So I was reading this post
After reading all the way through this post: http://eqemulator.net/forums/showthread.php?t=29125 I started thinking why can’t we as a community do something to try to stop or at the very least greatly hinder the few wannabe hackers who are disrupting servers and web forums. I would be willing to bet that it is the same peons doing the same old tricks repeatedly.
Lets face it hacking yahoo, hotmail and google email accounts is far from complicated and hacking most web forums or using a dos attack on a single ip address is not exactly rocket science either. Every time someone does any of the above mentioned they leave a footprint of some type whether it is ip address, mac address or some other form of id. We all have access to pretty much the same information as the peons causing the problems so why not use it against them. Those who write the login scripts or have control of the main login server would obviously have the biggest potential impact on limiting and/or eliminating disruptions. The web forums or servers that are being attacked or have been attacked likely have information like ip addresses, account names and so forth that can be cross referenced with the main login server’s information and could ultimately be used against those stirring up trouble. I know that ip addresses and login information can be faked or stolen but the individuals causing the problems will at some point make a mistake that gives away who they really are. If enough complaints about a single ip address make their way to the ISP’s we can make them do something about it. A permenant sticky post containing all the information that can be gathered on those causing problems would help keep the individual server administrators up to date on who to watch out for. This information would also need to be stored offline so in the event of another forum security breach the gathered information would still exist in a safe place. Also tracking the commonalities between the attacked servers and web forums could go a long way towards removing the annoyance of wannabe hackers. If these wannabe hackers had any real skill then they would not be targeting a web based video game. |
Amen man... There are certain Security companies however who do specialize in this.. Perhaps they may be willing to help though it would take a large community push for funding to accomplish that.. And chances are they won't even touch it due to the client we are using...
|
Getting a security company to help use track down the wannabe hackers would be ideal but like you said the content we are dealing with will likely cause most to walk away very quickly.
Oh and thought of something else we would need to track...the types of attacks being used. As the possibility of finding a link between the types of attacks being used and the hosting types and setups being targeted would be of significant use to us. |
You guys act like it's some big secret. It's MacroQuest 2 plugins that cause this, and they've been doing it for years.
I don't think a "security company" will help you. At all. Look at GameGuard, HackShield, etc. You need serverside detection for an open-source community, not clientsided. The only time a clientsided hack detection will work is the same time the project is closed source. (See: Bane of Life.) And to be honest, there's a lot of it as it is. The best part about open-source (as it is shown in PHPBB communities and the like) is that you can solve all issues by submitting fixes for them. So, if you have a better solution to fix an exploit, just submit it. Otherwise it's going to stay broken forever. No amount of anti-hack is EVER going to fix the exploit, unless you keep the anti-hack closed source and your project as well. Keep dreamin'. |
Secrets, no one is pretending like any of this is a secret. The whole idea was to invoke discussion to find a solution to the problem. If you know the cause of the problem then it should be fairly easy to fix.
If Macroquest is the source of the problem as you clearly said then why hasn't it's function been coded not to work with the emulator? And yes i know that previous statment is easier said than done. The fact that the emulator is open source should just make the solution easier to implement. The biggest problem with people submitting fixes to an exploit is that not everyone in the eqemu community is capable of writting code in a manner that would be useful. It would be easy to sit here knowing what the problem is and do nothing to try and fix it. Alot of people try the passive method and none succeed. I can talk about this till I turn purple but if no one is willing to help then the whole conversation is pointless. |
Well if we could some how force the clients to have a Security program loaded up before eqgame.exe and if that program is not present then some type of signal is sent to crash the client or disconnect them...
This program would detect and stop Macroquest users dead in their tracks the tricky part is finding a way to ensure that it stayed up during their play time.. |
Quote:
Because stuff like warping, maps, etc. CANNOT be disabled serversided. You can detect it, but you cannot fix CLIENT issues SERVERSIDED. If you make a CLIENTSIDED detection that is open-source, people would know exactly how to bypass it on the CLIENT. Please, tell me a way you can disable sending every NPC in the zone to the client without sending every NPC to the zone in the client. I'd love to know a way. Please, also tell me how you can disable warping without detecting normal people moving. Including short-range warping. Again, i'd LOVE to know. There is no simple solution to it, that will just pop out at you. Sorry you think it's easy as Code:
if(MacroQuestDetected == 1) |
Sorry if I am coming off as rude, I am holding off as best I can to restrain myself, but... I cannot explain it better than that.
There is no way to fix MQ2 easily. |
Secrets, I am not arguing with you and I am sorry if it came across that way.
Delete this thread as it has already taken a wrong turn. |
One approach that I've considered (in another context mind you) would be as follows:
1) collect stats on kills per minute, aggros per minute, bosses aggroed / junk mobs etc on all accounts and characters on a server where there is no known hacking 2) deliberately run a hacker account and collect the same stats 3) decide on a statistically valid test that has sufficient power to get acceptable type I and type II error rates 4) introduce a reporting mechanism to allow players to report probable hackers 5) when tests flag hacking then change the server-side XP and loot code to remove the rewards for hacking The downsides include: 1) reporting hacking as a form of griefing 2) massive increase in DB load 3) could easily punish creative players 4) a hell of a lot of work 5) would become an arms race, as hackers can see what the tests are in server code and just be sure to stay outside the critical stat range 6) false positives (type I errors) will be high if too aggressive at picking "hackers". Any attempt to reduce this will result in more hackers not being detected. I do think that the best approach would be to somehow remove the reward for hacking though. This way legitimate uses of the tool in question could remain (I am not promoting MQ in any way). That program is useful for those with physical disabilities for example. I suspect that all this is basically a flaw in the game by the way. As long as the mid-levels are just a time-sink on the way to "the real game" at level 70 this problem will not go away. Perhaps more creative and dynamic quests/tasks for all levels/races/classes would make people less interested in cheating. |
Quote:
An option (in addition to being able to report hackers) would be to keep temporary logs of players, say, half an hour of game time (and special events that are suspicious), then save the logs of a player when they're reported. This way a GM could look over the logs when investigating a report and ban the offending account if necessary. It isn't automatic, but it could cut down on hackers. Now, if we had our own client too, that would be a different story... |
Anyone ever thought about developing a 3rd party program & requiring the source to have that prog? No client interaction. This would be between the emu server and this program to stamp out mq so it can be developed in a closed source environment.
|
All of these hacking/cheating threads simply fuel the script kiddies causing this damage by giving them more justification to stay and prove their point. There's alot more than just MQ that can cause serious issues and more light is being cast upon these areas now due to the surge of interest in anti-hacking. Keep it on the low down!
|
That's maybe a defeatist attitude .. Who cares what they come up with as long as we come up with it faster and more frequent.. Even if we have to modify and tweak every week slightly to void their progress..
So be it.. It's way better than having our work go for nothing |
Quote:
It's like this. There's a right way and a whole ton of wrong ways. The right way isn't a server side fix... because it's not manageable nor effective by any measure. It's a patchwork fix for people putting together patchwork servers. They'll fall apart. The right way IS -- still kind of gray -- but clearly going to happen in some client side software. |
there are already server-side detection of some hacks (MQ2Warp, etc) but they do generate false positives, and yes, there are hacks to circumvent the detections :/
best bet would be to improve on the current detection systems and add any other detections that can be done reliably The current system just logs to the hackers table in the DB And the current MQ2Warp detection makes more false positives for SoF (the time between loc updates is longer than Titanium or something) |
Quote:
Its funny because I had the same discussion with Null (most recent joke dev on VZTZ) and after alot of pining I came to the conclusion the only "real" solution would be a piece of software that coordinates with the server to make sure nothing is toying with the client. To which he brought up the "failure" of the Bane of Life software... so I checked it out and the fucking thing hadn't even been compiled yet, much less failed. Ultimately I can't chalk this up to anything but some serious penis envy and total technical ignorance to the issues at hand. All of which is perpetuated and displayed here in this and related threads. |
Quote:
|
Quote:
That's where the cock envy I spoke of entered the picture. |
Quote:
|
Quote:
|
Quote:
|
That client manager is a complete failure of concept. It's an external add-on linking to the server with its own protocol. The server has no way of telling it apart from something imitating that protocol and sending that everything is just fine.
Face it, any kind of client-side protection is at best an attempt at making it too much of an effort to circumvent, and you've as good as lost that battle to begin with by needing to provide access to the client software in the first place. The only way to make something like that work is to have OS support for segregated data where nothing can access your memory space or even physical data files. About the only way to currently even attempt something like that is to basically install the equivalent of a virus. |
True but it would stop a good deal of people... Maybe not the good ones but at least some.. and Some is better than None..
I like the idea |
Quote:
|
Best way to stop hacking is to use Simple Client! Who's with me?
|
Quote:
This is Paaco btw, someone fix my eqemu forum account :( I can't log into it or recover the password. |
If there is anything I can do over at Raid Addicts let me know..
May be a great place to test this out ? Anyway let me know OH Also you may look into N-Protect they claim to be the Leader in online game security.. |
As far as I know the SoF expansion pack doesn't have a working MQ.. I may be wrong but /shrug just a thought
|
Quote:
Quote:
|
Quote:
|
| All times are GMT -4. The time now is 04:54 PM. |
Powered by vBulletin®, Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.