We have been hacked by some people that have unregistered accounts, but have server Admin. They where able to delete all server admins and boot everybody from server.

Are the makers of TeamSpeak going to make this program more secure? Whats the deal? We have been useing this product for years now and I am really getting tired of people that hack the software and do stuff like this.

This is for the Team Speak Staff, FIX YOUR PRODUCT!!! :mad:

We have been hacked by some people that have unregistered accounts, but have server Admin. They where able to delete all server admins and boot everybody from server.

Are the makers of TeamSpeak going to make this program more secure? Whats the deal? We have been useing this product for years now and I am really getting tired of people that hack the software and do stuff like this.

This is for the Team Speak Staff, FIX YOUR PRODUCT!!! :mad:

The thing is, they just can't 'fix' the software if they dont know what people may be doing to hack it

If they are disassambling the code, there is not much TS can do

We have been hacked by some people that have unregistered accounts, but have server Admin. They where able to delete all server admins and boot everybody from server.

Are the makers of TeamSpeak going to make this program more secure? Whats the deal? We have been useing this product for years now and I am really getting tired of people that hack the software and do stuff like this.

This is for the Team Speak Staff, FIX YOUR PRODUCT!!! :mad:

Hey!

Your TS2 has been hacked because you. TS2 is not the most secured application ever. But if you left opened the doors......
Our TS2 is never hacked, because i tried to made it more secure.

Read before whining. Don't be pathetic.
Use this post (http://forum.goteamspeak.com/showthread.php?t=23726)

Also use the TS2PerlMod (http://www.goteamspeak.com/index.php?page=3rdparty&id=4&item=14) and it will revoke SA rights from unregistered users instantly.

Don't hurt the Devs! Learn to use TS2 and read more forum......:cool:

Otherwise....this is a free to use application. If you don't like this....don't use.

We are taking this whole hacking problem very serious, but as many others you are just claiming that your server has been hacked without providing any sort of proof that this is really a problem with our software and without giving any information which might help us to find possible security flaws. In approx. 99% of all TeamSpeak "hacking" cases, the reason is bad security on the server's or the user's side.

There are hundreds of possible ways to make a TeamSpeak server "insecure":

Some examples:


Use weak passwords. Open your English dictionary and pick a random word. You can also use your nickname, the number "123", "password", "test", your clan name or the name of your dog.
Setup the servers permissions system so that every unregistered user can grant himself ServerAdmin rights and edit the servers permissions system. This provides a maximum of flexibility.
Use an old TeamSpeak version. Try to find the oldest RC2 Version which is still available somewhere. This will allow every user to use various funny little bugs such as becoming invisible or popping up funny "RichEdit line insertion" errors.
Install the server into a world readable directory where you normally store your website. This will allow everybody to access your servers database and look up the users passwords just in case somebody forgot his login information.
Join random IRC channels and advertise your server by writing: "NEW TS SERVER everybody will get SA!!!!1111". Then give ServerAdmin to every user joining your server.
Write down your ServerAdmin or SuperAdmin password on a big sheet of paper and place it somewhere on your wall so you and your friends can find it easily.
If someone tells you to click somewhere and press a key, don't waste any time by thinking. Just do it and watch the funny results.
...

We are taking this whole hacking problem very serious, but as many others you are just claiming that your server has been hacked without providing any sort of proof that this is really a problem with our software and without giving any information which might help us to find possible security flaws. In approx. 99% of all TeamSpeak "hacking" cases, the reason is bad security on the server's or the user's side.

There are hundreds of possible ways to make a TeamSpeak server "insecure":

Some examples:


Use weak passwords. Open your English dictionary and pick a random word. You can also use your nickname, the number "123", "password", "test", your clan name or the name of your dog.
Setup the servers permissions system so that every unregistered user can grant himself ServerAdmin rights and edit the servers permissions system. This provides a maximum of flexibility.
Use an old TeamSpeak version. Try to find the oldest RC2 Version which is still available somewhere. This will allow every user to use various funny little bugs such as becoming invisible or popping up funny "RichEdit line insertion" errors.
Install the server into a world readable directory where you normally store your website. This will allow everybody to access your servers database and look up the users passwords just in case somebody forgot his login information.
Join random IRC channels and advertise your server by writing: "NEW TS SERVER everybody will get SA!!!!1111". Then give ServerAdmin to every user joining your server.
Write down your ServerAdmin or SuperAdmin password on a big sheet of paper and place it somewhere on your wall so you and your friends can find it easily.
...





Wow you've been nice Bastian.. nothing more to add, Bastian said it all.

I love it Bastian :) but I think you missed the most common.

Be sure and do what the guest asks you to do. Like clicking on them and pressing E

Everytime one of my customeres complain of the TS hacked it has allways come down to that stupid one despite my note in bold in the welcom email not to do it :rolleyes:

I love it Bastian :) but I think you missed the most common.

Be sure and do what the guest asks you to do. Like clicking on them and pressing E
Your order is being processed. Please wait...

Connecting to forum.goteamspeak.com......success.
Getting post #149416 from the database......done.
Updating post #149416.......................done.
Writing updated database records............done.
Closing connection..........................done.

Action successfully completed.

ok hello guys before anyone says im not wining i just a need a little help. but before i ask id just like to say to the teamspeak team you have done a great job at teamspeak and i have used it for 3 years now. keep up the good work.

now my problem is a person hacking:

i cant really prove it as they are not logging on to the teamspeak. what is happening is some person is revoking sa rights, deleting channels, flooding our server and so on. now i do have tsperlmod but this is not helping at tall. we have found out the hacker that is doing this and his ip we have banned it on ts and on our router we have even done this 81.111.*.* and 81.227.*.* some people may know these 2 ips the hackers are called dodger and rapbyy how are working with the goonz we have also found out the program that they are using which is called hacked version teamspeak. which seems to be a hacked verson of teamspeak that allows the hackers to by pass all registrations. infact it has so bad that they have can find out any information they want on the server including passwords and so on about our users including SA's now what i want is, is there ways around this program. otherwise sadly i will have to change to a diffrent client and sadly i dont want to as i really like the ts program and i find the people here are really nice to speak 2.

now what do know is the 2 ips above do hack other teamspeaks they really well know if you go on any flight sim teamspeak the people will tell you what they do. they have destroyed 2 of my servers and im now trying to set up and 3rd.


one other thing is the linux version of teamspeak server safer then windows version.

infact it has so bad that they have can find out any information they want on the server including passwords and so on about our users including SA's

My guess: They have got hold of your database, either (more likely) because you were so **%&&$! to install the teamspeak server into a publicly viewable folder (e.g. your webservers httpdocs dir), or (much less likely) because they gained shell access to the server through some other means.

As for this ts hacked client u are hearing wrong. I no for a fact they use a Hydra. If u think this client is for real that is up to u but its not a real client of how your describing it.

You "know for a fact" because you're looking at their computer system? You "know for a fact" because you've been on their server and talked them through looking over the options to see what's different?

Or are you just taking an uneducated guess and assuming it to be fact? Despite the fact that the TeamSpeak Team themselves have replied with the (far more likely) cause.

No offense SK8, but you keep making declarative statements, painting yourself as an expert when I think most of us who've been around a while find your logic flawed and often pointing in the wrong direction.

It's great that you want to help out - the forums can always use another set of eyes to help answer questions - but don't be so quick to assume everything is the result of a certain piece of software, or that you know for a "fact" what is going on unless you've been a part of it yourself.

I know I've certainly thought I "knew" what was wrong with someone's server a time or two and been enlightened otherwise in the past.

We have been hacked by some people that have unregistered accounts, but have server Admin. They where able to delete all server admins and boot everybody from server.

Are the makers of TeamSpeak going to make this program more secure? Whats the deal? We have been useing this product for years now and I am really getting tired of people that hack the software and do stuff like this.

This is for the Team Speak Staff, FIX YOUR PRODUCT!!! :mad:
Hey its not the Teamspeak crew's fault you got hacked its your fault for not having enough security. So think next time before you come complaining to The Teamspeak crew !

The ***** have a new hack out that TS staff acknowledge exists. I had a few servers taken over recently,

There was no weak passwords, server permissions were correct, latest ts version for windows, server was NOT in a readable directory, SA was NOT given out to random people.

y would i post it if i didnt no what it was and yes i now alot of ppl that no ts very well enuff to get w/e they wanted the g0ons dont no ts one person does everything and he taught them how to use the program and if u think that idk stuff and would post it and make it look like i do then u have to think different cause i never said i new there wasnt a program like that i said its the way he described it thats i thot was wrong

The deal is that my teamspeak server has been hacked two times.

Now the hackers aren't deleting all accounts and things, they're just joining invisible into the servers and talking with all the users who are in the server. I think they can't hear us, just talk. When I disconnect from the server and join again, then the hacker nickname appears, but when I try to get IP I ge an error "RicheEdit ...", and the list of things appears but everything is disabled!

And he can send messages too using the TCP query port I think... I don't know much of it.

In the screenshots, the hacker is " it's me (U) "

http://img181.imageshack.us/img181/1780/attemp3wi8.jpg
http://img116.imageshack.us/img116/2171/attemp2eb4.jpg

Annnnnnnd yess.... the server uses the latest teamspeak versions, the machine is secure and the other thingse you said... the problem IS in teamspeak!

The deal is that my teamspeak server has been hacked two times.

Now the hackers aren't deleting all accounts and things, they're just joining invisible into the servers and talking with all the users who are in the server. I think they can't hear us, just talk. When I disconnect from the server and join again, then the hacker nickname appears, but when I try to get IP I ge an error "RicheEdit ...", and the list of things appears but everything is disabled!

And he can send messages too using the TCP query port I think... I don't know much of it.

In the screenshots, the hacker is " it's me (U) "

http://img181.imageshack.us/img181/1780/attemp3wi8.jpg
http://img116.imageshack.us/img116/2171/attemp2eb4.jpg

Annnnnnnd yess.... the server uses the latest teamspeak versions, the machine is secure and the other thingse you said... the problem IS in teamspeak!

I think the team have acknowledge the fact of this...

I'm just chiming in to say that I am the host of hex's server. I had logging enabled after the last time this happened and am looking through them now. I will post back with anything I find

Here is the log from that server starting from the part where "it's me" joined
http://ryan.u13.net/server.log.txt

I can say for 100% sure that this server is configured in a secure fashion. I believe hex is the only person with a server admin account on that server and he had a secure enough password. Over the past week, both TS servers hosted on one of my physical colo machines has seen numerous scripted attacks. The past ones hijacked the admin account and created hundreds of channels (*****.net claimed responsibility)

http://www.dogmatix.net/hack.png

The new server release 2.0.23.13 deals with this issue. Update your servers while it's hot.

:D

The new server release 2.0.23.13 deals with this issue. Update your servers while it's hot.

:D

Good Good



Anyone want to take bets on how long before people are complaining about something else? :D

That's nice. Thanks!

There was a new server version (2.0.23.13 BETA) released this weekend that fixes the bug whereby people can cause the Rich Text context bug.

If people are loggin in invisible, you're not running the most recent verison of the server as that was patched a few months ago.

Regardless, here's the post about 2.0.23.13. It's strongly recommended you update.
http://forum.goteamspeak.com/showthread.php?t=35361

(EDIT) Oh sure, NOW I see that there's a second page of posts. Bah!

(EDIT) Oh sure, NOW I see that there's a second page of posts. Bah!


Lol @ Wolf :D


Dont worry, we've all done that before :)