So I was reading this post

KingMort · #1 08-06-2009, 04:00 AM

Amen man... There are certain Security companies however who do specialize in this.. Perhaps they may be willing to help though it would take a large community push for funding to accomplish that.. And chances are they won't even touch it due to the client we are using...

blackdragonsdg · #2 08-06-2009, 04:18 AM

Getting a security company to help use track down the wannabe hackers would be ideal but like you said the content we are dealing with will likely cause most to walk away very quickly.

Oh and thought of something else we would need to track...the types of attacks being used. As the possibility of finding a link between the types of attacks being used and the hosting types and setups being targeted would be of significant use to us.

Secrets · #3 08-06-2009, 04:54 PM

You guys act like it's some big secret. It's MacroQuest 2 plugins that cause this, and they've been doing it for years.

I don't think a "security company" will help you. At all. Look at GameGuard, HackShield, etc. You need serverside detection for an open-source community, not clientsided. The only time a clientsided hack detection will work is the same time the project is closed source. (See: Bane of Life.)

And to be honest, there's a lot of it as it is. The best part about open-source (as it is shown in PHPBB communities and the like) is that you can solve all issues by submitting fixes for them. So, if you have a better solution to fix an exploit, just submit it. Otherwise it's going to stay broken forever. No amount of anti-hack is EVER going to fix the exploit, unless you keep the anti-hack closed source and your project as well.

Keep dreamin'.

blackdragonsdg · #4 08-06-2009, 08:53 PM

Secrets, no one is pretending like any of this is a secret. The whole idea was to invoke discussion to find a solution to the problem. If you know the cause of the problem then it should be fairly easy to fix.

If Macroquest is the source of the problem as you clearly said then why hasn't it's function been coded not to work with the emulator? And yes i know that previous statment is easier said than done. The fact that the emulator is open source should just make the solution easier to implement. The biggest problem with people submitting fixes to an exploit is that not everyone in the eqemu community is capable of writting code in a manner that would be useful.

It would be easy to sit here knowing what the problem is and do nothing to try and fix it. Alot of people try the passive method and none succeed. I can talk about this till I turn purple but if no one is willing to help then the whole conversation is pointless.

KingMort · #5 08-06-2009, 09:08 PM

Well if we could some how force the clients to have a Security program loaded up before eqgame.exe and if that program is not present then some type of signal is sent to crash the client or disconnect them...

This program would detect and stop Macroquest users dead in their tracks the tricky part is finding a way to ensure that it stayed up during their play time..

Secrets · #6 08-06-2009, 09:26 PM

Quote:

Originally Posted by blackdragonsdg

Secrets, no one is pretending like any of this is a secret. The whole idea was to invoke discussion to find a solution to the problem. If you know the cause of the problem then it should be fairly easy to fix.

If Macroquest is the source of the problem as you clearly said then why hasn't it's function been coded not to work with the emulator? And yes i know that previous statment is easier said than done. The fact that the emulator is open source should just make the solution easier to implement. The biggest problem with people submitting fixes to an exploit is that not everyone in the eqemu community is capable of writting code in a manner that would be useful.

It would be easy to sit here knowing what the problem is and do nothing to try and fix it. Alot of people try the passive method and none succeed. I can talk about this till I turn purple but if no one is willing to help then the whole conversation is pointless.

Know why no one is willing to help?

Because stuff like warping, maps, etc. CANNOT be disabled serversided. You can detect it, but you cannot fix CLIENT issues SERVERSIDED. If you make a CLIENTSIDED detection that is open-source, people would know exactly how to bypass it on the CLIENT. Please, tell me a way you can disable sending every NPC in the zone to the client without sending every NPC to the zone in the client. I'd love to know a way. Please, also tell me how you can disable warping without detecting normal people moving. Including short-range warping. Again, i'd LOVE to know.

There is no simple solution to it, that will just pop out at you. Sorry you think it's easy as

Code:

if(MacroQuestDetected == 1)
StopMacroQuest;

because it's not. I am sure someone could make an anti-hack for EQ (as shown in baneoflife) if they wanted to. I am telling you a serversided anti-hack is possible, but a clientsided anti-hack is not feasable in an open-source community.

Secrets · #7 08-06-2009, 09:31 PM

Sorry if I am coming off as rude, I am holding off as best I can to restrain myself, but... I cannot explain it better than that.

There is no way to fix MQ2 easily.

blackdragonsdg · #8 08-06-2009, 11:04 PM

Secrets, I am not arguing with you and I am sorry if it came across that way.

Delete this thread as it has already taken a wrong turn.