HOME 
[FRL]MykeOriginally Posted by Imago
Maybe re-read the Forum rules.§9) Do not cross-post
Do not post duplicate threads in more than one forum simply to get an answer quicker or to draw more attention to your post.
![[FRL]Myke's Avatar](image.php?s=1a645580831cc3761bbb187d8e4c9774&u=35089&dateline=1323003736 "[FRL]Myke's Avatar")
Maybe re-read the Forum rules.§9) Do not cross-post
Do not post duplicate threads in more than one forum simply to get an answer quicker or to draw more attention to your post.
This should be much better than using network traffic sniffing: http://forums.bistudio.com/showthrea...gging-Blocking.
thanks myke
and yes $able this is looking much better, thank you as well.
the trifecta is almost complete.
I hope you guys are successful in detecting and stopping those hackers and that it will result in a global ban for them. The public vanilla servers are a nightmare now. Those hackers are even advertising on the tube and making money of the hacks.
Yes, I too am fed up of having my games ruined. I work full time and have 3 kids, I get very little spare time, and if I am playing a game and Im 1 hour in and a hacker ruins it, its upsetting.
I hope more time and energy is budgeted on this issue.
Ahmed.
well, its simple: no encryption and signing of netflow - make cheaters/tampering-related issues nearly guarantee. saw this in all baseline-engines-games, in past, resolved saweways by different developers teams.
Well, too bad then because the hackers have cracked the encryption(took them a day or two) and can already do what they did before...
The best solution (for me and alot of other admins) would be to be able to log all incoming(only incoming) packets(not a default option of course) in clear text serverside(the server decrypts them anyway right, just send the decrypted packet stream to a logfile)..
This creates quite large logfiles but should not be a problem if you setup log rotation which I have. I rotate the logs every 6 hours and they gzip in the background. 24 hours of zipped logs amount to approx 1.8-2gb.
To go with the logs I wrote a PHP web script that our admins can use to catch hackers with. It can be set to scan the log from 5, 10, 20 or 30 minutes back (scanning the entire log could otherwise take a very long time and resources, just 30 minutes can be between 3-3.5 million lines of text with 50 players on the server).
Unfortunately the way the script works right now, it requires a few linux commands(grep, tail, tac), but there are equivalent programs for windows. I resorted to using the shell programs because php is not that good at processing files, especially large ones. In either case there are many other ways to do just that particular part of the script(just one line of code) to get it working in windows too.
I was just finished with fine-polishing the script and was getting ready to release it to the public when the packet encoding update came along. :/
EDIT: I found a package of unix commands ported to windows here: http://sourceforge.net/projects/unxutils so if this becomes an option again in the future I will easily be able to provide a working version for Windows.
Last edited by PreedSwe; Aug 23 2012 at 10:35.
Preed - Urban Life Community owner
you can't "crack the encryption" such way/scale/speed. otherwise you will be fired by Feds, very hungry for such caps/tech, presently and for good reason. unless you use bogus, "weakened on purpose", hand-made/home-made crap, of course.
and no, there are "signing" part of it, GUARANTEEING integrity/authenticity of unaltered traffic.
The "encryption" is actually a relatively simple packet encoding (though from what I gather, different for every client).
I dont mean to CRACK the encryption, but the game has to decrypt it to be able to use the data itself.. So it's in the memory somewhere, I just havent learned how to access it yet, like I said Im a noob at debugging
I have, however, managed to access the incoming unencrypted data stream inside the server process, so its a start..
I am fairly certain that it is not illegal in any way to decrypt/read data that comes in to MY OWN server.. Especially since I have no malicious intent..
Last edited by PreedSwe; Aug 24 2012 at 23:27.
Posting Permissions
