...!!!

Will never make a living of it and have no reason to try...

I'll explain myself. See what I wrote: To save myself the time of installation of windows I make, using software called a Norton Ghost, backup file contains new installation of Windows and the softwares in my computer.

When I wrote "the softwares I ment all the software you use in your computer and all the drivers in your computer. ;)
 
aikindoma

aikindoma

Rock Star
Silver Level
Joined
Jun 22, 2010
Total posts
179
Chips
0
I'll explain myself. See what I wrote: To save myself the time of installation of windows I make, using software called a Norton Ghost, backup file contains new installation of Windows and the softwares in my computer.

When I wrote "the softwares I ment all the software you use in your computer and all the drivers in your computer. ;)
Ahh, I see...!!!:rolleyes:

Thank You...;)
 
Top