No, Operators/Moderators can't see your private chat. Private chat ("whispers" or "ESP's" as they are known) can only be seen by the two people involved. Although it has been reported that there are scripts that can be used to secretly eavesdrop on private chat, this is simply not possible.

All Palace Servers have a "chat logging" option that will log all chat, both private and public. However, if this feature is turned on, you will clearly be notified that this feature is enabled by a message when you first log onto that Palace Site. If you don't see that message, your chat is not being logged.

This threat has been around almost as long as The Palace and it's completely unfounded. There is no possible way to send someone a virus via anything within The Palace, no matter what someone threatening you may claim.

Have you accepted any email attachments, or files via some other program, like ICQ? It is possible to infect someone else's computer via these other methods, but not within The Palace. It is likely you had the virus before the person threatened you.

You should be aware that a lot of your personal information is already on the Internet. Web sites such as those that provide a National phonebooks are readily accessible by anyone. It's important to remember that there is no way for someone to get your personal information through The Palace, no matter what they claim.

Technically, the term "hacking" means to modify a piece of software, in order to make it do something it normally can't. Over the years, however, this term has been wrongly used to describe a multitude of things, including using certain "tools" to attack Palace Sites.

There are several, well known programs out there, such as BackOriface and Netbus. What these programs do is to allow someone to "record" your keystrokes to a file, then send that file back to the person in question. But in order for this to work, they must first send you a file that will then reside on your computer and perform some hidden function. These type files are called "Trojan Horses", after the famous wooden horse that hid the Greek Army.

A good virus checker and personal firewall, like ZoneAlarm (www.zonearlam.com) will go a long way in keep them out and youre info in.

These unscrupulous people change the name of the file they send you, to something that sounds like a useful program, such as "avsnatcher" or some other "interesting" name. Once you've run that file, your computer is infected and anything you type is sent back to the person who sent you that file. Obviously, they can get your passwords this way.

The first rule should always be - "Never accept a file from someone you don't know". And, if you receive an email attachment from someone you don't know, don't open it.

There are all sorts of excellent virus scanners available and almost every one of them will detect these Trojan Horse files. Once you've installed one of these scanners, it will search for any type of "infection" on your computer and remove it. It will also keep an eye out for future attempts to infect it. One place to find these virus scanner programs is www.download.com or your local Computer store.

The most common way is through the use of a Trojan Horse, but there are some other ways as well. A favorite trick of those who claim they can "hack" your Palace Site is to simply exploit a known security hole in the older Windows Personal Palace Server. These older versions allow someone to download files from your computer that they normally wouldn't be able to.

Assuming that you don't have a Trojan Horse on your computer, the chances are good that someone either gave them the password (like someone you told it to) or someone accidentally spoke the password out loud, and it was overheard by someone else in the room. The fix is simple, just change the password and only share it with people you trust.

We're constantly on the lookout for news about someone who has actually hacked their way into someone's Palace Site. But, in almost four years of the existence of The Palace, there has never been a single incident of someone actually doing this, regardless of their claims. They use one of the methods we've described above.

Pounding refers to a method of attacking a Palace Server by using a program that sends bad data to your server. Although this is generally harmless, it does create connection problems for your users and can, sometimes, cause your Palace Server to "crash"

That depends on the platform on which you run your Server and what version of the Personal Server you are using. A basic rule of thumb is that any UNIX Personal Server, version 4.1 or later, is impervious to pounding and you have nothing to fear from a pounding attack. If you run a version earlier than 4.1 however, your Palace IS vulnerable and we strongly recommend an upgrade. The Windows Personal Server is also vulnerable.

That depends on the platform on which you run your Server and what version of
the Personal Server you are using. A basic rule of thumb is that any UNIX Personal
Server, version 4.1 or later, is impervious to pounding and you have nothing
to fear from a pounding attack. If you run a version earlier than 4.1 however,
your Palace IS vulnerable and we strongly recommend an upgrade. The Windows
95 Personal Server is also vulnerable.

I suspect my Palace Server has been pounded. How can I tell?

If you run one of the versions that are vulnerable to pounding, all the information
you need to identify pounding, as well as the person doing it, is available
in your server logs.

There are several clues as to whether your server has been pounded. The first
clue is many, connection attempts, in sequence. A typical log will show many
lines like the following:

02/24/1999 15:05:42 {PHHIABFFH} {PHHIABFFH} UsrID 209.30.86.134 00000028H

02/24/1999 15:05:42 {PHHIABFFH} {PHHIABFFH} UsrID 209.30.86.134 00000029H

02/24/1999 15:05:42 {PHHIABFFH} {PHHIABFFH} UsrID 209.30.86.134 0000002aH

02/24/1999 15:05:43 {PHHIABFFH} {PHHIABFFH} UsrID 209.30.86.134 0000002bH

02/24/1999 15:05:43 {PHHIABFFH} {PHHIABFFH} UsrID 209.30.86.134 0000002cH

02/24/1999 15:05:43 {PHHIABFFH} {PHHIABFFH} UsrID 209.30.86.134 0000002dH

02/24/1999 15:05:43 {PHHIABFFH} {PHHIABFFH} UsrID 209.30.86.134 0000002eH

02/24/1999 15:05:43 {PHHIABFFH} {PHHIABFFH} UsrID 209.30.86.134 0000002fH

You will notice several things about these log entries: first, what appears
to be valid login information really isn't. "PHHIABFFH" is simply
what the server reports when it can't resolve a legitimate login. In the case
of pounding, it's really not a Palace Client being used, so there is no real
data.

Secondly, it is important to note that simply because you may have several
entries similar to the ones above, it does NOT necessarily mean you have been
pounded. What provides the positive proof of pounding is that you will notice
the exact same IP address is trying to connect several times a second. But this
is only half the proof you need.

You should also see a corresponding set of more log entries, similar to below:

15:05:42 - Guest 49 terminated - [0 seconds elapsed] (209.30.86.134 ) [40 Users]{PHHIABFFH}

15:05:42 - Guest 50 terminated - [0 seconds elapsed] (209.30.86.134 ) [40 Users]{PHHIABFFH}

15:05:43 - Guest 51 terminated - [0 seconds elapsed] (209.30.86.134 ) [40 Users]{PHHIABFFH}

15:05:43 - Guest 52 terminated - [0 seconds elapsed] (209.30.86.134 ) [40 Users]{PHHIABFFH}

15:05:43 - Guest 53 terminated - [1 seconds elapsed] (209.30.86.134 ) [40 Users]{PHHIABFFH}

15:05:44 - Guest 54 terminated - [0 seconds elapsed] (209.30.86.134 ) [40 Users]{PHHIABFFH}

15:05:45 - Guest 55 terminated - [0 seconds elapsed] (209.30.86.134 ) [40 Users]{PHHIABFFH}

15:05:45 - Guest 56 terminated - [0 seconds elapsed] (209.30.86.134 ) [40 Users]{PHHIABFFH}

These entries show that, around the same time, Guests with sequential numbers,
and the exact same IP as the other entries, are being terminated. This information,
along with the other set of log entries, provides proof positive that your Palace
Server has been pounded.

My logs show proof that my Server has been pounded. What can I do to stop it?

The first thing you can do is to use the `banip command to prevent this sort
of attack from "loading up" your Palace Server. In the above example,
you should issue a:

`banip 209.30.86.*

command. Notice the use of an asterisk (*) at the end, instead of "134".
This is called a wildcard, and will ensure that this person will stay out (only
if the person is using a non-registered client), even if they hang up and redial
into their Internet Service Provider (ISP).

If you are having repeated problems from this IP address, you should contact the ISP involved and file a formal complaint. Be sure to include your logs, showing dates, times and IP at the time of the attack.

If you use your Web browser and go to <SPAN class=Code>www.arin.net/whois/arinwhois.html, you will find a form, where you can enter the IP in question in order to find out who the ISP is. In the example above, the IP is 209.30.86.134, so we would enter just the first 3 groups of digits (209.30.86). In this case, we get the information

<SPAN class=Code>FlashNet Communications (NETBLK-FLASHNET-1)
2805 West 7th Street
Fort Worth, TX 76107
US
Netname: FLASHNET-1
Netblock: 209.30.0.0 - 209.30.255.255
Maintainer: FLSH
Coordinator:
FlashNet Network Operations (FN-ORG-ARIN) noc@FLASH.NET
(817) 589-2390

The above information is all the contact information you need.

This is someone who is using an illegally modified Palace program. Don't worry, however, as they do not have access to Operator mode, even if they claim they do.

All they can do is clone (steal) avatars from other users and look at scripts you may have in a room (although they cannot change them). They may even be able to temporarily turn on scripts in that room, but this change is not permanent.

It is important to remember that, regardless of their claims, they cannot pin, propgag, kill or list other users. Please note if you keep authoring off, or lock youre rooms, you can minimize them looking at your scripts.

There are several programs available on the Internet that allow anyone to find out someone's IP address. Some other third party programs, such as ICQ, allow for this as well. In other words, just because someone has your IP address, doesn't mean they got it through The Palace. As a matter of fact, there is no way they can get your address via The Palace, unless they are a valid Operator.

This user also said that he is a hacker and he will have full access to Operator Mode very soon.
This is a common boast and it is not possible. Palace security is such that the server checks for valid Operator status before executing any Operator command. So, there is absolutely nothing that can be done to the User Software that will give someone Owner or Operator access without knowing the passwords. It's that simple.