1
In case you guys don't know, the dev bukkit staff found two plugins with malicious code.
NanoGuard Anticheat and Infinite Dispenser
http://forums.bukkit.org/threads/psa-ma ... er.174108/
You should remove the plugins if you have them.
From the looks of it, it looks like it auto DDoS'd your server from the inside.
NanoGuard Anticheat and Infinite Dispenser
http://forums.bukkit.org/threads/psa-ma ... er.174108/
You should remove the plugins if you have them.
From the looks of it, it looks like it auto DDoS'd your server from the inside.
Create an account or sign in to comment.
6
1
It's not the server DDoSing itself (that would be a DoS anyway, even if it could clog its own network connection). The malicious code in InfiniteDispensers enabled the plugin to essentially use each server it was installed on to launch a DoS attack on something, thereby making an attack by them a DDoS.
1
Yeah that XD
1
Thanks! I was actually going to get NanoGuard Anticheat -_-
Here is the actual post
it has come to our attention that the plugins "NanoGuard Anticheat" and "InfiniteDispenser" have been distributing potentially malicious code hidden within their update process. We urge all server admins running these plugins or who have run these plugins to read this PSA carefully and follow the advice given immediately.
We strongly advise all server admins to cease using these plugins immediately:
NanoGuard Anticheat (Default file name: NanoGuardJAR.jar or similar)
InfiniteDispenser (Default file name: InfiniteDispenser-3.2.jar or similar)
As a general precaution, we strongly recommend that all server admins perform a full examination of their server, keeping an eye out for unknown plugins or suspicious behaviour - as is proper on a periodic basis. We also would like to remind server admins to avoid running anything with root or admin privileges without taking the proper precautions to safeguard against the security risks it poses.
Here is the actual post
it has come to our attention that the plugins "NanoGuard Anticheat" and "InfiniteDispenser" have been distributing potentially malicious code hidden within their update process. We urge all server admins running these plugins or who have run these plugins to read this PSA carefully and follow the advice given immediately.
We strongly advise all server admins to cease using these plugins immediately:
NanoGuard Anticheat (Default file name: NanoGuardJAR.jar or similar)
InfiniteDispenser (Default file name: InfiniteDispenser-3.2.jar or similar)
As a general precaution, we strongly recommend that all server admins perform a full examination of their server, keeping an eye out for unknown plugins or suspicious behaviour - as is proper on a periodic basis. We also would like to remind server admins to avoid running anything with root or admin privileges without taking the proper precautions to safeguard against the security risks it poses.
1
Other than the DDoS part, you're correct.
1
If you continue to read on in the thread, some users talk about DDoS
1
Thanks for warning us server owners