Normally we use OpenVPN with servers in a specific location, because it’s central to popular casino areas. Still depending on your location, ping times may not be optimal. While we can and previously have used other VPNs, I cant allow this anymore on some servers because it may be a security risk. If I don’t control the VPN servers, then I have no way of knowing they carry malicious code (which would make both the server and your pc vulnerable). The ping difference may only be 500ms maximum which is rarely significant anyway. If you want to try a different internet route, you’ll need to use a VPN on your own side. If you have a VPN account, I can install it on your server. But shared VPNs are usually much slower, and you have no assurance the VPN provider doesn’t remotely access your connected devices (with a trojan embedded in the client). While a VPN may encrypt data, the downside is it can create vulnerabilities. Also if you use a custom VPN, unless you require only direct server access, it needs the capability to communicate with other devices on the network. This means you can’t use most ordinary VPNs. The alternative is use a normal VPN on your server, leave a port open, and you connect directly to the server. The problem with this is then data isn’t encrypted, and the server is much more vulnerable. The overall best solution is use the OpenVPN servers I provide. This way there’s a Linux server providing an extra layer of protection.
Month: December 2019
JAA Server Hacked
It appears the JAA phone version server was hacked. I expected it would happen at some stage, because it has open ports and other vulnerabilities to function correctly – like any server connected to the internet (especially a windows server). It is not a big problem though because the software itself is encrypted, and can’t be decrypted without physical access to the hardware. Also it is isolated from other servers on the network.
At this stage I’m not sure what the purpose of the hack was. It was probably a random attack. I changed the server in case I missed anything. The migration only took about 15 mins, so the server was only briefly down.
I compared user data to backups, and it doesn’t appear user data and wheel profiles were touched. I’ll see what can be done to prevent it happening again, but even if it does, it wont be a big problem because of its isolated environment and easy restoration.