No signature check on many public servers

[xeno 230]

It really amazes me, no, actually it really shocks me, to see so many public servers which still don't use signature checking and no battleye at all.

Is it so hard for those server admins to understand that people can join on such an open server with whatever addon they like ?

Addons were one can easily destroy a complete game and do any kind of havoc ?

With signature checking enabled you as a server admin are in control what addons may be used on your server or with what addons people can join on your server.

Not the other way around.

It takes just a few minutes to get it working.

Beside the security problem, if addon makers use a new key for a new release you have control over addon versions beeing used on your server if you are using custom made addons.

All in all it really makes me sad to see so many public servers with doors wide open.

Xeno

[Lonestar 11]

I agree with you Xeno, I always advise server admins to use signature verification and BattlEye anti-cheat engine.

There's no reason not to use BE, as it is very reliable.

verifySignatures=1;

BattlEye=1;

http://community.bistudio.com/wiki/server.cfg

Maybe some people don't use BE because they think their public server will be hacked anyway.

It may be true but at least signature verification should always be activated.

Maybe some server admins are just lazy and don't want to update the keys on their server.

Edited April 12, 2011 by Lonestar

[sickboy 13]

Perhaps it's a problem of unknowing. Perhaps it would be better if signature checking would be enabled by default, and only disabled with = 0;

Maybe some server admins are just lazy and don't want to update the keys on their server.

Time to use Six Updater, takes care of it all, *broken record* :D

[gossamersolid 155]

People don't take precautions then they come here to whine about hackers.

<3

[Hud Dorph 22]

Let me just point out hackers have been a big issue WITH all precautions taken. And ofc sigcheck needs to be on.

[BasileyOne 10]

its take considerable time to check you files.

on some servers it take serveral MINUTES to wait[probably weak server downlink/uplink ?].

saw no other reasons to disable it.

than to evade this.

[.kju 3239]

The long connection time has to do with JIP - not with the sig check.

A lot of data needs to be sent, received and applied for a JIP.

[Tankbuster 1733]

It really amazes me, no, actually it really shocks me, to see so many public servers which still don't use signature checking and no battleye at all.

Fact. It's madness admins don't do this, especially on the publics.

There are lots of server management tools out there now, running a server is easier now than ever before, yet the admins leave themselves open to attack.

[pogoman979 10]

from what i have read of the ****************** forums, it doesn't matter what security you have on your server, hackers will still get through. In fact some hackers enjoy hacking security enabled servers and so will choose to cause havoc there in preference to servers with zero protection, just to rub it in that we can't touch them. Therefore due to performance loss and the fact that it won't really stop anyone anyway some server admins prefer to just leave battleeye and signature checks off.

[sickboy 13]

Just making up some numbers; 99% of the so called hackers are too dumb, 0.5% of them are smart enough and another 0.5% have access to people and tools that are smart enough.

I'd say you win a lot more security, stability etc, by running signature checks, keeping out the 99% of fools, than you do with not running signature checks while steering away that 0.5% of people who actually prefer attacking a sig protected server.

Sig protection doesn't only protect you from people with bad-intent, but also from unknowing people, who use Mods that can crash your server, or cause other issues, when your server (and everyone else in it) doesn't run these mods.

There's plenty of mods out there that don't play nice together in general or in MP, signature checking gives you control.

Also the Signature protection v2 built into patch 1.59 should be better/stronger - but we're waiting for the new sign tool.

Perhaps something will be found by the 'hackers' for the new protection too, but it takes time, and additional time to spread again too.

Edited April 13, 2011 by Sickboy

[BasileyOne 10]

from what i have read of the ****************** forums, it doesn't matter what security you have on your server, hackers will still get through. In fact some hackers enjoy hacking security enabled servers and so will choose to cause havoc there in preference to servers with zero protection, just to rub it in that we can't touch them. Therefore due to performance loss and the fact that it won't really stop anyone anyway some server admins prefer to just leave battleeye and signature checks off.

but raising cheating overheads, making its more tricky/sophisticated, require[freely-unavailable]things&etc&etc will help filter things alittle at lest.

p.s.

nothing works better than live admin, sure.

[11aTony 0]

I gree with OP, however such open servers can be very populated becouse normal people can join with sound mods and some other small addons.

Servers that have sig check often dont have keys on or have outdated keys.

It would be nice to have somekind of data base with all the keys on a highly visible place. So maybe addon makers would upload their keys there. It can be rather annoying to download 400MB just to get a key of 100KB.

[BasileyOne 10]

I gree with OP, however such open servers can be very populated becouse normal people can join with sound mods and some other small addons.

Servers that have sig check often dont have keys on or have outdated keys.

It would be nice to have somekind of data base with all the keys on a highly visible place. So maybe addon makers would upload their keys there. It can be rather annoying to download 400MB just to get a key of 100KB.

keys repo could be good idea.

if someone[trusted enough. like BIS himself 4example] can provide secure[enough]storage online.

[xeno 230]

I gree with OP, however such open servers can be very populated becouse normal people can join with sound mods and some other small addons.

The public servers with the highest player numbers all have signature checking enabled. And most of them even allow sound mods and other addons.

So not a valid point. It's all about being lazy, as a server admin and as a user.

It's like having a web server running without any kind of security. Nobody would do that.

Xeno

[sickboy 13]

keys repo could be good idea.

if someone[trusted enough. like BIS himself 4example] can provide secure[enough]storage online.

OFPEC.com has a keys repo, all mods on Six Updater keys are automatically handled upon install/update, as well as all keys are downloadable from the site: http://updater.dev-heaven.net/mods

If you meant a shared key repo - that server admins can keep in sync with - it could be helpful, indeed when managed by someone who knows what he's doing.

Still, managing keys as server admin isn't all that complicated or time taking.

Edited April 13, 2011 by Sickboy

[Lonestar 11]

CSS - Community sign server

[11aTony 0]

The public servers with the highest player numbers all have signature checking enabled. And most of them even allow sound mods and other addons.

So not a valid point. It's all about being lazy, as a server admin and as a user.

It's like having a web server running without any kind of security. Nobody would do that.

Xeno

Sure, now in A2 nearly all mods are signed so no excuse not to have sig check anymore. In A1 most servers didnt have check on. Didnt play OA public much lately.

[Tankbuster 1733]

......

<Stupid parts of quote removed>