EVERONE READ THIS

[gamespain]

Ok This Is What Had Happen Not To Long Ago I Had Got An Virus Pop Up I Got Like One Of The Best Kinds On The Market Ok This Is How It Went Down I Had Got An Pop Up Saying That An ip 66.150.155.25 Try'd To Attempted to connect to my computer using default Block DeepThroat Trojan Horse And If Wouldn't Had This Alert Assistant On Here This Is What Would Happen Attackers Can Use Trojan Horses To Gain Acess To Files On Your Computer Or Even Take Control Of The Computer But I Had Trace The IP And It Came Back As 66.150.155.25 traced to: r-66-150-155-25.la.nuclearfallout.net Take Alook For Your Self Im Take A Screen Shot So Yall Won't Think Im Bullshiting While I Right This http://i396.photobucket.com/albums/pp41 ... titled.jpg

So This What Im Thinking You Guys Are Running A Bullshit Company And Im Take This To The Steam Board Or Nuclearfallout Borad!

[Edge100x]

Every other time we have see something like this it is from overzealous antivirus software (or more specifically, antivirus software that is trying to also be an IDS) that is inappropriately tagging legitimate game server traffic as malicious.

In your case, your error message tells me that this is mostly a meaningless overblown error meant to scare you and reinforce that the IDS/firewall is "protecting" you. This is made clear in the very first descriptive section, which basically blows smoke:

"A Security Alert appears when a a remote computer or a program on your computer attempts to access a port that is also used by a known Trojan horse."

A port can be used by a variety of different programs and your OS itself uses randomly chosen ports in its outbound TCP connections, so this doesn't mean the traffic was malicious. Additionally, you'd have to be running this particular Trojan on your machine for anything to be able to connect to it; if you're not infected, then you're safe.

If you can provide logs from your antivirus that show what happened in more depth, I can double-check this for you.

[gamespain]

If You Can Tell Me How To Do It Ill Be More Happy To..NFO Running a BullShyt SERVERS COMPANY Steam Checking On It Rite Now

[BnD|Sleeper]

If You Can Tell Me How To Do It Ill Be More Happy To..NFO Running a BullShyt SERVERS COMPANY Steam Checking On It Rite Now

Ever taken an EnGlIsH CLASS? Please do not capitalize every first letter of every word. It's extremely difficult to read.

It appears 66.150.155.25:27015 is a counter-strike 1.6 server with part of name "aZnNation." Being a counter-strike server owner for the past 4 years (over 4 years, almost 4 soon with NFo exclusively), I know the limitations by which Counter-strike and the Half-life engine operates. I can tell you for a fact that a program cannot be executed on your computer via a counter-strike game.

Like Edge (John) already stated, a port can be used for non-malicious purposes as well. Your Firewall is over-reacting to an innocent game server port (27015).

Just a note, you use all types of ports on a regular basis. From port 80 to port 8080 for HTTP requests (web browsing) and 995 for SSL SMTP (which you probably do not even understand... Secure Socket Layer (AKA encrypted) mail protocol). Nuclearfallout is doing nothing wrong here and there is no way a program can be executed remotely with the use of the Half-life engine.

I must note, VALVe is most certainly NOT looking into this. They do not give a crap nor do they work on weekends really... One random player could not set them in action; it takes millions before they even MOVE.

Do this for me: Open up Symatec Security Center Control Panel. Now go to the exceptions list in the firewall settings. Add either STEAM/Counter-strike to the exception list (allow all activity) or make sure port 27015 is allowed use.

If this were somehow possible (which it isn't), millions of players across the world would be affected by viruses right now and guess what, THEY ARE NOT!

Go play in my server 64.94.101.52 (WC3 BnDClan.com) and let me know if it says the same thing.

Sleeper @ bndclan.com

[gamespain]

no i failed that class... and i think most or alot of people are affected and they dnt know it..all my ports are fine its your guys company that try'd to hack into my computer my shyt aint having it steam/vac is checking this promble as we speak it there they said if my story is the case i will get a server paid for and your nuclear fall out server will not be able to be on vac or steam servers so i think your wrong trying to blow smoke up my ass witch i aint having it..

[BnD|Sleeper]

all my ports are fine

You are right. All your ports ARE fine including 27015 where the game server was connecting to like you requested.

its your guys company that try'd to hack into my computer

I do not work for NFo but I do know computers very well as they are my profession and hobby. No one tried to hack into your computer from that IP address contrary to what you think let alone one of the most reputable companies in the industry...

my shyt aint having it

Correct. You are not having problems because no one or thing tried to hack your machine. So yes your shit is not having it because if it were, you would have a broken computer right now due to "trojan."

steam/vac is checking this promble as we speak

This is more or less what STEAM/VAC/VALVe do on a regular basis if they say they are checking on something:

they said if my story is the case i will get a server paid for

Remind me WHY would STEAM/VALVe/VAC PAY for YOUR server that they hold NO liability for? Because they like little pre-teens/teenie-boppers illiterate of computers claiming their firewall sensed danger.

For reference: The server is the "devil" or "stranger" and you are the "little kid":

and your nuclear fall out server will not be able to be on vac or steam servers

Best of luck thinking that. I think VALVe/VAC/STEAM loves Nuclearfallout because not only do they have great servers but very good support and professionalism, contrary to your intellect and courtesy.

Plus, I generally think VALVe rather likes Nuclearfallout seeing as how NFo has CONTENT SERVERS for them...

so i think your wrong trying to blow smoke up my ass witch i aint having it..

You want to know the difference between you and me?

I KNOW you are WRONG whereas you THINK we are wrong.

Alls well that ends ok, so fuck you and have a nice day!

Sleeper

[BnD|Sleeper]

P.S. The above post should count as a testimonial. LOL

Sleeper

[Edge100x]

gamespain, as I said I would need to see your antivirus logs to be able to investigate this further. I don't know which firewall you are using, but you should be able to get to such logs through your software, and its help system may have further information. Please email them to rentals@nuclearfallout.net. The error message you posted a screen shot of is unfortunately too vague to be able to draw any conclusions as to exactly what occurred here.

We are a game server provider, which means that we set up game servers and hand over the keys to our customers for some period of time, with the type of server and amount of time dependent on what the customer wants. Our TOS at https://www.nfoservers.com/termsofservice.php prohibits customers from using their game servers to contact outside hosts, but it is possible that a customer could load a plugin on the server that tries to do this. This is unlikely in your case, but it is still worth investigating.

Do you have a home cable/DSL router? If so, it is actually not possible for unsolicited traffic to reach your machine, meaning that this was definitely legitimate and sent in response to something that you did. This is because cable/DSL routers use NAT and PAT along with a stateful firewall to map a single external IP to multiple internal-only IPs (http://en.wikipedia.org/wiki/Network_ad ... ranslation).

It is also entirely possible that you were seeing spoofed (http://en.wikipedia.org/wiki/IP_address_spoofing) or reflected traffic sent in response to a spoofed packet.

As I said before, even if you don't have a router and one of our customers were trying to contact a port on your machine, it would be pointless, since you are (presumably) not running that particular trojan and your firewall blocked the traffic. Port scans, login attempts, etc, are very common on the internet -- in fact, they are so common that a naked pre-SP1 Windows XP installation would be compromised in a matter of minutes (http://www.usatoday.com/money/industrie ... ypot_x.htm). Such attempts are harmless as long as you have good security practices, including a firewall.

[gamespain]

Sleeper WATCH ME DO ME AND WIN THIS AND WATCH THIS COMPANY FALL FROM HERE/SHUT DOWN IM SORRY BUT VAC WILL PAY FOR [another company's] SERVER FOR 1 YEAR IF THEY FIND OUT THIS IS TRUTH WITCH IT IS SO DONT TALK SHYT CUZ UR NOT GOING TO SAY ANY OF THE SHYT ON HERE TO MY FACE! PERIOD POINT BLANK COMPUTER NERD U ARE INTERNET SHYT TALKER YOU ARE GET A LIFE!

I GOT DSL ALL MY PORTS ARE GREAT MY FIREWALL IS STR8 AND ITS YOUR COMPANY THAT TRY'D TO ATTEMPTED TO GET INTO MY FILES PERIOD POINT BLANK HANDS DOWN DEEPTHROAT TROJAN YOU GOT AN VIRUS ON THAT COMPUTER IP THAT TRY'D TO GET INTO MINE!

[BnD|Sleeper]

Sleeper WATCH ME DO ME

No Thank you.

Also, they will not give a free server; end of discussion.

Sleeper

[Edge100x]

...WATCH THIS COMPANY FALL FROM HERE/SHUT DOWN IM SORRY BUT VAC WILL PAY FOR [another company's] SERVER FOR 1 YEAR IF THEY FIND OUT THIS IS TRUTH WITCH IT IS

gamespain, please realize that I am the only one you need to talk to about this, not Sleeper. He is a client and user of our services. He is not an employee and does not represent this company.

You are not helping me get to the bottom of your concern. I need the logs.

I GOT DSL ALL MY PORTS ARE GREAT MY FIREWALL IS STR8

I didn't ask about DSL, but that's great. I asked if you had a router. For instance, this: http://www.amazon.com/Linksys-EtherFast ... B00004SB92

AND ITS YOUR COMPANY THAT TRY'D TO ATTEMPTED TO GET INTO MY FILES

No. Did you read my post?

To recap, I already explained why:

* It's unlikely or impossible that there was an actual malicious event involved. If you have a cable/DSL router, it's flatly not possible.
* If the traffic were indeed malicious, it is quite possible -- even likely -- that it was spoofed or a reflection of spoofed traffic.
* If the server were indeed trying to connect to a trojan on your machine:
- It would be that customer who triggered this, and not us. We'll gladly investigate and react as necessary according to our TOS, but we would not be to blame for this.
- It would do nothing if your firewall is active and you aren't running the trojan. In fact it would be no worse than what happens every few seconds to pretty much everyone on the internet.

Yes, I have a degree in this, as well as extensive real-world experience with security manners. We've been around since 2002 and I've investigated plenty of cases like this. I also provided third-party links that support what I said.

YOU GOT AN VIRUS ON THAT COMPUTER IP THAT TRY'D TO GET INTO MINE!

No, that's not even what your antivirus message said. It said that someone was trying to contact a trojan (virus) on your computer. One that presumably doesn't exist.

Keep in mind that antivirus software is not automatically right! There are plenty of false positives and negatives involved, just like with spam detection. You can't take everything it says at face value.

[DontWannaName]

lol... this is quite funny. Have you tried contacting Norton and asking them to look into that report, they will tell you if its bs or not. Let me remind you NFO I believe has the right to refuse service to anyone. "We reserve the right to cancel it at any time and give the renter a prorated refund according to how much time is left in the month."