New BattlEye features for server admins

[Dwarden]

@kylania... which i didn't denied ... i simply stated facts ...

i will not go into things like why games can't be secure enough
because if they were, you would not find computer capable to run that game
(ever seen cpu/ram overhead on secured memory allocator for example?)

some things aren't possible as you not making security software
(which btw. become obsolete within 30days after release)

so while trusted environment sounds magically simple ... it isn't

ofcourse we will try to make things better and safer ...

[$able]

I'm aware about that for a long time already
The question remains, why is it so easy to inject code ?

Your demand for a trusted environment didn't exactly sound like you were aware of that.

Any code running on a computer can be modified, that's a basic rule. BE can detect certain methods, but there are limits and so there will always be others that are undetected. There simply won't ever be a way to completely prevent the injection of script code. Given that, it at least seems like a good idea to directly detect the scripts being executed.

[GregRUS]

Nice feature.. but all this I saw in network traffic dump... now its just more comfortable..
The only way I 100% catch the hackers on my little server is own DLL that required to join server and acting like a PBSS - just sending screenshots to server ftp...
BTW.. battleye even doesn't detect this inject... and adding this feature to BE will be awesome protection!

[$able]

Nice feature.. but all this I saw in network traffic dump... now its just more comfortable..
The only way I 100% catch the hackers on my little server is own DLL that required to join server and acting like a PBSS - just sending screenshots to server ftp...
BTW.. battleye even doesn't detect this inject... and adding this feature to BE will be awesome protection!

Wrong, you don't see everything in the network traffic. Mainly you only see script code that is to be executed remotely and public variable values in it (as strings).

And yes, BE is currently detecting all public hacks. As I said though, there are many different ways to inject script code into the game, so it's impossible to detect all those phantom private hacks out there.

[Tonic-_-]

I have noticed that this is strictly only to script based code, it's really a shame because it would be nice if this could work on Dialogs as well. If the attacker is using scripts to 'fill' their dialog options it works fine but if not then it's really a cat and mouse game.

[Dwarden]

@TOnic-_- feel free to propose what all and exactly You would want covered

[$able]

I have noticed that this is strictly only to script based code, it's really a shame because it would be nice if this could work on Dialogs as well. If the attacker is using scripts to 'fill' their dialog options it works fine but if not then it's really a cat and mouse game.

It should work on anything that is executed and as dialogs provide a way to execute scripts, you can still detect those. Remember that dialogs are not the actual hacks themselves, but the script code behind them. Or are you saying scripts that are executed via dialogs are not picked up?

[MiBF]

scripts.txt doesn't work without arma server restart.
If I add some new option to scripts.txt, should I restart the server too?

[nuxil]

I have noticed that this is strictly only to script based code, it's really a shame because it would be nice if this could work on Dialogs as well. If the attacker is using scripts to 'fill' their dialog options it works fine but if not then it's really a cat and mouse game.

It works on dialogs too, there are no reason it should not.

during my earlyer development of Bec i tested out some of thise stuff thats already included into BE.
here you can see i do execute and broadcast a script from a dialog. Pic

if your talking about locality. im not sure how BE does that or if its even possible to check for script execute there.. as i not tested this myself.
but then again. thats not a real issue compared to someone broadcasting and executing scripts on other clients that does example Disableuserinput. which is far more seriouse in my opinion

[ballou]

Many thanks for the additions

reading through the posts, you really need to make things a bit clearer, as players will just rent servers not knowing a great lot regarding admin features or generally how to do anything

so i hope i have this correct

in your folder where you have BE Server.dll (generally called Battleye folder )

Make a new txt file called scripts.txt

In that folder your suggesting it could be populated with

1 createVehicle
1 setVehicleInit
3 serverCommand
4 godmode
3 Bo_Mk82
3 #shutdown
7 disableUserInput true

Now reading in the posts some have different views on what should be here for various gametypes domi,warfare etc

it would help from the more experienced admins if they could give some better examples on what should be in the sripts.txt file, as someone has already highlighted people will use the first post and take it as what it should be

The following types exist:
1 - Log detections to "scripts.log"
2 - Log detections to server console
4 - Kick for detections ("Script Restriction #X")

the scripts log will this be generated when a detection occurs ? or do you have to generate the file yourself ? where is it located ?

This is a fantastic addition to arma and i hope it continues, but as i have said above things need to made a bit clearer for admins that have very little understanding, remember we were all there was upon a time