Hacking attempts?

Similar Messages

• How can you tell of a hack attempt

  Hi
  Freaking a little!! So any quick advise!
  I was at college teaching and had my laptop on Ethernet and Wireless.
  Anyway, I was using one of the iMacs the college has and was leaving my laptop to be idle.
  I looked over when the screen suddenly lit up and the mouse moved on its own.
  I held my mouse and the cursor carried on moving and even clicked on an application. That opened up.
  I disconnected quickly and shut the lid.
  I am not home trying to understand what happened.
  Can someone give me advise on what it was, if it was a hack, or could it have been another wireless mouse in range that accidentally controlled my computer by mistake?
  Any help please
  I have now switched on the system Firewall and am running WaterRoof (however, I don't know how to configure that)
  Thanks in advance

  Rob Snow wrote:
  Is there a way to make it so that only my computer and the other two computers can interact and no others?
  You can use a tool like Waterroof to configure the ipfw firewall to allow only your home machines to connect.
  I also didn't have the firewall on, as I heard much the same, that the system Firewalll is pretty useless and to use the modem one instead.
  It isn't useless, just misused and misunderstood. I don't know what you mean by "modern" firewall. The "older" one is actually much more powerful and much more difficult to use.
  Now, I could assume that the attempt was by a student that saw me on the network, but they need to know my password.
  That is true. Given how common cell phones and cameras are these days, it would have been pretty trivial to record you typing your password and play it back in slow motion.
  Anyway, now that I have firewall on, I see that sharing options have been turned off or are inactive.
  I will change my password and then see how things go.
  Keep in mind that you must now change all of your passwords. There is no way for you to tell when your password was compromised. Once you get one password, you can easily social engineer others. Plus, whomever had your password also had access to all of your files.
  Is there a way you can via the menu bar activate and deactivate such services, instead of going to system prefs every time. Or a shortcut?
  The quickest way is to disable all incoming connections in the firewall.

• Hack attempt by a certain user I know

  Hey everyone, I thought it'd be fair to share this information I know just in case that person attempts to hack into other skype user's account.
  So basically this guy from my contact list has been trying to send me a picture for a while (name is Fre*****y, asterisk signs to keep the privacy- I'm sure skype staff will know who am I talking about anyway if you view my contact list somehow), lately, when we haven't been in excellent relationship to say the least. I got few of my accounts in other communities etc. hacked before so I'm ultra sensitive when it comes to this, I had a feeling that he might be sending me this picture to try and virus my computer or something else- after all, why'd he want to send me some picture over skype if he can just post a link like everyone else does? Takes a lot less effort.
  After I rejected he went 'fu' at me which everyone knows what does mean, he got kinda pissed off. Today he sent me a picture again(actually yesterday, because I'm writing this after midnight) so I didn't press accept or decline at all, and like 5-10 minutes after he sent me the picture again. I thought, heck, why not, after all I got my norton and it should protect me if it's some kind of a virus. Mind you, the .jpg picture had some very weird and lengthy name like 493204590329054390_28343dfsad_4532389....jpg.
  So yeah, call it paranoia if you want, I changed my password right after because he was talking kinda weird and it was all suspicious to me- he just sent me some random picture and acted as if it was something special- Picture. So I instantly changed my password because I thought something fishy was going on- and I'm pretty sure it was. Right after that my internet connection dropped for some brief moments as if I got DDoS'ed or something(he could've gotten my IP somehow through sending the file?) and my internet could not simply work. Okay now that's even more suspicious, I thought, though I feared not because I changed my password preemptively. 
  So after a while my internet started working and I saw everyone online on skype apart from... Fre*****y guy! It seemed like he logged off right when I did too, as if he tried to perhaps log my account? Anyhow, he logged back online around 10 seconds after I did(and it could not have been that we share ISP and it went down- he lives in Norway and I live in Poland) and was acting even stranger than usual. So my wild guess is he in some way tried to:
  1. Get rid of my internet connection for a while which could be DDoS thing,
  2. Log off his account instantly
  3. Try to log on my account and take control over it
  After that we had some brief conversation, it was mostly him talking a lot in some weird manner as if he was trying to fool me, here is the conversation(P is me, F is him):
  [2012-02-21 18:27:26] P: :0
  [2012-02-21 18:28:02] P: i won't sleep now
  [2012-02-21 18:28:26] F: atleast he is the ni***st,cant get anymore ni**ish
  [2012-02-21 18:30:32] P: ni**rest
  [2012-02-21 18:32:52] P: p***y
  [2012-02-21 18:33:16] F: imagine how his nigglets are gonna turn out looking
  [2012-02-21 18:33:40] P: did you just ddos me?
  [2012-02-21 18:33:47] P: i lost my internet connection after getting the pic
  [2012-02-21 18:35:03] F: i didnt
  [2012-02-21 18:35:24] F: When I do that u also get probeb analy
  [2012-02-21 18:35:32] F: one of my many trademarks
  [2012-02-21 18:35:38] P:
  [2012-02-21 18:35:43] P: you were offline for a while too
  [2012-02-21 18:36:03] F: Back in my old village they used to call me "The Analator"
  [2012-02-21 18:36:36] F: That was only until I abused a 12 year old girl,then then started calling me "the vaginalator"
  [2012-02-21 18:36:47] F: but I will always be the analator in my eyes
  [2012-02-21 18:37:17] P: i c
  [2012-02-21 18:37:53] F: I hope u are taking notes
  [2012-02-21 18:38:01] F: cause this is importent stuff
  [2012-02-21 18:38:17] P: ye i couldn't live without this information
  [2012-02-21 18:38:46] F: My gf says I talk too much **bleep** and should tone it down...I say I dont talk enough and should tone it up!
  [2012-02-21 18:39:20] P: (mm)
  So that would be it, it all looked suspicious to me because usually he doesn't talk so much at all, and when I asked him directly if he DDoSed me, he just started spamming me with these messages changing the topic entirely.
  Anyways, perhaps I just made it all up in my mind but I like to be in a clear situation so I'm letting you skype staff know about it, and I'm also asking politely from you to look into this situation and check if my suspicions were actually right(that is if you have the possibility to do so- I guess you do). 
  Shall you find out whether I'm just being paranoid or I actually was right there, please make sure to get back to me and let me know .
  Thanks in advance.
  Solved!
  Go to Solution.

  report the user to [email protected]
  CONTACT SKYPE CUSTOMER SERVICE   |  HOW TO RECORD SKYPE VIDEO CALLS  | HOW TO HANDLE SUPICIOUS CALLS AND MESSAGES   |  WINDOWS PROBLEMS TROUBLESHOOTING   |  SKYPE DOWNLOAD LINKS  
  MORE TIPS, TRICKS AND UPDATES AT
  skypefordummies.blogspot.com

• How to check hacking attempts ?

  Hi all;
  Is there anyway to check who is trying or have tried to hack network ? I am using ASA 5520 firewall. Is there any command to check it ?
  Thanks.

  Hi,
  You can start by using the 'show local-host' command. This would show you if there's multiple attempts for a half-opened TCP sessions. You could narrow it down to known IP such as servers.
  Sent from Cisco Technical Support iPhone App

• This is the 4th time I have had to reset my password in 2 months, this is being generated by apple not me. I keep getting emails as well telling me to reset my password. Is this due to a hacking attempt or a virus or perhaps IOS ? What is going on??

  I have a problem with my Apple ID password. I have been asked several times over the last few months for my Apple ID password and then when I go to enter it tells me that it is incorrect and I have to through the whole thing again.

  If you are receiving e-mail messages telling you to reset your password, you should never click links in those e-mail messages and enter your password there! That is a common phishing attempt, and entering your Apple ID and password on the page you are directed to would give it to the hackers behind it.
  It could also be an error of some kind (someone is trying to reset what they think is their Apple ID) or a malicious attempt to reset your password (stupid, since you'd get the reset e-mail, but some folks aren't that bright about this sort of stuff). In either case, turning on two-factor authentication will prevent anyone from even attempting to reset your password without additional information. See:
  Apple introduces two-factor authentication
  If you keep getting the reset e-mails after turning that on, it's phishing and you should just delete the messages.

• Attempted hacking question

  Hi everyone:
  I received an email this evening detailing a supposed Apple Support phone call I was purported to have made yesterday (I did not, and I am the only one in my family who does when necessary). So I called Apple to inquire about it, and when I explained the situation, they confirmed that someone (he called himself Patrick) did indeed call them with my iMac's SN and my email address, requesting Apple reset my Admin password. Of course Apple did not because this 'Patrick' could not confirm my other information and Apple can't do this, but I am a bit unnerved. I have a Centurylink router with a password and use OS X Lion. Does anyone know how this 'Patrick' could have obtained my SN and email? And any suggestions for advanced security practices on my end?  I really would appreciate insight.
  On a side note - both my hubby and I noticed last evening our router kept dropping the connection, which was a first. It lasted a few hours. Could that have been the hacker attempting to gain access?
  Thanks for any advice.

  What encryption does your Router Use? Hopefully WPA2 with a good Password?
  Yahho was hacked a couple of months ago for about 450K emails & some passwords, which somehow led to linkedin, gMail, Facebook, Twitter, & a few more breaches.

• Network (IP) address is no longer listed as the source of multiple failed login attempts - Events 4776 in Windows 2008 R2

  Our Windows 2008R2 security log is full of failed login attempt events 4776, but we're unable to block them because no IP address is provided for the network source of these attempts - like it was in Windows 2003 Server.
  Log Name:      Security
  Source:        Microsoft-Windows-Security-Auditing
  Date:          9/26/2012 2:32:27 AM
  Event ID:      4776
  Task Category: Credential Validation
  Level:         Information
  Keywords:      Audit Failure
  User:          N/A
  Computer:      MAIL.XYZ.COM
  Description:
  The computer attempted to validate the credentials for an account.
  Authentication Package:    MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
  Logon Account:    admin
  Source Workstation:    MAIL
  Error Code:    0xc0000064
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
      <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
      <EventID>4776</EventID>
      <Version>0</Version>
      <Level>0</Level>
      <Task>14336</Task>
      <Opcode>0</Opcode>
      <Keywords>0x8010000000000000</Keywords>
      <TimeCreated SystemTime="2012-09-26T06:32:27.570062500Z" />
      <EventRecordID>18318</EventRecordID>
      <Correlation />
      <Execution ProcessID="452" ThreadID="540" />
      <Channel>Security</Channel>
      <Computer>MAIL.XYZ.COM</Computer>
      <Security />
    </System>
    <EventData>
      <Data Name="PackageName">MICROSOFT_AUTHENTICATION_PACKAGE_V1_0</Data>
      <Data Name="TargetUserName">admin</Data>
      <Data Name="Workstation">MAIL</Data>
      <Data Name="Status">0xc0000064</Data>
    </EventData>
  </Event>

  The user names are all different in these log events, and they constantly change, which may indicate a hacking attempt.  However, in Windows 2003 these type of events looked like this, showing the IP address the request came from, so we could trace
  and block them -- but not in Windows 2008:
  Logon Failure:
  Reason: Unknown user name or bad password
  User Name: s
  Domain: MAIL
  Logon Type: 10
  Logon Process: User32 
  Authentication Package: Negotiate
  Workstation Name: MAIL
  Caller User Name: MAIL$
  Caller Domain: XXXX
  Caller Logon ID: (0x0,0x3E7)
  Caller Process ID: 3728
  Transited Services: -
  Source Network Address: 202.67.170.186
  Source Port: 57365

• Can a hacked website hack my iMac?

  Hi,
  Yesterday I visited a website I've visited a number of times that appears to be run from India. However, when I went on yesterday instead of the usual homepage the page was black and had the words "HACKED BY PREDATOR" and then two boxes came up which you had to click Ok on before you could leave. It did say who it was hacked by and when I googled it it was a CYBERTEAM in indonesia that has a facebook group.
  I just wondered if it was possible that as I went on there for something to invade my computer?
  The site today is just a website hosting page.
  Thanks
  Ryan

  If you're running Windows, maybe; if you're not, then I'd say not - something can only "invade" your computer if it can recognize the OS or code and most hacking attempts are written to recognize Windows. As an extra precaution: when you're facing a website that will not allow you to do anything unless you click on something, simply close the entire window or, better yet, quit the browser and then open it again. You may lose your open tabs, but at least you haven't clicked anything you really didn't want to. Additionally, the Mac OS requires you to authorize any install of anything, so unless you input your password and let something install, it didn't happen. Also see this excellent article:
  http://www.reedcorner.net/thomas/guides/macvirus/

• Had phone call call from "LogMeIn Rescue"  claiming there is asking attempts on my Mac.  Wanted to take control of set to 'fix' it.  Are these people legit  they are obviously offshore. Thanks

  Had an offshore phone call from  LogMeIn Rescure claiming they had messages there were hacking attempts on my Mac.  Wanted to control myh system's fix' problem.  Are these guys legit??

  No reputable company will call you for this purpose, they're crooks, trying to steal from you.
  Ignore them.

• Account hacked, email changed without my request

  My account is stolen, email was changed without my request and without confirmation.
  Hacker changed password.
  I already sent a  support request. Support Request Number:1299247654
  Hacker attempt is attempting fraud with people in my contacts.
  Please, block him as soon as possible. Review my case and return my account to its original email address.  Please responed on following email: [e-mail removed for privacy and security]

  Succesfully resolved in two hours after request. Thanks!

• Firefox and hacked accounts

  I installed Firefox as an experiment to assist another poster.  Within 24 hours I was notified by my gmail and iCloud account of suspicious activity.
  i Changed my passwords and added 2 step verification on my gmail account.  Uninstalled firefox.
  i Don't know what other information has been collected from my phone.  I will be changing more passwords just in case.
  if you use Firefox and have had similar alerts, hacked phone or corrupted data, uninstall, secure your accounts.
  photo of my computer screen:

  AHa, good for you!  Unwinding is good....
  Since the IP used to try and gain access is in Africa, or says it is in Africa anyway, I know it was a hacking attempt.    And as the picture I posted shows, they were using a browser that I never use on a Windows computer, which I don't have.  
  my iCloud account, yahoo account and now Google account are all 2 step verified and can't be used on any other device without authorization code, which changes every time.  These accounts all show a list of which devices I have used my signin on.
  This could happen to anyone.  I feel I've secured my accounts.  I figured other's may need the information as I see more and more incidents of hacking daily.
  My yahoo account was hacked 2 years ago.  The hacker used my account to send emails to all my contacts.  The sent email showed in my sent file.  I changed my password and he got in again.  I deleted my contacts, changed the password and added 2 step verification.  If Google would make finding this easier, I would have set up 2 step then.

• Accounts being created with administrative group rights

  Hello,
  The server is a Windows 2003 R2 Enterprise fully patched used for Shared Hosting purposes.  It runs Hsphere control panel.  I am trying to identify how the following hack is happening. 
  1) There are users being created with Administrative group rights.   Below is the EventViewer log for the user creation:
  User Account Created:
       New Account Name:    username
       New Domain:    PCNAME
       New Account ID:    PCNAME\username
       Caller User Name:    PCNAME$
       Caller Domain:    DOMAINNAME
       Caller Logon ID:    (0x0,0x3E7)
       Privileges        -
   Attributes:
       Sam Account Name:    username
       Display Name:    <value not set>
       User Principal Name:    -
       Home Directory:    <value not set>
       Home Drive:    <value not set>
       Script Path:    <value not set>
       Profile Path:    <value not set>
       User Workstations:    <value not set>
       Password Last Set:    <never>
       Account Expires:    <never>
       Primary Group ID:    513
       AllowedToDelegateTo:    -
       Old UAC Value:    0x2DAB2B0
       New UAC Value:    0x2DAB2B0
       User Account Control:    -
       User Parameters:    <value not set>
       Sid History:    -
       Logon Hours:    <value changed, but not displayed>
  There exists entries as well where the primary group ID is changed to the Administrative group, but I am omitting such.
  2) I tried to identify what Caller Logon ID:    (0x0,0x3E7) means.  I found out from here:
   http://blog.joeware.net/2013/01/14/2667/ that I can use LogonSessions.exe to identify it.
  Output from LogonSessions.exe is pasted below (snippet):
  [0] Logon session 00000000:000003e7:
      User name:    DOMAINNAME\PCNAME$
      Auth package: NTLM
      Logon type:   (none)
      Session:      0
      Sid:          S-1-5-18
      Logon time:   9/11/2014 12:41:53 PM
      Logon server:
      DNS Domain:   
      UPN:          
          4: System
        316: smss.exe
        364: csrss.exe
        392: winlogon.exe
        440: services.exe
        452: lsass.exe
        628: svchost.exe
        756: LMAgent.exe
        840: svchost.exe
       1000: spoolsv.exe
       1252: avagent.exe
       1268: camWMIAgent.exe
       1324: cissesrv.exe
       1380: cpqrcmc.exe
       1404: vcagent.exe
       1440: svchost.exe
       1480: HsQuotas.exe
       1740: inetinfo.exe
       1780: EmailAgent.exe
       1856: snmp.exe
       1884: sysdown.exe
       1920: smhstart.exe
       2192: svchost.exe
       2388: cmd.exe
       2396: hpsmhd.exe
       2444: cqmgserv.exe
       2464: cqmgstor.exe
       2484: HSphere.exe
       2596: wmiprvse.exe
       2676: cmd.exe
       2684: rotatelogs.exe
       2692: cmd.exe
       2700: rotatelogs.exe
       2732: searchindexer.exe
       2812: hpsmhd.exe
       2824: cqmghost.exe
       2852: svchost.exe
       3044: cmd.exe
       3052: rotatelogs.exe
       3080: cmd.exe
       3088: rotatelogs.exe
       5452: svchost.exe
       5596: GravitixService.exe
       7392: csrss.exe
       7232: winlogon.exe
       6888: csrss.exe
       9832: winlogon.exe
      10388: wawrapper.exe
      10352: cpqnimgt.exe
       9496: msiexec.exe
       6068: w3wp.exe
       4748: webalizer.exe
  3) I also learned from http://support.microsoft.com/kb/243330/en-us that   Sid:          S-1-5-18 means:
  SID: S-1-5-18
  Name: Local System
  Description: A service account that is used by the operating system
  That is all great info, but I am not sure I can put together what I have learned to attempt and get closer towards identifying how in the world users are being created and then being assigned administrative group rights.
  I am a Linux person mostly, but I am comfortable following a properly explained thread regarding windows 2003 R2 Enterprise issues.
  The server is fully patched and it is running Lumension security product.  What's more, Norman Malware tracker, tdskiller.exe (Kaspersky) and McAfee rootkitremover.exe have been run without any apparent Malware/Virus infection
  Hope someone with advanced admin skills can advise.
  Thank you

  Hi,
  You mentioned that, “I am trying to identify how the following hack is happening”, would you please tell us that why did you think the event represent a hacking behavior?
  In a Shared Server Hosting environment, the underlying hosting control panel tool (Hsphere in this case) should be creating only virtual FTP users with a specific group.  So no users with Administrative group should be ever created.  If this happens,
  it constitutes a breach of server security=positive hacking attempt.
  >how in the world users are being created and then being assigned administrative group rights.
  In addition, would you please be more specific about this question? Did you find the event message on a domain joined machine?
  I want to be able to understand in full how/what process is allowing users to be created with Admin rights.  In other words, I want to know what IP was used to issue the command, if ASP.net was used (abused in this case), or anything else related to
  it so that we can patch this particular hole.
  Best Regards,
  Amy

• The Adobe Flash plugin keeps crashing on Firefox 12.0

  The Adobe Flash plugin keeps crashing on Firefox 12.0, and my Plugin Check link in Addons Manager directs to https://www.mozilla.com/en/404 .
  Is this a hack attempt? Is Firefox 3.6 safer than the release channel?

  Thankss, but it sounds a bit complicated for me. Maybe I can just reinstall FF?
  ~And would switching back to FF 3.6 (or whatever the latest Official release is), rather than being on the new Release Channel be safer than FF 12?

• How do I restrict the source trying to access a port?

  I have VoIP phones in my office and I am experiencing dozens of hacking attempts per day.  I received the following email from the company that I purchase service from:
  Hi ,
  Based on our research and experience with these type of calls, these are hacking attempts usually using a program called SIP Vicious or a variant. You can  check the link below about SIP Vicious.
  http://threatpost.com/hackers-pushing-sipvicious-voip-tools-malicious-attacks-08 3111/
  These attacks for the most part do not affect users behind our managed routers since we have security features in place to block them.
  The calls that the remote users are getting do not  traverse the Broadcorenetwork at all. Meaning even if the user put the phone on  DND or we try to block calls through the Web portal, calls will still go through because the call does not go through our Session Border Controller ( SBC ) .
  The call is directly hitting the IP of the remote users router (bypassing Broadcore completely) and scanning the ports for a SIP device which is the Polycom Phone. Once they get an answer back from the phone, the hacker  now has a target to attack. What they want to do is get the credentials for the user so they can authenticate a soft phone for example and make free calls.
  Unmanaged network /Router limits us of how we can block these calls  , however we have a suggestion which could help you eliminate these calls.
  What the remote user can do is to implement this policy . Allow UDP protocol on port 5060 but the only source should be west.broadcore.com.
  Since the remote user uses his/her own router, you might need help from their respective support team.
  Thank you,
  How do I set up the port mapping to only allow incoming traffic from the specified source west.broadcore.com?
  Also, is there some sort of documentation, manual, web site or book that covers what the settings of the Airport are?  In detail?  So, that I can learn for myself what is what and be able to answer my own questions such as:  Timed Access - Does this only apply to Wi-Fi or does it disable to whole router during the restricted period?
  Thanks in advance,
  Noa
  By the way I'm using the  Airport Express 802.11n Wi-Fi (2nd Generation), Firmware 7.6.4, Airport Utility 6.3.4 on my Mac or the latest version on my iPhone 6.

  What the remote user can do is to implement this policy . Allow UDP protocol on port 5060 but the only source should be west.broadcore.com.
  Unfortunately, Apple routers are quite simple, and do not have the features and settings that you would need to do this.
  However, if you are using a modem/router or gateway device with the AirPort Express, then you might be able to set up the modem/router to do what you need. What is the make and model number of the device that you likely call your "modem"?

• [GUIDE] How to get MapleStory working in Arch Linux

  MapleStory is a free-of-charge, 2D, side-scrolling massively multiplayer online role-playing game developed by the South Korean company Wizet. Several versions of the game are available for specific countries or regions, and each is published by various companies such as Wizet and Nexon. Although playing the game is free, character appearances and gameplay enhancements can be purchased from the "Cash Shop" using real money. MapleStory has a combined total of over 50 million subscriber accounts in all of its versions. MapleStory North America (Global), for players mainly in North America and outside of East Asia, Southeast Asia and Europe, has over three million players.
  In the game, players travel the "Maple World", defeating monsters and developing their characters' skills and abilities as is typical in role-playing games. Players can interact with others in many ways, such as through chatting, trading, and playing minigames. Groups of players can band together in parties to hunt monsters and share the rewards. Players can also join a guild to interact more easily with each other.
  I am an avid mapler myself, however, I am also an avid archer! For some time, I have wanted to get MapleStory working on Arch Linux in some way, but nothing seemed to work. As you might have guessed by now, recently, while playing around with VirtualBox, I discovered a method to get MapleStory working on it! Though in this method you won't actually have MapleStory running on Arch Linux, you'll have it running on a VirtualBox Windows virtual machine, that is still pretty good compared to other people's experiences.
  I hope there are at least a few maplers on this forum, and if there aren't, I hope that someone will port this post over to other Linux, or even MapleStory, forums. Anyways, let's begin.
  1. Download and install a version of Virtual Box that is version 3.0+. The reason for this is that, only versions 3.0+ support an experimental DirectX Driver with 3D acceleration that is required for MapleStory to run.
  2. Create a Windows Virtual Machine, add a hard disk to it, and install and update Windows on it(preferably Windows XP, as it uses less resources than other contemporary Windows installations).
  3. Once you have done all you needed and wanted on that Windows installation, restart it, boot it into safe mode by holding F8 at the boot, and wait until the desktop is fully loaded.
  4. After you are at the desktop, go to "Devices" at the top of the menu of the Windows virtual machine, and select "Install Guest Additions...". Wait until Guest Additions finishes installing, and when VirtualBox asks you if you want to mount the disk containing the Guest Additions on the virtual machine, say "Yes".
  5. Run the main executable on the disk that doesn't have amd64 or x86 following its name. Follow the instructions it gives you, and when it asks you what components to install, make sure both of the boxes it shows you are checked.
  6. After the install is completed, the virtual machine will restart. After it restarts, shut it down.
  7. Congratulations! You now have DirectX installed on your VirtualBox virtual machine! Now you need to activate the "3D Acceleration", that enables it.
  8. In the VirtualBox main window, make sure you have your machine with Windows selected. Then, click on "Machine", and then "Settings...", at the top. A new window should pop up. On the left hand side, click on the display panel, and in the new settings section, tick Enable 3D Acceleration. Click "OK", to save the settings.
  9. Start your Windows virtual machine, install MapleStory just as you would on a normal windows computer, and run MapleStory.
  Notes: This way of running MapleStory is slower than by running it normally, on a normal windows computer. Also, try to not interact with your Linux desktop while playing MapleStory, because this can cause HackShield to shut down MapleStory, due to the fact that it believes there is a hacking attempt.
  If any of you port this guide to any other place on the web, please, credit me, neovaysburd5.
  For any further questions or inquiries, this goes to all of you, please contact me at [email protected].
  Last edited by neovaysburd5 (2009-08-19 16:51:31)

  Alright, I've posted it in the wiki. I don't know if it meets the Arch Linux wiki standards, so if there is absolutely anything wrong with it, please fix it right away. Don't even ask my permission.
  http://wiki.archlinux.org/index.php/MapleStory