Limelight Forums

Full Version: [SECURITY] Measures against ip-loggers
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3
Good day community.

Today we have forced the forums into a new level of security. Due to recent events, you can no longer post images from foreign-untrusted sources. Malicious images can be used as a backdoor ip-logger, thus our forums will only allow trusted images.

If your signature, remote-avatar or forum-post contains an untrusted image, it will not be loaded.

So make sure to only use a trusted hoster for images.

Since we have carefully checked all image-hosters used on this forums, you shouldn't notice any issues.

Trusted hosters:
  • Discord (discordapp.com, discord.com, discord.gg)
  • Steam (steamuserimages...akamai, steamstatic.com, steampowered.com, steamcommunity.com, steamusercontent.com)
  • ts3index.com
  • Print Screen (prnt.sc, prntscr.com)
  • Dropbox (dropboxusercontent.com, dropbox.com, dropboxstatic.com)
  • vgy.me
  • puu.sh
  • photobucket.com
  • pinimg.com
  • tinypic.com
  • gravatar.com
  • tumblr.com
  • screenshot.net
  • aulod.com
  • cloudflare.com
  • imgur.com
  • giphy.com
  • wikimedia.org
  • gametracker.com
  • gyazo.com
  • speedtest.net


Want another one added? Feel free to suggest it below.

In addtion, we coded a link watcher.

Introducing the Limelight - Link watcher

[Image: 714rm03.png]

As with our image protection, non-trusted links will fire up a notice when you click on them.
An attacker could easily manipulate a link to have you forwarded to an ip-logger/bad site.

For example:

https://limelightgaming.net/forums/thread-12097

Now click on that link above and you will understand.

As you can see, links can be manipulated by adding a tittle on 'em.

While this is still possible, you will receive a notification and the real URL is printed.
It is up to you whether you enter that site or not.

Currently only *.limelightgaming.net is whitelisted to skip the notification. We might expand on this in the future. For now better be safe than sorry.


Please note:  We cannot protect you at 100%. Simply don't click on a link that might be masked as short-url.

Especially links such as goo.gl are used to redirect you to an ip-logger
Sounds good but what about puu.sh? I use that for my screenshotting and I know quite a few others do aswell
Nice, but I think photobucket would not hurt anyone. (photobucket.com)
Its for the best so meh good work!
Added:

*.photobucket.com
*.pinimg.com
*.dropboxusercontent.com
*.steamstatic.com
*.tinypic.com
*.puu.sh
People might ask "Why whitelist instead of blacklist?"

Well. The problem with a blacklist is: Someone could use a free webspace service to upload an malicious script with an embedded ip-logger and mask it as an image. Then the person could use that image on forums. It would be much harder to collect bad sites than whitelisting good ones
What about prntscr.com I forgot what their short link is but it's another screenshotntool
Could we have vgy.me? As that's my go to site for ShareX screenshots
Requesting https://dl.dropboxusercontent.com

EDIT: Does not work, even with the link on the whitelist.
Who knew people living in basements could do so much damage..
I'm not even gonna say anything bad against the guy, if he has my IP I don't think he would have a problem DDOS'ing me for the next year if I talk shit
Added

prntscr.com
prnt.sc
dl.dropboxusercontent.com
vgy.me
Short-url's can be checked from https://www.checkshorturl.com/ incase someone with no malicious intent uses a short-url

Also, someone can mask the link, make it look like something and link it somewhere else like this www.google.com so do be careful to that. It was already said in the thread but there's no harm in repeating a safety measure
If you ever encounter a goo.gl link that you don't know what is for, add a + to the end to view the analytics that includes the original URL.
You might want to add limelightgaming.net...
Pages: 1 2 3