Helmut Honigdachs Posted December 25, 2007 Share Posted December 25, 2007 The last few weeks we had serious problems with mostly cheating nazis on our server, and somehow I feel left in the lurch by PB. As far as I can see, there are only two things in ET Punkbuster that are still reliable: IP range bans work, and PB GUIDs are not arbitrarily fakable, cheaters can only get random new GUIDs. Apart from this, everything else is not really effective anymore: * vote kicks / kicks: when our regulars try to votekick the cheaters, they can rejoin immediately, although neither their IP nor their GUID changes: 16:45.45 Userinfo: \cg_etVersion\ET Pro, ET 2.60\cg_uinfo\0 0 0 0\g_password\none\cl_guid\73AAA1CC3BBACEE7F168793C231F1F12\rate\25000\snaps\20\cl_wwwDownload\0\name\[88]Bimbo verrecke!!!\cl_anonymous\0\cl_punkbuster\1\ip\84.160.123.88:4562 [...] 16:47.29 Vote Passed: KICK [88]Bimbo verrecke!!! 16:47.29 ClientDisconnect: 15 16:47.33 ClientConnect: 13 16:47.33 Userinfo: \cg_etVersion\ET Pro, ET 2.60\cg_uinfo\101 0 100 1\g_password\none\cl_guid\73AAA1CC3BBACEE7F168793C231F1F12\rate\25000\snaps\20\cl_wwwDownload\0\name\[88]Bimbo verrecke!!!\cl_anonymous\0\cl_punkbuster\1\protocol\84\qport\57090\challenge\-1907097835\ip\84.160.123.88:4613 When I joined the server and had someone votekick me it worked - I had to wait several minutes before I could join again, so there's no configuration mistake. * bans: most cheating kiddies can be scared away with bans, but especially the quoted cheater from above from the IP range 84.160.*.* is not impressed at all - new GUID and that's that. We soon started to use IP bans (without saving them in the config), but he came back whenever the server was restarted. Now I've put the range into the config, that keeps at least this guy away. A fast grep through our shrubbot.cfg shows that there are about 50 bans within that IP range... We're lucky that there seems to be only the cheater from this range, there are no other regulars within there. Today I wanted to ban a regular who greeted the nazis with "HEIL HITLER" yesterday (noticed that in the log; we're collecting IPs and nazi says because we're thinking about reporting this to the police). Of course he was back within 5 seconds, explaining he only wanted to "pose" as a nazi so they wouldn't kick him. I banned him again, and after 5 seconds he was back in the game. IP ban's not possible because there are several players from his range, so there's nothing I can do. I somehow have the urgent need to bang my head repeatedly against a wall. * minguidage: I understand that ET is rather problematic because there are no CD keys, and banned cheaters can easily get new keys from the master server. I don't understand though why EB is completely unable to make minguidage work again - it once worked and the mechanism is both uncrackable (because it works completely server-sided) and extremely simple to implement. Just have a database on the master server that records the date when each CD key was issued, and there is your GUID age - servers could request that info and thereby kick cheaters who deleted their etkey. Combined with a mechanism that allows only one key per IP per day to stop cheaters from getting hundreds of keys at once, this would be wonderfully annoying for cheaters. * hardware GUIDs: I dunno. Did they ever work? If yes, why can't we use them to ban players from our server? Next to PB, there is etpro IAC. Let's see how it performs... hh2 logs # zgrep "kicked for cheating" * etserver.log.1.gz:17:53.24 etpro: A.W.E.S.O.M.-O. 3000^7 has been kicked for cheating That's a folder containing 139 log files, each for one day, dating back into august 2007. In an old backup, we have another pile of 97 log files, dating from 04/2007 to 07/2007... no hits. In an even older log, ending in 04/2007 and being 560 MB big (we weren't using logrotation back then, so I don't know when that log started; if I assume an average 5MB per day, that would be about 112 days): HH1 alt # grep "kicked for cheating" etserver.log.5 16:09.10 etpro: ^0Jasi^7oO^2r^7 has been kicked for cheating 15:44.57 etpro: ^2Fu++^7!^2nator^7 has been kicked for cheating 14:21.45 etpro: F^0!^7 has been kicked for cheating 00:34.20 etpro: ^O(^1.^o)(^1.^o)^1<-^omam rAka^1.^7 has been kicked for cheating So essentially, etpro IAC is as abandoned as PB - it once worked, but isn't worth a penny today. Wonderful. Oh, and etpro GUIDs. I guess there's no need to tell anyone that they're crap... cheaters were actually using them against us - they faked our own etpro GUIDs and made us ban both their worthless faked PB guid, and our own etpro GUIDs. My clanmates panicked because they thought cheaters were able to actively ban them, until we figured out what was happening and fixed the etadmin_mod to ignore etpro guids completely. So, to sum it up, we as game administrators are rather fucked up. Why are we still fighting this fight, when all the responsible companies are showing the white feather? Quote Link to comment Share on other sites More sharing options...
RoadWarrior Posted December 25, 2007 Share Posted December 25, 2007 Part of the price you pay for playing a free game. Active Admin can do some damage against hackers by streaming, and by uploading pbss and demo's here along with the appropriate log information from your pb folder, and this does make it much harder for the hackers to play their game. Grabbing a new GUID in ET has always been a problem as it's a free game, and the GUID is generated from the master server, as you've stated. That's something you've got to be willing to deal with, though. Being patched to 2.60b will help to some degree, the larger number of hackers reside in the 2.55 version of the game that is plumb-full of security holes and other exploitable bugs within. Quote Link to comment Share on other sites More sharing options...
Chris64 Posted December 26, 2007 Share Posted December 26, 2007 The last few weeks we had serious problems with mostly cheating nazis on our server, and somehow I feel left in the lurch by PB. As far as I can see, there are only two things in ET Punkbuster that are still reliable: IP range bans work, and PB GUIDs are not arbitrarily fakable, cheaters can only get random new GUIDs. Apart from this, everything else is not really effective anymore: * vote kicks / kicks: when our regulars try to votekick the cheaters, they can rejoin immediately, although neither their IP nor their GUID changes: When I joined the server and had someone votekick me it worked - I had to wait several minutes before I could join again, so there's no configuration mistake. I am not sure how that works in etpro, but other mods set a default amount of time to temp ban a person after a kick. This is usually user-configurable. If you don't have that option in etpro, etadmin_mod provides this feature - [link=http://kmod.quakewarsterritory.com/index.php]kMod[/link] might also; it's an add-on for etpro. * bans: most cheating kiddies can be scared away with bans, but especially the quoted cheater from above from the IP range 84.160.*.* is not impressed at all - new GUID and that's that. We soon started to use IP bans (without saving them in the config), but he came back whenever the server was restarted. What config is this? Again I am not that familiar with etpro's behavior - are you saying it autoclears that list each restart? If so, try putting the IP/GUID bans in your pbbans.dat file. Now I've put the range into the config, that keeps at least this guy away. A fast grep through our shrubbot.cfg shows that there are about 50 bans within that IP range... We're lucky that there seems to be only the cheater from this range, there are no other regulars within there. Today I wanted to ban a regular who greeted the nazis with "HEIL HITLER" yesterday (noticed that in the log; we're collecting IPs and nazi says because we're thinking about reporting this to the police). Of course he was back within 5 seconds, explaining he only wanted to "pose" as a nazi so they wouldn't kick him. I banned him again, and after 5 seconds he was back in the game. IP ban's not possible because there are several players from his range, so there's nothing I can do. I somehow have the urgent need to bang my head repeatedly against a wall. Mute him & abuse him as much as possible. Eventually it is likely he may get bored and leave. Yes, this is not really a solution, per-se, but it does tend to work. If your other players are regulars & you know them well, perhaps you can range ban for a week or so & let them know what is going on before hand & hope they'll understand. * minguidage: I understand that ET is rather problematic because there are no CD keys, and banned cheaters can easily get new keys from the master server. I don't understand though why EB is completely unable to make minguidage work again - it once worked and the mechanism is both uncrackable (because it works completely server-sided) and extremely simple to implement. Just have a database on the master server that records the date when each CD key was issued, and there is your GUID age - servers could request that info and thereby kick cheaters who deleted their etkey. Combined with a mechanism that allows only one key per IP per day to stop cheaters from getting hundreds of keys at once, this would be wonderfully annoying for cheaters. minguidage as I understand it was a test implementation from the get go. etadmin_mod did have this feature but from what I've heard, it is buggy & guidages are not always reported. Dedicated asshats also tend to age their guids & keep a nice stash ready to get around features such as these - so it's not as helpful as it seems at face value. * hardware GUIDs: I dunno. Did they ever work? If yes, why can't we use them to ban players from our server? Whether they were ever of any use, I do not know. I do know, however, that they are essentially useless now. The etpro team (bani himself iirc) has stated that "etpro guids are buggy & should not be used". They are easily spoofable and it is also possible for multiple machines to get the same GUID - most famously - any Win98 install on any machine gets the same guid - & while banning all win9x users may not be a big loss percentage wise, you get the idea of the reliability of etpro guids. These are the only GUIDs for ET that are hardware-based that I know of, unless you are referring to information used for PB Global Hardware bans, which is not available to end-users & is only done on their end. Jaymod has added the function of MAC address banning since one of the 1.5 (what became 2.0) betas & this, though also spoofable, adds another layer of complication to cheaters' efforts to come back, increasing the odds you may bore them into leaving (and also probably foiling a percentage of cheaters who simply do not know how to bypass them) Next to PB, there is etpro IAC. Let's see how it performs... That's a folder containing 139 log files, each for one day, dating back into august 2007. In an old backup, we have another pile of 97 log files, dating from 04/2007 to 07/2007... no hits. In an even older log, ending in 04/2007 and being 560 MB big (we weren't using logrotation back then, so I don't know when that log started; if I assume an average 5MB per day, that would be about 112 days): So essentially, etpro IAC is as abandoned as PB - it once worked, but isn't worth a penny today. Wonderful. From what I've heard the entire etpro project is abandoned. With regards to PB - what do you mean? Minguidage aside, PB is updated quite frequently for ET and it should be noted as EvenBalance have stated before, you do not always need a new 'full-blown' PB update to detect cheats - alot of that is done on their end with little to no notification (as it should be). PB Server v2.0 has just been rolled out for quite a few games & et is one of them. Oh, and etpro GUIDs. I guess there's no need to tell anyone that they're crap... cheaters were actually using them against us - they faked our own etpro GUIDs and made us ban both their worthless faked PB guid, and our own etpro GUIDs. My clanmates panicked because they thought cheaters were able to actively ban them, until we figured out what was happening and fixed the etadmin_mod to ignore etpro guids completely. apparantly i wasted my time typing the etpro guid speech above ;P So, to sum it up, we as game administrators are rather fucked up. Why are we still fighting this fight, when all the responsible companies are showing the white feather? imo, EvenBalance has not shown the 'white feather'. I hate to think about what the ET scene would be like without PB. It's simply harder to manage these things in a free game then in a for-pay one w/ cd key & that, essentially, is the price you 'pay'. ET is a great game, and we put the effort into it because we want to see it prosper & be a fun environment - you are not alone, either in your efforts or frustrations - don't give up :). Quote Link to comment Share on other sites More sharing options...
mcsteve Posted January 8, 2008 Share Posted January 8, 2008 (edited) Please forgive the lengthy post; I've put down a lot of info just in case it might help others still running public ETPro servers. This thread is a couple of weeks old now, but I sympathised so much I felt like posting. Nothing much has changed since I was actively adminning an ET server about a year ago. I thought I'd share some info as to how I made it as difficult as possible for cheaters to bother my community and regulars on our ET server. Nothing beats having an actively adminned server, and I suppose I was quite lucky that I had so many refs who were all willing to take time out from their games to deal with cheaters. However, since we ran an ETPro server I was able to automate some useful processes and add a bit of functionality using Lua scripting. I've tried to summarise here some of the most useful features of the scripts I used. 1) Automated guid checking All connecting players had their etpro and cl_guid (=cloned pbguid unless spoofed) submitted to basic tests (etpro guid should be 40 hex chars, cl_guid(pbguid) 32 hex chars). If they failed these basic tests they were immediately kicked with one of a few automated messages. The messages never mentioned anything about the guid, they were silly messages to try to convince the cheater he had some other problem e.g. "The instruction at 0x00000000 referenced memory at 0x00000000. The memory could not be read." This script might be a little less effective now since a number of such scripts have been published and the cheaters are a bit more wise to it. 2) **New Guid To Server checking** This was perhaps the most effective measure despite its simplicity. ETPro guids are unreliable, and pbguids for ET are but a console command away, plus the minguidage functionality has long been broken. I created a script that collected and stored a list of pbguids of all players that connected to the server. If a player connected and his pbguid was already on the list, he could join a team and play immediately. If not, his guid was added to the list but the player was forced to sit in spectator mode for a time before he could join a team (I used 2 minutes). What this amounts to is essentially a kick-time that cannot be bypassed. A kicked player (who generates a new guid to get around the kick) can connect again but is disallowed from joining a team. Relatively few would see out their time and most would mooch off pretty quick (probably to try another server). The downside is that it applies to every player that connects, so there was a bit of whining occasionally from players new to the server. It doesnt sound like much, but I found this script to be quite powerful, making the pbguid for ET a useful admin tool again. 3) Auto-kicking of aimbots I didnt publicise this one much, I thought it was better kept a bit hushhush. One of my scripts monitored players and collected statistical data of their shooting. After a good bit of number-crunching, I defined a threshold that was pretty much impossible for a human player to achieve (short of shooting at a number of stationary targets). The script was then set to automatically kick players who exceeded this threshold. Although not perfect (the script does NOT detect cheat programs, it simply measures end-effects), any cheaters who tried to come on with their aimbots turned up to the max would be kicked quite quickly. This script was intended as a minimum level of protection for when no referees/admins were around. However, it would frequently kick aimbotters before any admin actually online even had a chance to react. 4) Additional ref commands After a while, I pretty much stopped trying to ban cheaters and instead would play around with them using some additional commands from another Lua script. The best of these was undoubtedly the !disarm command, which allowed me to set all of a client's ammo to zero (constantly refreshed, so respawning or picking more up doesnt help). It was particularly satisfying to see so many aimbotters made impotent, and was a great source of laughs for the admins and indeed my regulars who knew what was happening when they saw that command being used. Some would reconnect and try again, but the command was much more successful at keeping cheaters away than any number of kick/ban attempts. My server was ofc streaming to pbbans, which in itself gives a good level of protection against cheaters. However, despite the good protection, the banlists are much lower impact for ET due to the availability of new guids. The good news though is that the "New Guid To Server" script I wrote worked nicely with the pbban system since the cheater would have to create a new pbguid to attempt to reconnect, and hence be subjected to a wait-time. Its not much, but it was about the best I could manage. Its sad I know, but nothing is going to change with regards to the pbguid system for ET, and the PB hardware ban system is for PB only to implement. If any of the measures listed above are of interest to you then please feel free to get in touch and I can give access to any of my scripts not published on the wolfwiki. Edited January 8, 2008 by mcsteve Quote Link to comment Share on other sites More sharing options...
foxdie Posted January 8, 2008 Share Posted January 8, 2008 I had one idea. Run a separate site which would handle etkey registration that would communicate with Hub. It could provide etkeys in following ways: 1. One key per account 2. Make a third party program which would tie etkey to hw guid. 3. Selling etkeys 4. Bind etkey with registered username(http://evenbalance.com/index.php?page=registry.php) Hub could query this site and kick players with unknown guids. It would be also possible to check guid age. The 1st possibility is the easiest but the least effective The 2nd one is in theory the best one but it would require third party program that would communicate with the registry. Sooner or later it would be cracked and bypassed. The 3rd one is good but not sure if would be legal. The 4th one is the best for practical implementation. It would make et non-free game and thus reduce cheating. And all money would be for PB. Quote Link to comment Share on other sites More sharing options...
Helmut Honigdachs Posted January 9, 2008 Author Share Posted January 9, 2008 I am not sure how that works in etpro, but other mods set a default amount of time to temp ban a person after a kick. This is usually user-configurable. If you don't have that option in etpro, etadmin_mod provides this feature - kMod might also; it's an add-on for etpro. As I said, usually this works in ETPro, too. The cheaters just seem to have found a way around that. kmod and etadmin_mod won't help much, because they have to rely on the GUID. What config is this? Again I am not that familiar with etpro's behavior - are you saying it autoclears that list each restart? If so, try putting the IP/GUID bans in your pbbans.dat file. Bans of course get stored permanently, but due to the availability of new GUIDs they're not of much help anymore. IP bans are not permanent as long as we used the etadmin_mod command "!banip 80.160", and I finally put it in the server.cfg then. That's what I wanted to say :) Mute him & abuse him as much as possible. Eventually it is likely he may get bored and leave. Yes, this is not really a solution, per-se, but it does tend to work. If your other players are regulars & you know them well, perhaps you can range ban for a week or so & let them know what is going on before hand & hope they'll understand. Well, !disarm from mcsteve sounds like a funny idea ;) minguidage as I understand it was a test implementation from the get go. etadmin_mod did have this feature but from what I've heard, it is buggy & guidages are not always reported. Dedicated asshats also tend to age their guids & keep a nice stash ready to get around features such as these - so it's not as helpful as it seems at face value. Yes, it was, but I can't understand why they actually abandoned it. The idea seems just so simple and error-free... detecting new hacks may be complicated and hard work, but storing GUID creation dates is not. It just doesn't make any sense. etadmin_mod relied on this PB feature, so without the PB support, etadmin_mod won't do anything. Dedicated asshats also tend to age their guids & keep a nice stash ready to get around features such as these - so it's not as helpful as it seems at face value. I already wrote about that in my original post ;) Combine it with an only-one-GUID-per-IP-per-day mechanism, and maybe a CAPTCHA, that will make GUID stashing hard work. [...] The etpro team (bani himself iirc) has stated that "etpro guids are buggy & should not be used". [...] These are the only GUIDs for ET that are hardware-based that I know of, unless you are referring to information used for PB Global Hardware bans, which is not available to end-users & is only done on their end. Yeah, I was thinking about the real PB hardware GUIDs. I know that global hardware GUID banning is only for EB, but local hardware GUID banning should be possible too, IMO. Jaymod has added the function of MAC address banning since one of the 1.5 (what became 2.0) betas & this, though also spoofable, adds another layer of complication to cheaters' efforts to come back, increasing the odds you may bore them into leaving (and also probably foiling a percentage of cheaters who simply do not know how to bypass them) It would definitely increase the odds, but it has to be done on the client side, via mod code. We would have to wait for bani to put it in ETPro... From what I've heard the entire etpro project is abandoned. With regards to PB - what do you mean? Minguidage aside, PB is updated quite frequently for ET and it should be noted as EvenBalance have stated before, you do not always need a new 'full-blown' PB update to detect cheats - alot of that is done on their end with little to no notification (as it should be). PB Server v2.0 has just been rolled out for quite a few games & et is one of them. imo, EvenBalance has not shown the 'white feather'. I hate to think about what the ET scene would be like without PB. It's simply harder to manage these things in a free game then in a for-pay one w/ cd key & that, essentially, is the price you 'pay'. Yeah, you're right, it is being updated. I just have the feeling sometimes that it's not enough; the cheaters are making the game unplayable, and EB seems to be too slow to stop them. OTOH, there are many VIOLATION (MULTIHACK) #70476 bans in my ban list here, so it detects the hack. If there would be just a sensible GUID mechanism now, there would be no problem. Quote Link to comment Share on other sites More sharing options...
Helmut Honigdachs Posted January 10, 2008 Author Share Posted January 10, 2008 (edited) 1) Automated guid checking I see that this is integrated in your gwrev script, though it only warns, it doesn't kick if I get that right. I have no idea about lua, could you update that script so automatic kicking is configurable? :) 2) **New Guid To Server checking** [...] I created a script that collected and stored a list of pbguids of all players that connected to the server. If a player connected and his pbguid was already on the list, he could join a team and play immediately. If not, his guid was added to the list but the player was forced to sit in spectator mode for a time before he could join a team (I used 2 minutes). Cool! It's like kicking reversed - instead of forcing a known bad GUID to wait, we force all unknown GUIDs to wait, only excluding known good GUIDs. Due to the fact that there are unlimited GUIDs available, and cheaters can easily get new ones and thereby circumventing the wait time, this is absolutely the way to go in ET and maybe simlilar free games. I see that this feature is integrated in the gwrev script too, but as far as I can see, it lacks the feature to store good GUIDs in a file, thereby forcing players to wait everytime even though they may have waited before. Could you add that to the script too? I'd then activate the wait feature and set the time to 5 minutes :) Until then I'll leave it disabled, my admins will have to be content with !gwdisarm and !gwown :) The downside is that it applies to every player that connects, so there was a bit of whining occasionally from players new to the server. It doesnt sound like much, but I found this script to be quite powerful, making the pbguid for ET a useful admin tool again. Our regulars will understand that, they know that we are trying everything possible to keep their gameplay cheater free. 3) Auto-kicking of aimbots I didnt publicise this one much, I thought it was better kept a bit hushhush. One of my scripts monitored players and collected statistical data of their shooting. After a good bit of number-crunching, I defined a threshold that was pretty much impossible for a human player to achieve (short of shooting at a number of stationary targets). The script was then set to automatically kick players who exceeded this threshold. [...] Although I'm not that much into autokicking because of too high accuracy, I guess it may be worth a try as long as the treshold is high enough. It won't kick for high mortar/grenade/satchel/dynamite/mine/panzerfaust accuracies I guess? Please send me that script via PM. I could post them in the restricted SGA-only forum, too, if you want. 4) Additional ref commands After a while, I pretty much stopped trying to ban cheaters and instead would play around with them using some additional commands from another Lua script. The best of these was undoubtedly the !disarm command, which allowed me to set all of a client's ammo to zero (constantly refreshed, so respawning or picking more up doesnt help). [...] Oh yeah, I'm looking forward to test these :) My server was ofc streaming to pbbans, which in itself gives a good level of protection against cheaters. However, despite the good protection, the banlists are much lower impact for ET due to the availability of new guids. I think I have an idea there... we could make minguidage work again for servers that stream to the PBBans hub. Instead of using the real GUID creation time from the master server (that is not available to us), we just use the time when the PBBans hub saw the GUID for the first time. It could work like this: 1) Player joins a streaming server. 2) The hub notices the player by scanning the PB logs; it looks into it's database, determining whether it knows the player for at least X days. X could be configured by every streaming game admin in the configuration panel; the feature should be of course disabled for every server by default, so every admins has to enable it himself and also set X. I'd go for 7 days. 3) If the GUID is too new, the hub would use it's rcon rights to either kick the player or force him to stay spec. 4) If the GUID was still completely unknown, the time between join and kick should be long enough for the hub to store the player in it's database, so that the GUID can then age. All regulars would not be affected, because they're already known to the hub. foxdie, what do you think? Is this realizable? I'm not sure whether the PB logs contain all the neccessary information... Edited January 10, 2008 by Helmut Honigdachs Quote Link to comment Share on other sites More sharing options...
foxdie Posted January 10, 2008 Share Posted January 10, 2008 I think I have an idea there... we could make minguidage work again for servers that stream to the PBBans hub. Instead of using the real GUID creation time from the master server (that is not available to us), we just use the time when the PBBans hub saw the GUID for the first time. It could work like this: 1) Player joins a streaming server. 2) The hub notices the player by scanning the PB logs; it looks into it's database, determining whether it knows the player for at least X days. X could be configured by every streaming game admin in the configuration panel; the feature should be of course disabled for every server by default, so every admins has to enable it himself and also set X. I'd go for 7 days. 3) If the GUID is too new, the hub would use it's rcon rights to either kick the player or force him to stay spec. 4) If the GUID was still completely unknown, the time between join and kick should be long enough for the hub to store the player in it's database, so that the GUID can then age. All regulars would not be affected, because they're already known to the hub. foxdie, what do you think? Is this realizable? I'm not sure whether the PB logs contain all the neccessary information... Yes it is. But it would eat up too much resources. Quote Link to comment Share on other sites More sharing options...
Helmut Honigdachs Posted January 10, 2008 Author Share Posted January 10, 2008 Yes it is. But it would eat up too much resources. Bummer. And if we would make that a premium service, so it would cost admins a few euros if they activate it? Quote Link to comment Share on other sites More sharing options...
foxdie Posted January 10, 2008 Share Posted January 10, 2008 Bummer. And if we would make that a premium service, so it would cost admins a few euros if they activate it?We are non-profit organization. We can't earn any money. All possibilities are above. Quote Link to comment Share on other sites More sharing options...
mcsteve Posted January 10, 2008 Share Posted January 10, 2008 @ Helmut Most of the scripts I used to provide the features I spoke about were not on the wolfwiki. I've had a bit of interest in them in response to this post, so this weekend I'll find some time to document them properly and stick them up on my webspace. The auto-kicking of aimbots script is very limited in its application, partly due to the way it works and partly because I made the threshold very high to virtually negate the occurence of false-positives. I was always hoping the next ETPro would be released and contain a fix for a broken function in the Lua api so that I could write a much more robust version. Unfortunately, it seems to be the case that ETPro development has long since been closed. Thanks to all who got in touch, I'll post again with a link soon. Quote Link to comment Share on other sites More sharing options...
mcsteve Posted January 14, 2008 Share Posted January 14, 2008 Ok, couple of scripts up on the webspace now. knownguidsv1.lua botdetectv3.lua There is a bit of an issue with the knownguids script, which I will fix now that the script is being published. Might take another couple of days since I'll have to set up a server on a spare PC for testing. Please note that if you run an ETPro server, I highly recommend using "combinedfixes.lua" by ReyalP, which prevents a variety of exploits (including an ETPro guid check). Quote Link to comment Share on other sites More sharing options...
Baz Posted January 14, 2008 Share Posted January 14, 2008 Thanks Steve :) Quote Link to comment Share on other sites More sharing options...
Helmut Honigdachs Posted January 21, 2008 Author Share Posted January 21, 2008 Thanks Steve :) I can only second that, these scripts are great! If I find the time, I'll add name to ID translation to gwrevv3.lua... Quote Link to comment Share on other sites More sharing options...
mcsteve Posted February 4, 2008 Share Posted February 4, 2008 (edited) Finally got around to updating the script. Now it will not add a new guid to the list until the client joins a team after the wait-time is up. knownguidsv2.lua edit: links changed, go here instead. Edited March 24, 2008 by mcsteve Quote Link to comment Share on other sites More sharing options...
Baz Posted February 4, 2008 Share Posted February 4, 2008 Thanks again Steve <_> Quote Link to comment Share on other sites More sharing options...
iGod Posted February 11, 2008 Share Posted February 11, 2008 Bumping an old thread, however the solution to all your problems is to run Jaymod 2.x.x series, MAC address bans work... for an hour. With regards to votekicks, everybody should know how to get around those by now, c'mon. Quote Link to comment Share on other sites More sharing options...
blindman Posted February 11, 2008 Share Posted February 11, 2008 Bumping an old thread, however the solution to all your problems is to run Jaymod 2.x.x series, MAC address bans work... for an hour. With regards to votekicks, everybody should know how to get around those by now, c'mon. Thats interesting, because I never got that to work on the firewall. Your thinking inside the box, one of the benefits of running a server from home is that you get to administer the firewall, if a ban within the framework of et doesnt stick, id bet one on the outside firewall would. Kinda works the same way as subnet banning, but with a little more control. Most dynamic ip i see latley are varied on the the last 2 strings likw 82.24.x.x, now if you know the range your hack connects from, you can instruct your firewall not to ban the entire subnet, but a particular range. just my 2 cents, I know that hosting companies dont do this. Quote Link to comment Share on other sites More sharing options...
iGod Posted February 11, 2008 Share Posted February 11, 2008 It works from on my server and is extremely effective. Subnet bans (The ones via PB, however) are not at all effective as they arn't kicked/disconnected immediately, which I don't really understand... The only problem is that (strangely) some people (like myself) don't send the MAC address to the server, so it just shows up as blank, honestly don't see how it's possible. Quote Link to comment Share on other sites More sharing options...
blindman Posted February 11, 2008 Share Posted February 11, 2008 It works from on my server and is extremely effective. Subnet bans (The ones via PB, however) are not at all effective as they arn't kicked/disconnected immediately, which I don't really understand... The only problem is that (strangely) some people (like myself) don't send the MAC address to the server, so it just shows up as blank, honestly don't see how it's possible. On the firewall. Is there a set way of banning just the mac address in jaymod? Cause I thought it was part of the mod that it just showed up on the banlist. I understand if the mod is using all of that info for banning, just never saw it work that way. Quote Link to comment Share on other sites More sharing options...
iGod Posted February 11, 2008 Share Posted February 11, 2008 (edited) The !ban command bans IP, GUID and MAC Address as far as I know. If the offender tries to reconnect it will say that the MAC/IP Address is permanantly banned from this server. You can get around Jaymod 2 bans still, I don't know if the workaround works on 2.1.* though so as long as you're uptodate and an experimentalist (using the 'unstable'/beta branch) you should be fine. Edited February 11, 2008 by iGod Quote Link to comment Share on other sites More sharing options...
mcsteve Posted February 15, 2008 Share Posted February 15, 2008 (edited) The !ban command bans IP, GUID and MAC Address as far as I know. If this is indeed the banning functionality in Jaymod, then only the MAC address is additional to that already available in PB. Additionally, banning by MAC address will not be effective against any internet users other than those who have ISPs that require them to connect with the same MAC address each time. CDkeys represent the closest we can practically get to unique identifiers for clients, hence why the gaming industry chose them as the preferred method. Anything else is inferior (currently, and likely to be the case for the forseeable future). The availability of free cdkeys for ET could be described as a curse, but dont forget that they were a blessing in the first place. Edited February 15, 2008 by mcsteve Quote Link to comment Share on other sites More sharing options...
blindman Posted February 16, 2008 Share Posted February 16, 2008 If this is indeed the banning functionality in Jaymod, then only the MAC address is additional to that already available in PB. Additionally, banning by MAC address will not be effective against any internet users other than those who have ISPs that require them to connect with the same MAC address each time. CDkeys represent the closest we can practically get to unique identifiers for clients, hence why the gaming industry chose them as the preferred method. Anything else is inferior (currently, and likely to be the case for the forseeable future). The availability of free cdkeys for ET could be described as a curse, but dont forget that they were a blessing in the first place. Nonsense. Quote Link to comment Share on other sites More sharing options...
fozzer Posted February 16, 2008 Share Posted February 16, 2008 Nonsense. Not acceptable without proof of concept. Over to you. Quote Link to comment Share on other sites More sharing options...
blindman Posted February 17, 2008 Share Posted February 17, 2008 (edited) Wasnt referring to cdkeys. So I guess mac addresses change everytime someone connects to a server? You know thats funny, because when I look at my logs, the same people connect with the same mac addresses. Is it spoofable? Yes. But infinitely preferable to a free cdkey in terms of effectiveness. One of the benefits of a HOME SERVER is that you get to do a little more than admin an et server, you also get to configure the firewall. Banning outside the confines of the game?What a concept. Edited February 17, 2008 by blindman Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.