Re: Somehacked their imp...

From: Patrick Dughi (dughi@imaxx.net)
Date: 08/18/00


        I guess this is probably a stupid thing to say, but you'd be
surprised how often this sort of thing comes up in any computer security
issue...

        Really, the muds don't allow very many opportunities to be cracked.
Sure, they have buffer overflow issues, but you'd have to have the running
code to examine and test to figure out how to get that to work - after
all, we're talking about a modified circlemud, even if it's only
fixed-size text allocation.

        It's usually a _user_ issue when someone 'cracks' a system,
because they left their password out, or saved in a client, or (even
dumber) told it to someone else.

        On the mud I ran, we had strict rules about one player per
character. After catching a character being played by multiple people,
they were deleted outright.  Usually there was one main player that
suffered from this, but you can bet they stopped giving out their account
info to their best friends/clan members/etc, if they chose to play again.

        Keep different passwords for different accounts, and memorize them
(as opposed to saving them in a client/etc).  Make sure you pick non-word
passwords, use upper and lower case characters, and special characters
(like !,;*&^%$#@..etc).

                                        PjD





     +------------------------------------------------------------+
     | Ensure that you have read the CircleMUD Mailing List FAQ:  |
     |  http://qsilver.queensu.ca/~fletchra/Circle/list-faq.html  |
     +------------------------------------------------------------+



This archive was generated by hypermail 2b30 : 04/11/01 PDT