Jump to content


Battlefield.no Veteran
  • Content Count

  • Joined

Everything posted by CoolSpin

  1. We all make mistakes. But can we make mistakes when it comes to information security? If and when we do, should we even admit to them? Making mistakes and learning from them is a part of life, even if it is in the area of information security. For this article, we were able to get 25 infosec gurus to admit to security blunders. Errors range from the purely technical to good ‘ole fashioned poor judgment. While the slip ups were all unwanted, they yielded great learning experiences. Read on and you too can learn from your colleagues’ failures. 1: I got no errors so I’m sure the backup is valid Fool me once shame on you. Fool me twice, shame on me. Fool me three times? Uggh! Thus was the story with Edward Haletky (@texiwill) of The Virtualization Practice who was burned by poor virtual machine (VM) data backups. From gigabytes of corrupt data, to backup software failure, to a crashed VM, Haletky fell victim to three poor backups. Haletky never checked the validity of the backups. He just relied on the lack of errors being reported as validation. But just because the application says everything’s fine, doesn’t mean it is, realized Haletky. “Always verify before you do anything major. Don’t assume everything is working. Just because it looks right and smells right, don’t assume,” said Haletky. After his triple burn Haletky now uses software with better reporting mechanisms, does restoration testing, and has forensics tools always at the ready. 2: Do you really need everyone to wish you “Happy Birthday?” It’s really nice to receive birthday greetings on Facebook, but for your personal security it’s just not worth it. Bill Brenner (@BillBrenner70), blogger at The Salted Hash on CSO Online, failed to heed the very social networking security advice he’s written about multiple times which is to keep sensitive personal data off your Facebook profile, specifically birth dates. While he didn’t have the year on his Facebook profile, Brenner did have the day and month. With that information readily visible online Brenner quickly learned from local police that someone had been going around to drug stores in the area trying to get prescription drugs in his name. The drug hacker had his name, day, and month correct, but got all the other information wrong. 3. Maybe I should have tested that password file I just edited In college, Benjamin Tomhave (@Falconsview), blogger at The Falcon’s View, was a sysadmin who was a little too trusting of the university’s very wonky UNIX operating environment. Tomhave tried to “fix a glitch” in the /etc/passwd file that was creating a series of errant commas for non-entered data. He opened the file in Notepad under Windows for Workgroups and did a quick “replace all” and saved the file, the system file. Whoops. Tomhave didn’t test the file or create a backup plan. He unfortunately discovered that Microsoft added a “^M” character on every line of the /etc/passwd file, thus making the system unavailable for anyone to login. Luckily, Tomhave got a little help from tech support and was able to log back into the OS and re-edit the file. 4: Yes, a UFO is an unidentified flying object, but it’s probably an alien “I’ve made mistakes in being too trigger-happy to declare something a breach before all the facts were in,” said Wendy Nather (@451Wendy) who learned that there’s a big difference between “a Breach,” “an Incident,” “Something Weird Is Going On,” and “We Don’t Know What It Is But It Doesn’t Look Good.” “Before I got executives all excited, I should have taken more time to investigate and have real proof to show, rather than just some strange entries in logfiles plus a lot of speculation,” Nather said. In many cases these “incidents” were just an application acting weird and/or someone making unscheduled changes, said Nather. “You have to be careful throwing around the ‘B-word,’ otherwise you can undermine your credibility,” warned Nather. 5: I don’t care. I work in information security, not physical security Pete Lindstrom (@SpireSec) of Spire Security admits he’s been fairly lax in physical security of computer equipment, especially with large-sized equipment inside work buildings. That was until he came into work one day to discover several computers missing. The “story” was a guard was jumped and tied up. In actuality, the “guard” was in on the job. That incident and another tale of the escaped mental patient who impersonated a temp employee and lived in a conference room for a week reminded Lindstrom of the importance of physical security, the need for backups, and not to ever discount the inside job. 6: Is there an award for having the most passwords? Allison Miller (@SelenaKyle) has been a longtime fan of online activities, and she’s shown her appreciation by signing up for lots of email accounts, online merchants, blogs, e-payment systems, and financial services. As she added more and more accounts, she had to get more and more creative with her password creation scheme. It was getting out of control. “The buffer in my brain for passwords was starting to overflow,” said Miller who admitted to committing the cardinal sin of writing down passwords, or at least cryptic notes to remind her of those passwords. Miller ultimately had to repent for her infosec sins. Her accounts were eventually compromised and Miller had to change passwords en masse. She finally broke down and started using the password management tool 1Password and recommends Lifehackers’ top 5 password managers. Read Miller’s entire tale. 7: Let’s get the bad guys…all the bad guys “Early in my career, and even time from time when I’m not thinking, I reacted too quickly,” admitted Adam Ely (@AdamEly), CISO of Heroku at Salesforce, who often leapt at a single threat, vulnerability, or an off-hand comment from a coworker. Over time Ely realized, “A single vulnerability is a small risk in the grand scheme of things and must be weighed against all of other threats and tasks to be completed. Defining and following a strategy is key to ensuring I’m not distracted by the smaller, daily challenges I face.” 8: I think it’s safe to assume that everyone has the same agenda as me Josh Corman (@JoshCorman), Director of Security Intelligence at Akamai started his security career as a researcher of malware. At the time he sought out malware vendors to make them aware of egregious security vulnerabilities he saw. It was all for naught. “They didn’t care,” said Corman, “They sold the buyers what they thought they needed.” Corman was determined to get his message out there, so he did an end around and went straight to the buyers to tell them the story of malware failures. His strategy succeeded, but it ended up putting him in an adversarial relationship with vendors. “I tried to appeal to the intellect and honor of vendors to do the right thing failing to realize economic forces,” said Corman. Corman now realizes if he wants to be successful with a “change the industry” rampage he needs to look at the self interests of all parties involved. 9: I’ll use this password for this account, and this account, and this account… It’s a rookie move to reuse the same password across multiple accounts. Andrew Hay (@andrewsmhay), an analyst for 451 Research, made that newbie mistake and it cost Hay one of his accounts to be compromised. The attacker got into his Gmail account and began sending malicious links to Hay’s five most frequently contacted addresses. Hay immediately changed his password and sent apologetic emails to those affected. “Just being a security professional doesn’t mean that you’re above common mistakes that any user might make,” said Hay. “The best thing to do is to ensure you’re aware of the mistakes, as you make them, and react accordingly.” 10: We only offer secure access to our system, unless you want to use our test machine Back when Chris Wysopal (@WeldPond), blogger at the Veracode Blog, worked at the hacker think tank, L0pht Heavy Industries, the members shared computing resources via Secure Shell (SSH) encrypted connections, not text-based Telnet authentications. That held true unless you chose to access the network via a neglected test machine that did have Telnet enabled. When an SSH client wasn’t available, one authorized user took advantage of the test machine to Telnet into the system. During that process the authorized user crossed an insecure network and his password was sniffed. The attacker made a big deal of “hacking the L0pht” and it made Wysopal and the other members look pretty foolish. “The lesson here is not to give your users a less secure way to get something done or they will pick it and be compromised,” said Wysopal. 11: This system was secure when I bought it Uncommon Sense Security blogger Jack Daniel (@Jack_Daniel) used to manage an outdated networking environment. Part of the network’s problem was underfunding and the other part was Daniel’s admittedly dated tech skills. His complacency drove him into what he lovingly calls “The Pit of Despair” where he begged for money and scrambled to secure obsolete systems. Daniel jokes that he “solved” his problem by moving into marketing where it doesn’t matter. In actuality, he keeps up on his tech skills by running a small lab in his home. 12: I’ll just be really smart and they’ll listen to me, right? Early in his infosec career, Mike Murray (@mmurray) put a lot of emphasis on trying to be the smartest guy in the room. Being in his early 20s he naively thought that he’d be successful just on the basis of his ideas. His colleagues would see how great his ideas were, they’d agree, and everyone would just do it. That philosophy never bore itself out. He was never able to get his security message across. It wasn’t that the others listening were stupid, said Murray. It’s just that certain people with authority were more passionate and knew how to sell their idea. Even though he knew their ideas were so wrong, they were so convincing and hard to disagree with. After spinning his wheels for years, Murray knew it would be career limiting if he stuck to his “be the smart guy” model, so he started researching and practicing how to present effectively. 13: We’ll make it a security policy and everyone will follow it Daniel Frye, Associate Vice President of Corporate Security at CedarCrestone (@CedarCrestone) implemented his first information security policy ten years ago. Part of the process was removing 600 default and insecure vendor IDs for which the username and password were the same. Frye assumed all the teams and their clients were managing systems according to “policy.” That turned out not to be the case as Frye saw thousands of default IDs still on the system. The high number was due to account replication happening every time an application development stage launched. Frye learned two very good morals: “You have to have recurring and ongoing monitoring of all of your security policies and processes. Without monitoring, you have absolutely no indication of how well you’re securing your environment. “You have to not only educate your staff, but your clients as well. There is no limit to security education despite organizational boundaries.” 14: Hurry up, we need to fix this problem right now! A number of years ago Security Watch blogger Brian Honan (@BrianHonan) was working with a client trying to isolate an IP address that was sending errant traffic. To stop the influx, they asked the outsourced IT service provider to block the IP address at the firewall. Honan mistakenly assumed the engineer knew what he was doing. He didn’t. Minutes later the branch office called to complain they couldn’t connect to the network. The engineer had unknowingly caused a Denial of Service (DOS) against the client. “While working on a live incident can be challenging and frantic you should spend the time to slow down, think, and double check everything,” said Honan. “The last thing you need when dealing with an incident is to cause more issues through basic mistakes.” 15: Yeah sure, the USB key is secure A very desperate coworker barges into military professional Rob Ton’s office and begs him to print out a document from his thumb drive. While working as an infosec rep, Ton and his company had strict rules against accepting unknown USB keys. The coworker pleaded saying he needed the document for a meeting and swore that he scanned the key for viruses with the latest definitions. After much persuasion Ton relented and stuck the key into his machine only to discover there was a virus on the USB key. This blunder required him to quarantine his computer, file a report, and look like a fool to his manager. The truth was the coworker did know there was a virus on the USB key but was so desperate that he lied to Ton. Looking back, Ton learned many lessons including: People will lie to get what they want. Having to report yourself makes you feel like an idiot. When you have a sensible personal rule – stick to it. 16: I’ll just put this firewall up and that will solve all our problems Prior to the explosion of the web, Marcus Ranum (@mjranum), now CSO of Tenable Network Security, thought information security problems were just technical problems. While it was easy to secure services such as FTP, Telnet, USENET, and email/SMTP, it wasn’t so easy to secure the web, as non-security people always required exceptions, ports that needed to be open on the firewall. At that time, Ranum had a limited view of security, thinking it was purely a technical problem to be solved. Ranum’s big eye opening moment came in the mid-90s when a board room of big shot executives were negotiating access rights with the security guys.It didn’t matter what compromise they made, realized Ranum, the hackers, who weren’t even there, were going to find another means regardless of what was “agreed upon.” “The firewall isn’t security,” thought Ranum. “The firewall is this universally bypassed thing that just slows things down a bit.” When things go wrong, we want to attribute the decisions to the other party being stupid. But it’s not that they’re being stupid, they just have a different agenda than us. They’ll still blame us if it all goes wrong, said Ranum. 17: This is going to be the best marketing gimmick ever! When starting his cloud-based website scanning business, Golem Technologies, Charlie Belmer provided an option to allow users to try a free limited test scan to get a feel for the service. This offer was a little too enticing as people came in droves to test scan Belmer’s own site. It only took 50 concurrent scans against his own site before it was brought to its knees. He had effectively DOS’ed himself. That overzealous publicity stunt required him to enforce a one-at-a-time scan per site limit. “It taught me to add additional controls because even non-malicious users can misuse something to cause a security problem,” Belmer said. 18: I’ll just dictate security and it’ll work Just starting out in her security career, Amy Rinkle (@ARinkle) thought the way to create solid security is to only engage with her supervisor and head of the organization about needs and processes. “Resources were limited; and so was my time, and it was far easier to design processes and safeguards than it was to explain and tailor them to the culture of the organization,” admitted Rinkle. Even though Rinkle had the support of her supervisor who said she would make sure people would jump on the security bandwagon, she realized that she should have collaborated with the whole staff. “I should have spent more time lobbying my cause with coworkers and other staff – because had they understood from the beginning exactly what was required of them and why it was so important for them, I wouldn’t have been putting out fires after the new system had been put into place,” Rinkle said. 19: People are usually very thorough when filling out survey forms Have you ever trusted your network security on what someone filled out in a network topography and connectivity survey form? Andrew Storms (@St0rmz), Director of Security Operations for nCircle, did after their company acquired another company. Filling out a survey form was normal business procedure after a company acquisition. Looking at the form, the network connections all seemed good. Things changed when they actually saw the network. An on-site visit revealed an undisclosed T1 connection that exposed all their partner’s source code. “I’m sure that T1 made a lot of business sense but it made no security sense whatsoever,” said Storms. “The lesson I learned from this was how important it is to build security into business processes.” 20: All vulnerabilities take priority over the business “I’ve been guilty in the past of focusing on technical minutia that the business absolutely couldn’t care less about,” admitted Gene Kim (@realgenekim), founder of Tripwire. “I once believed that all vulnerabilities should be fixed, even if it’s at the expense of important business project work. Or that patches should be applied without thorough testing. Or that emergency capital be used to remediate every compliance failure.” Kim quickly was seen as one of “the shrill, hysterical people who seem to get in the way of getting ‘real work’ done.” He quickly realized he was in the wrong when they told him, “We’re not in the business of security, but in the business of staying in business.” Many of these “security vs. business” issues and more are characterized in Kim’s upcoming book “When IT Fails: The Novel.” 21: Eventually, when I have time, I’ll encrypt that hard drive Back in 2005, Larry Ponemon (@ponemon), Chairman and Founder of the Ponemon Institute, purchased a brand new Dell computer. He loaded it with tons of confidential information, backed it up, but didn’t encrypt the data. He was traveling so much he simply didn’t have the time to do the encryption. After a long day of traveling, Ponemon was trying to catch a plane with his new Dell in tow. Completely exhausted, and his mind in a million other places, he dumped his computer into the plastic tray and ambled through security. As he walked away, people started shouting “Thief!” Ponemon stopped and turned around. Who were they talking to? Ponemon accidentally picked up someone else’s computer. He apologized profusely, but in the interim the TSA had taken his computer away. It was gone. A million new thoughts raced through his head. How is he going to explain this? He was the classic traveling dunce. His mind was in another place. All he was worried about was catching a plane and getting home. It is exactly what he has written about time and again, and now he was the subject of his own research. Eventually Ponemon got his computer back, but he did miss his flight, and immediately encrypted his data. “It made me appreciate that it can be anyone. It doesn’t have to be a dunce. It could just be anyone just rushing and being absent minded,” said Ponemon, “It was a lesson in humility.” 22: No one is going to screw with my unattended computer in the office Many years ago Andrew Jacquith (@arj), CTO of Perimeter E-Security, was working at @stake, a security consultancy he helped found. One of his clients, a CISO at a defense industrial base, would walk around to unattended computers and check to see if the screensaver with password was engaged. If it wasn’t, he would gleefully open up the victim’s email and send out messages to selected colleagues, or worse, his or her boss. Jacquith fell victim to the CISO’s wrath. “I don’t remember what he typed, but I remember it was highly creative, totally nonsensical, and deeply vulgar,” said Jacquith who now uses a password-locked screensaver. 23: Let’s just build one version of our company’s infrastructure Back in the day, Greg MacPherson, CISSP, managed a team to build the backend infrastructure of a startup. One of his team members ran a UNIX cron job that unfortunately exposed a massive hole in the SUN Solaris file system resulting in corrupted drive partitions. His team spent 19 hours rebuilding the production infrastructure from bare disk drives. The only thing that saved his business was that customer data was on hardware RAID shelves that didn’t get corrupted. After MacPherson restored everything his boss rewarded him with a pink slip. MacPherson learned a valuable lesson: “Anticipate failure…Have master disks with applications installed and licensed and invest in an expensive RAID or some other bulletproof storage to maintain the integrity of your data.” 24: Wow, a cool new untested security product! Dwayne Melancon (@ThatDwayne), CTO of Tripwire, is like most geeks. He likes products that are new and shiny. Unfortunately, his love of new tech surpassed his better judgment. Once while running IT for a tech company, he let an outsourcing provider sell him on the brand new cool “active Intrusion Prevention System” (IPS) to protect their company website from being defaced. Two weeks later the IPS blocked an attempted patch to the production web server. It then prevented anybody, at his company or the provider, from fixing the problem. The web server was completely non-functional and the only guy who had the password to turn off the IPS was on vacation. Melancon learned a few valuable lessons: Cool new technology isn’t always the best answer. Don’t rely on “the guy” to get you out of trouble. You need to develop your bench and cross-train. Test, test, test before you go live in production. 25: Ha! Sure glad that wasn’t me. A decade ago Martin McKeay (@McKeay), host of The Network Security Podcast, was a system administrator at a small company. One afternoon he was looking out the window and saw a large crow land on a power transformer and then go poof in a puff of smoke as its feet made a circuit between the contacts on the transformer. McKeay laughed for a few seconds until he watched the power of the building go out and heard the sound of the UPS straining to keep his servers up and running. McKeay learned a valuable lesson: “Don’t laugh at the misfortune of others, they may soon be your own.” Conclusion: You can make mistakes in infosec and still be very successful What all these stories show is that even the smartest people in security make stupid mistakes. And each flub turned out to be a valuable learning experience. We hope we’ve passed those teachings on to you. If you found this valuable, please return the favor and share your security blunder story and what you learned from it as well. Kilde: 25 Infosec Gurus Admit to their Mistakes…and What They Learned from Them [Tripwire.com HTTPS.]
  2. Bug i IE9 x64 der du velger "skin" eller hva du vil kalle det. Konsistent 6 sec delay på HTTP GET / på battlefield.no, IE9 x64, opera, brukte F12 i IE for å måle der, og DragonFly i Opera. Dette gjaldt også forumet, men der testet jeg bare i Opera. Felles for disse 2 komponentene er at de bruker database, selve rendringen av HTML og nettverksoverføring tviler jeg er skyld i dette. Forresten, det er en knapp kalt My Media, men finner ikke noe referanse til den i Help...
  3. Hva med forsikringsselskaper som vil ha innsyn? Privatsaker som ønsker å sjekke om DNA funnet i bil/whatever er rett person?
  4. Hei trckdck! Argumenter mot meg takk, gjenta dine argumenter du mener holder stand FOR Datalagringsdirektivet. Om du bare troller kan du helst ta deg selv bak og banne deg rett i ræven til Iran's president, K/G /h ad/h/ affi (khadaffi/ghadaffi/kadhaffi/gadhaffi/kakkelakki/roffeltakki) Evner du ikke se fremtiden utenfor nesetippen din kan du like gjerne si det, da vet alle at du ikke evner å se ting i perspektiv og alle med fornuft kan ignorere dine utsagn. Skrevet som CoolSpin, uavhengig av HF/BF/NES/What-You-Might-Think.
  5. 1. Som paralell er straffene for brudd av loven det som skal være en forhindrende effekt, ikke "nja, vi tar å overvåker alle, just in case noen [insert terror|drug|pedo word here].." 2. Disse noen blir allerede tatt i dag. At politiet skal ha 6 mnd sovepute, for at de mangler ressurser, hjelper det ikke med DLD. Hva med statistikken som viser nedgang i oppklaring etter innføring av DLD? Betyr det at politiet ikke bruker DLD, eller blir folk smartere å vet hvordan sikre seg enda bedre. Det er jo et par eksempler på at etter CSI ble så populært, har voldsoffre begynt å klore sine overfallsmenn(?) for å få DNA bevis. "assisted GPS" kalles det, hvor avstand fra kjente telemaster kalkuleres og man da kommer til et antatt område man kan være. Behjulpet av wifi-soner som man har enda mer presis plassering på.
  6. Tsjekkia. Nei, men telefonen din blir en GPS-brikke, med ekstrafunksjonalitet dersom du har smart phone typ android, iphone, winphone. Edit: Det er de allerede, men nå blir det pålagt lagret i 6 mnd, og fremtiden vil systematisere data slik at det kan fremstilles som her.
  7. Største trusselen mot noe er vaskehjelp. Takk for linken, samler opp linker til ting og tang relevant.
  8. [quote name= Sjekk under "Annet" der vil staten ha trafikkopplysninger fra bil-GPS. DLD = Fotlenke på Norges befolkning.
  9. DLD - et våpen mot varslere (1) - DLD er helt meningsløst (2) Slik er seks måneders DLD-data i praksis (3) The Eternal Value of Privacy (4) Veien videre med datalagringsdirektivet (5) Hvordan omgå datalagringsdirektivet (DLD)? (6) Spesifisert faktura, den skjulte datalagringen (7) Enkelt å omgå EUs datadirektiv (8) Tanker om datalagringsdirektivet og barneporno (9) Overvåkningssamfunnet truer (10) DLD et våpen mot varslere DLD er helt meningsløst Malte Spitz data retention | Slik er seks måneders DLD data i praksis The eternal value of privacy Veien videre med datalagringsdirektivet Hvordan omgå datalagringsdirektivet (DLD)? Spesifisert faktura, den skjulte datalagringen Enkelt å omgå EUs datadirektiv Tanker om datalagringsdirektivet og barneporno Overvåkningssamfunnet truer Annet Delte ut alle nordmens fødselsnumre Politidirektoratet godkjente ulovlig DNA-register Vaskehjelpene hadde tilgang til ulovlig DNA-register Staten vil ha private trafikkdata - Kun en mild irritasjon Lekende lett å omgå datalagring Slik omgår du Datalagringsdirektivet Tappet passord fra MySQL.com
  10. Synd jeg har et personlig hår å trekke når det gjelder EA
  11. Stryk dette siden fasiten har tredd frem :/ Trodde vi skulle holde det der hemmelig jeg?
  12. Du leste om den bjørnen i S&F? Den som vekket meg <3 Jackal <3
  13. Husk oppdatere Windows og drivere til skjermkort/lydkort. Om det ikke fungerer, prøv å slå av eventuell brannmur/antivirus mens du spiller.
  14. Hei ondskap Saken din er under behandling. Jeg vil gjerne kommentere litt det at du har kjøpt/fått en Steam-konto fra en kamerat. Å låne/få kontoer fra en bekjent kan være en bjørnetjeneste. Mange spillsamfunn har et arkiv over overtredelser registrert på kontoens SteamID, og om din bekjente har brutt reglene så vil du få en annen behandling enn om du hadde en ny konto uten anmerkninger. Om du får en konto som er bannet for cheat i et annet spill, er det noe som du aldri kan motbevise - å be den bekjente stå frem for å bekrefte har heller ingen verdi. De fleste banner kontoer og ikke personer, og i Hellfragger så sier vi "din konto, ditt ansvar", om du har fått den eller kjøpt den selv er ikke relevant. Kommer tilbake med mer om anmerkningene.
  15. Om du ikke har særlig erfaring med scripting, så anbefaler jeg egentlig å starte med mIRC sitt scriptspråk. mIRC har funksjonalitet som kan utføre de meste enkle sakene, og kan, med rett erfaring og kunnskaper brukes til alt man kan ønske seg. Greit at det også kjører på Windows, siden du ikke allerede vet "whats what" så antar jeg du ikke bruker Linux. Linux uten erfaring og rett på eggdrop kan være en bratt bakke å klatre. PPF er vel mer et "ferdig produkt" som du da konfigurerer i mer grad enn å scripte selv. PPF er utviklet i Java så den kjører på alle plattformer som kan kjøre Java Runtime. Deaded som er kontaktperson for produktet er en knakandes fyr som hjelper med det meste, men sørg for å sjekk manualen som ligger på siden der et sted.
  16. Før var jeg ganske irritert over holdningene som inviten reflekterte utad og den negative påvirkningen den hadde på det generelle miljøet. Jeg bestemte meg for at jeg skulle frata de "makten" og "innflytelsen" de hadde i mine øyne - hele konseptet "inviten" ble irrelevant. Hele problemet grunner egentlig i at for mange gir inviten forventninger som aldri kan bli oppfylt. Det kan imidlertid Hellfragger, og det er noe som ikke trengs dokumentasjon på. Hellfragger har gitt mulighetene, så er det opp til miljøet selv å finne ut om det er modenhet og interesse for å kunne opprettholde noe som helst. At det er den ville vest uten forventninger til spillere, hjelper ikke. Dette bør være common knowledge, men alle vet at Hellfragger står for modenhet og voksene holdninger, som gir konflikt mot et miljø uten faste holdninger. At enkeltpersoner som er på inviten deltar aktivt i ligaen/Hellfragger og får sine forslag igjennom, betyr ikke automatisk at det er inviten som styrer showet. Disclaimer Disclaimer: Dette er mine egne personlige meninger og ikke nødvendigvis meningene til Hellfragger & Co.
  17. Virus har tidligere kalt seg f.eks "free windows 12 download.lnk.exe", og satt programikonet til å være f.eks ikonet til en internett-snarvei. Det har vel kun gått i .exe, .com og .vbs. Litt av grunnen til at man gikk bort fra MS Sans Serif som Windows font, var at stor i og liten L kunne komponere filnavnet KERNEI32, som er ser prikk lik ut KERNEL32. kerneI32, kernel32. For å bevise det, start charmap.exe og velg MS Sans Serif, i tekstboksen skriv: KERNEL32 i små bokstaver, bytt ut L med stor i. Savner fremdeles at Windows som default viser etternavnet, og at man ikke kun baserer seg på filikonet.
  18. Hva slags omstendigheter ser dere for dere en "fattig" eller "en som klager med sneip i kjeften" er i egentlig? Høres jo ut som det er en stor generalisering fra flere her, hvilke konkrete kunskaper og erfaringer har dere på det området?
  19. Si ifra om "problemer" her. Points skal være resatt, KPD og lignende skal også være resatt i de alle fleste tilfeller. Om du ser noen helt syke verdier, ta screenshot og legg ved din SteamId, og hvilken server du er på, så skal jeg prøve finne ut hva det er. Admins post i relevant tråd på forumet.
  20. Hei Ensa Du fikk 24 timer ban for spawnjump, den gikk ut kl 14:59 i dag. Siden bannen er gått ut, og du har lært noe nytt, så er det vel ingen grunn å si mer her forutenom velkommen tilbake Mvh Hellfragger.no
  21. Hi neok That's right, there was a complaint against you for teamdamage/teamkilling. Add that to 2 other remarks last month alone, for teamkilling, and hostagekilling, you get a nice little break from our servers to think about how good our servers really are and why we consider it a privilege to play on them. I will tell you abit about that complaint. You don't shoot a teammate 7 times, and do not notice it. Even if you're flashed, you just don't do that kind of thing. That is why it is believed it was intentional, and therefore you have a 5 day break. The previous 2 remarks, gave you 10minutes ban. This is third strike, the ban will stand and expire normally after 5 days (Expires on Sept-14-2009 21:08). You should have learned by the 2 previous remarks that we do not accept such behaviour. I hope you learn this lesson now. If you continue breaking the rules, the ban will last even longer, and possibly permanently. Be aware that anyone can complaint against a player they feel misbehave, so if someone gives you excessive grief, you have the right to start a complaint. Screenshots and demo is the only valid evidence, in special circumstances only, logs will be requested to obtain independent validation of accusations. See you in 5 days. Best regards Hellfragger.no
  • Create New...