The only problem with the ddos/botnet argument is that Elite users IP's are not on that spreadsheet
I'd imagine because each time this happens he bans all the IPs that he thinks was a part of it
Well that may be true, but if the claim is EliteXI is being used to DDOS their site and EliteXI users IP's are not found on that spreadsheet then there's not a lot of information backing the claim.
Idk if they are still up but he has posted lists from previous times. Partly because he knows he might have banned people by mistake and such so you can check and ask him to unban
From everyone I'm talking to I would suggest not using and getting rid of anything that comes from FFEVO or uses FFACE. A lot of people are reporting corrupted files, suspicious files or viruses. No Elite user I've talked to has found their IP on any list and the people reporting suspicious files etc are not all Elite users.
Riiiight, I bet he's using the programs he distributes to dDOS himself just to gain sympathy from the community and make Wiz look bad.
Seriously though, it's pretty obvious who is behind the attacks. If you don't mind that the guy you bought a program from is a douchebag, then by all means keep using it.
Yeah I haven't seen any of what you reported using stuff from ffevo... granted the programs I used are a few months old but still
idc either way and I'll gladly admit I was wrong if my IP or anyone's IP was on that list or any list for that matter.
Fact is, my IP and their IP's are not. That's a pretty big lack of conclusive evidence if Elite is purportedly being used as a botnet/zombie to ddos FFEVO lol.
I was on the leaked wizbot list, no point hiding that info since the list could still be out there in the open, yet my IP (184.161.*.*) is not on that list. Care to explain that? I'm not saying theres 100% no foul play on the side of elite xi / wiz...but if the story is that wiz used his users computers to DDoS ffevo, and that list is the list of IP's used to attack the ffevo site, its very wrong.
the IP's I bothered to geotool got picked up in random locations...so far I found Indonesia and India, as top 2. Egypt, Argentina, Brazil 3/3 in the 1-2k hits. Unknown, Unknown, Pakistan next 3 random 1-2k hits.
Man kids today have no idea how this shit works shaking my damn head at the ignorance. Your own system or isp can stop you from being a dos host if setup correctly so even if he attempts to use your system he can't based on your router and firewall configuration. Just because your system isn't on the list means jack shit....
Also, do you know how many people use the bot vs how many actually get involved in online discussions of it potentially being used to DDoS? I don't know that value, but if there are, say, 1000 users and only 30 people actively engage in discussion, it's not exactly a strong argument to say "no one I've talked to was on the list", especially since there's no reason all the bot-users would need to be directed to an launch attack anyways. Personally, if I were an unscrupulous bot-maker, I'd take note of which users are actively involved on my forums or whatever and make sure they are happy. It'd be much safer to mess with a random anonymous user that has only ever visited the site once to get the bot.
Don't necessarily take this as me saying wizbot is being used to DDoS because the fact is I don't have enough information to know. But what I don't like is people making potentially erroneous conclusions based on word of mouth. "I know five people that smoke two packs a day and none of them say they have cancer" is not a sound argument that smoking does not cause cancer or that they can't potentially develop cancer.
Now, if you knew for a fact that there were only like 50 people that use wizbot and 30 or more have confirmed their IP wasn't on the list and you can reasonable believe they were being truthful and knowledgeable, then your argument based on word of mouth might carry a little more weight. Or it could just mean that the DDoS was done by a different botnet method.![]()
The facts are pretty clear wizbots bot has the code in place for just such abuse actually pretty easy with his design to steal any and all information from your machine. Fact fface for the second time is under attack after provoking wiz doesn't take rocket science to put the two together...
The Trojans thought that horse was a gift from the Greeks before they got slaughtered as well.
ddos attacks are a pain the ass to stop without the right gear I recall this from back in the day when se was underattack:
http://www.playonline.com/ff11us/polnews/news4524.shtml
Clear from what?
Rehwyn: From what I've collected now, 33 people that I know in game, 4 from these forums (1 who has talked to people by extension, but I don't know how many he's talked to), 6-8ish who have posted on Elite forums. Random ISP's and levels of technical competence and none have been used to zombie. FFACE programs come up as malware, Elite does not. I have no reason to not believe the people I've talked to.
Edit: If I'm wrong, I'm wrong and I'll admit that. Right now the proof doesn't lend itself to that and the people I've talked to that actually use FFACE or something from their site have had some suspicious problems, .exe files becoming corrupt, etc.
None of my fface programs get flagged as malware.
Do you somehow doubt that Wiz is behind the dDOSing of ffevo?
I wouldn't be surprised if he was, I just (as of right now) don't believe Elite is being used to zombie FFEVO. The thing I personally had a problem with was the line of code aimed to kill Elite if it was running. Since FFEVO does host similar programs to Elite, in my mind this would be like Apple placing a line of code to kill any Microsoft products.
If the bot users r being used to zombie ffevo or whatever...let me know why all the ips i geotooled are popping up in third world countries....all the ips i checked with over 1000 hits.
If its a case of "ffevo being holier than thou", why isnt there any attempt to force close any other bots?
Not to burst your bubble... Congratulations, you know how to use NeoTrace. But have you tried going to any of IPs listed?
The very first address with the largest number of hits looks like a proxy system... (EDIT: I'd go up with whatever you have for anti virus, etc)
About to load up a VM and take a peek around at some of these addresses.
Double EDIT: A bunch of these IPs are showing up on Project Honeypot as well.