URGENT-Requesting someone that knows about BungeeBypass

Status
This thread has been locked.

ExoticGamer23

Banned
Feedback score
3
Posts
217
Reactions
43
Resources
0
Hello everyone! I own a network and I've recently gotten a few threats that some time tonight someone will be using a bungee exploit to hack my server. I think I have it patched,but I am wondering if I can pay someone a couple $ to make sure I 100% have all bungee bypasses patched.

Do note; this IS URGENT!

PM me right away if you can do this.
 
PebbleHost
High performance, consistent uptime and fast support. Minecraft hosting that just works.

Sasha

The Cutest Developer on MCM
Premium
Feedback score
4
Posts
145
Reactions
63
Resources
0
Hello everyone! I own a network and I've recently gotten a few threats that some time tonight someone will be using a bungee exploit to hack my server. I think I have it patched,but I am wondering if I can pay someone a couple $ to make sure I 100% have all bungee bypasses patched.

Do note; this IS URGENT!

PM me right away if you can do this.

easy

make sure you're hosting your spigot instances on a non-default port and you have bungee set to true in spigot.yml

in the bungee config make sure you're using ip forwarding and that it's in online mode.

if you want to get super crazy you can mess with ip tables but it's probably unessesary for some kid who says they'll login to your server with skillclient

life would be even better for you if you're hosting the spigot instances on the same server, you can just host those on localhost:[port] and follow the above steps.
 

ExoticGamer23

Banned
Feedback score
3
Posts
217
Reactions
43
Resources
0
easy

make sure you're hosting your spigot instances on a non-default port and you have bungee set to true in spigot.yml

in the bungee config make sure you're using ip forwarding and that it's in online mode.

if you want to get super crazy you can mess with ip tables but it's probably unessesary for some kid who says they'll login to your server with skillclient

life would be even better for you if you're hosting the spigot instances on the same server, you can just host those on localhost:[port] and follow the above steps.
We've done this all, Only concern is we had this same things setup a they hacked us about a week ago. This same group has also hacked Velt,Mc-Central within the past couple weeks. So, if they can hack these large of networks I need to make sure I have it patched.
 
Banned forever. Reason: Ban Evading (turtleman1060, https://builtbybit.com/members/turtleman1060.16383/)

Sasha

The Cutest Developer on MCM
Premium
Feedback score
4
Posts
145
Reactions
63
Resources
0
We've done this all, Only concern is we had this same things setup a they hacked us about a week ago. This same group has also hacked Velt,Mc-Central within the past couple weeks. So, if they can hack these large of networks I need to make sure I have it patched.
configure firewall and iptables, and use 2 factor authentication on opped accounts.
 

SystemUpdate

Freelance Developer
Premium
Feedback score
4
Posts
119
Reactions
128
Resources
0
easy

make sure you're hosting your spigot instances on a non-default port and you have bungee set to true in spigot.yml

in the bungee config make sure you're using ip forwarding and that it's in online mode.

if you want to get super crazy you can mess with ip tables but it's probably unessesary for some kid who says they'll login to your server with skillclient

life would be even better for you if you're hosting the spigot instances on the same server, you can just host those on localhost:[port] and follow the above steps.
But that doesn't prevent anything unless he uses ip tables or some other method to prevent connections that are not coming from within his own network. I can just port scan, throw up my own BungeeCord instance and impersonate his account. Follow the BungeeCord setup guide, it correctly details how to securely set it up.
 

ExoticGamer23

Banned
Feedback score
3
Posts
217
Reactions
43
Resources
0
But that doesn't prevent anything unless he uses ip tables or some other method to prevent connections that are not coming from within his own network. I can just port scan, throw up my own BungeeCord instance and impersonate his account. Follow the BungeeCord setup guide, it correctly details how to securely set it up.
Alright, thanks everyone for the help, I believe I have it patched now I made sure I have 2 step auth on all opped accounts,and made sure my Ip tables were setup correctly.
 
Banned forever. Reason: Ban Evading (turtleman1060, https://builtbybit.com/members/turtleman1060.16383/)
Status
This thread has been locked.
Top