Gamers Hijacked Your Server? Might Be An Inside Job

[HardOCP News]

Remember that story we told you about last Friday where servers in a medical facility were being used to host CoD: Black Ops games? NetworkWorld asks a good question..."what if it was an inside job?"

Is this kind of thing - gamers hijacking a server for a game session - common or not?

I think such situations are probably fairly common, though perhaps not on such prominent servers. Games running on corporate servers are not always due to breaches, though, as system administrators can be fairly autonomous, and there are a number of games running on corporate networks operated by IT departments without the approval of higher-ups.

 

[MartinX]

Back in the day we used to run a MOH server on our network which the IT guys used after hours, I can't remember if we had "approval", our IT Manager was a non-IT guy, I'm pretty sure he knew we played games, but probably didn't know what it actually entailed in terms of the network.

That said, we absolutely considered it a luxury, not something we were entitled to and it was running on a deprecated machine that affected nothing else if it fell over.

 

[Ultima99]

Back when cable modems were first taking offf a friend and I worked as tech support at a local ISP and sometimes when we both worked late shifts we'd bring our own systems in as we were closing the place down and game all night. We never ran servers on their systems but we sure did enjoy some of the fastest online gaming we'd could hope for in those days.

 

[skipsargent]

Maybe I missed something, and please correct me if I am wrong. But to host a Black Ops server, you need to rent them at gameservers.com. How does somebody host a Black Ops server on a "hijacked" server, when the game server software isn't publicly available?. Or was this guy actually using a server to play Black Ops, versus actually hosting a game?

 

[zoobaby]

Back in the day we used to run a MOH server on our network which the IT guys used after hours, I can't remember if we had "approval", our IT Manager was a non-IT guy, I'm pretty sure he knew we played games, but probably didn't know what it actually entailed in terms of the network.

That said, we absolutely considered it a luxury, not something we were entitled to and it was running on a deprecated machine that affected nothing else if it fell over.

While I never ran a server a corporate network, I do know plenty of people that did. In almost all cases, it was treated like you said, a luxury and used machines that were not critical, actually most were Frankenstein machines.

I know in some cases, that it was an open secret with management that resources were being used. I do recall one server I played on a lot, where the head cheese of the company hosting the server, would occasionally logged in for a bit. Sometimes to just ask a few business related questions to his IT people and sometimes to actually play.

 

[sethmo]

We used to do this in high school, but I have never done it with my employer's equipment.

I had one cool tech teacher that would let us play Counterstrike and Unreal Tournament a few times a week. Always local games though, more fun to kill your buddy sitting next to you then random strangers.

 

[Zarathustra[H]]

Is this activity ever allowed with a wink-and-nod as a perk of working in IT? Or do admins think of it that way?

When I ran my servers (Yoda's Barn) back in college we had the tacit permission of the head of NIS to run our servers from the OIT building right next to the main routers for the entire campus.

At the height of the servers, I had 3 in total running 24/7. Two Counter-Strike servers and one Natural Selection server. They were full almost all the time.

That being said, we were not running them off of official Umass servers, but rather, I built three linux boxes over the years with spare, discarded and donated components I dug up, and then got permission to stash them in the OIT building.

Running three popular public servers was a great time. I miss it a lot.

 

[dandirk]

Hijack and server? Are you nutz! We rollup a brand new virtual server for "network" testing sessions.

god I love shanking my boss in the back of the head in counterstrike.

 

[bacon]

Did the server crash every couple of hours like everyone else's?

 

[BravO)))]

Maybe I missed something, and please correct me if I am wrong. But to host a Black Ops server, you need to rent them at gameservers.com. How does somebody host a Black Ops server on a "hijacked" server, when the game server software isn't publicly available?. Or was this guy actually using a server to play Black Ops, versus actually hosting a game?

This. It sounds like they just plugged an xbox into the network and the company is screaming OMG hax.

 

[LightningCrash]

Maybe I missed something, and please correct me if I am wrong. But to host a Black Ops server, you need to rent them at gameservers.com. How does somebody host a Black Ops server on a "hijacked" server, when the game server software isn't publicly available?. Or was this guy actually using a server to play Black Ops, versus actually hosting a game?

Possibly. It would appear that you didn't read the article.

 

[skipsargent]

Possibly. It would appear that you didn't read the article.

Actually I read the first level which was full of garbage, then I went back and dug down to the original post. It smacks of B.S., according to them, this person apparently hacked a legitimate game server, "stole" all of the server code, presumably install files. Then setup a game server on a production server, opened up the firewall and let people play?

I happen to have Black Ops installed on my PC. I cannot find anywhere in the server browser that would let you input an IP for a server. Which is what you would need to do to play on a server somebody threw up. Unless the server software "magically" advertises itself to the server browser service and this service accepts all connections and advertises for you without validation or verification. Figure the odds of that...

A far more likely scenario is that this guy has a nice beefy DB server at work with a nice fast disk and a butt load of ram. He slots a better video card, which he probably ordered on the company dime anyways. Loads up Black ops and plays. Somebody notices the odd traffic on ports that shouldn't be open, they catch the guy. Then some idiot makes the leap in logic by not properly understanding what was going on.

 

[delahaya]

Never been at a company yet where someone wasn't running something, either part-time or fulltime.