Addictionubg 1 Posted January 31, 2013 (edited) Hello Everyone, As of late there has been a RASH of new hacks out there that continue to use these bypasses and the hacks are made for non other than to obliterate servers. Nukes, running thousands of planes in to the ground, spawning millions of objects on a repeat basis. The silly part is, they are CHEAP and VERY easy to get a hold of on pretty much any hacker website forum. So, my question here is how are we defeating these hacks? Most of us server admins are having to PURCHASE ((this is not the case for myself) as some of you are pointing out, I am just clarifying the issues here)anti-hacks from the very same people that create the hacks. I am in no way referring to DayZ because they have way more anti hacks. As for the rest of the game modes out there, we are left out there high and dry. Better yet, when you talk to server providers their answer to most of this is "white list your server." How embarrassing.... how embarrassing is it that the game cannot keep up to date with these hacks. It usually takes weeks for BE to catch the hacks and a couple of days for them to write new ones. I understand that this is a rant, but something has to be said here especially from my end. I have thousands of people that come through my servers and they are decimated within just a couple of minutes of running. For a game that I have been playing since its conception. I am really thinking of ditching it and it's player base, PURELY for the utter failure to keep the hackers at bay. I UNDERSTAND there will be hackers, I get it, you can't catch them all. But I am catching 20-30 hackers a day.... BY MYSELF. WHERE IS THE SECURITY?! I run all kinds of anti-hacks with countless other forms of script restrictions. I am at my end here with this game. I have gotten to the point to where I don't even fight against the hackers anymore because as soon as I get the person hacking on my server, I immediately have another one. And yes, I catch the correct person, it's just another person with a different hack. My advice is get with these major hacker developers and find out how they are doing it! PAY them, keep your game from falling apart with the HUGE influx of hackers. Any other admins/owners feeling the same way? Addiction Edited February 13, 2013 by Addictionubg Share this post Link to post Share on other sites
MissileMoose 10 Posted January 31, 2013 Run the latest beta patch and follow the instructions listed here for securing your server. Do not purchase or download free "anti-hacks" as they are likely to cause more damage and fund the developers of the scripts, which is an incentive for them to continue. Creating new threads regarding the current situation also encourages script kiddies to continue hassling the community, as their goal is to get a reaction. Share this post Link to post Share on other sites
$able 2 Posted January 31, 2013 It usually takes weeks for BE to catch the hacks and a couple of days for them to write new ones. Where did you get that from? Share this post Link to post Share on other sites
jerryhopper 286 Posted January 31, 2013 i knitted something for the starter of this thread. Share this post Link to post Share on other sites
SavageCDN 231 Posted January 31, 2013 (edited) #1 - don't run a DayZ server :p #2 - never ever ever ever purchase (or d/l for free) something that is supposedly an anti-hack program.. even more so if it is provided by the same guys releasing the actual hacks. No wonder your server is full of hackers... this is really Security 101 stuff. LOL perfect pic Edited January 31, 2013 by SavageCDN nice one Jerry!! Share this post Link to post Share on other sites
W0lle 1050 Posted January 31, 2013 Most of us server admins are having to PURCHASE anti-hacks from the very same people that create the hacks. Obviously not. Until this day I heard from no server admin who bought anti-hack tools from hackers to run his server. No offence but maybe you should let someone administrate your server who knows what he's doing. I know it sounds cool to say "I'm server admin!!!" but if you are not able to secure your server then it soon isn't no more that cool. Yes, administrating a server and if its only a gameserver is work and requires knowledge. How embarrassing.... how embarrassing is it that the game cannot keep up to date with these hacks. Because any security software, be it antivirus or anti-hack or whatever leaps behind. It can only react to threats, sounds logical if you think about it. Or how on gods green earth security software should know what comes next week? It usually takes weeks for BE to catch the hacks and a couple of days for them to write new ones. Source? My advice is get with these major hacker developers and find out how they are doing it! PAY them, keep your game from falling apart with the HUGE influx of hackers. Great idea, pay the scumbags for what they did! Why no one else had that idea before? The only problem here is that within weeks you have not hundreds of hackers but thousands because anyone wants to make money with his hacks. Share this post Link to post Share on other sites
SavageCDN 231 Posted January 31, 2013 Because any security software, be it antivirus or anti-hack or whatever leaps behind. It can only react to threats, sounds logical if you think about it. Or how on gods green earth security software should know what comes next week? So you're saying Norton InterWeb Security does NOT protect me from future threats?? :pray: Share this post Link to post Share on other sites
Dwarden 1125 Posted January 31, 2013 is your server using BattlEye with correct filters and settings? http://dayzmod.com/forum/index.php?/topic/119953-battleye-server-side-filters-update/ Share this post Link to post Share on other sites
hellfire257 3 Posted January 31, 2013 Most of us server admins are having to PURCHASE anti-hacks from the very same people that create the hacks. Addiction Wait... What? And you're a server admin? disgonbegood.gif Share this post Link to post Share on other sites
iceman77 18 Posted February 1, 2013 So you're buying anti cheats from the same persons hacking your server? LOL... Share this post Link to post Share on other sites
Addictionubg 1 Posted February 2, 2013 is your server using BattlEye with correct filters and settings? http://dayzmod.com/forum/index.php?/topic/119953-battleye-server-side-filters-update/ Yah im totally up to date, and have EXTENSIVE anti hacks through-out my server. Also, I run wasteland servers, not particularly dayz public servers. I am VERY careful how we ban, we ban both guid and ip's. The problem is...... people can purchase a cd key for 1-2 bucks and with a vpn it doesnt matter. They get banned? np they lose a buck and switch their IP and boom. HIT YOU AGAIN. I think a lot of the development community is in denial about this situation. IT IS A VERY large problem. I have servers that are in the top 5 servers for Arma 2 (according to gametracker.com). This isn't an attack on you Dwarden by any means. But, I look around at these other posts of people having the same problems on forums. It's nothing but server admins SCREAMING saying WTF is going on here. Maybe my rant is a little misguided here, but overall there are some big hacks out there that are PURELY out to stop a server in it's tracks. I am sure more flame will come, Addiction ---------- Post added at 01:47 ---------- Previous post was at 01:45 ---------- So you're buying anti cheats from the same persons hacking your server? LOL... No no no no.. Maybe my fault for not stating clearly. Admins are having to get the hacks from the people who are making them, pick them apart and build anti hacks. SOME of the major hackers that are out there have flip flopped and now target the hacker community and do the work for the admins. Don't believe me? Do some research, you'll see. ---------- Post added at 01:49 ---------- Previous post was at 01:47 ---------- #1 - don't run a DayZ server :p#2 - never ever ever ever purchase (or d/l for free) something that is supposedly an anti-hack program.. even more so if it is provided by the same guys releasing the actual hacks. No wonder your server is full of hackers... this is really Security 101 stuff. LOL perfect pic #1 = THE EXACT reason why this game is falling apart. Don't like the hacks? quit the game... (its a sinking ship when we develop that attitude.) #2 = Ive seen some of the anti-hacks that are created and sadly... FAR better than anything BE can dish out. ---------- Post added at 01:50 ---------- Previous post was at 01:49 ---------- Where did you get that from? Do you even play or work with this game in the last few weeks? I mean, I know who you are $able, but that response kinda shocked me. ---------- Post added at 01:51 ---------- Previous post was at 01:50 ---------- i knitted something for the starter of this thread.http://img0.etsystatic.com/000/0/6240830/il_fullxfull.344096240.jpg There are no assumptions here, all i've seen so far from everyone is denial... ---------- Post added at 01:58 ---------- Previous post was at 01:51 ---------- Obviously not. Until this day I heard from no server admin who bought anti-hack tools from hackers to run his server. No offence but maybe you should let someone administrate your server who knows what he's doing. I know it sounds cool to say "I'm server admin!!!" but if you are not able to secure your server then it soon isn't no more that cool. Yes, administrating a server and if its only a gameserver is work and requires knowledge.--- This unfortunately is becoming a huge trend, if you want some websites where you can do some research. I'll be more than happy to show you. As for admining, I run some of the most successful servers in Arma 2. SO... don't know what to tell yah.. Because any security software, be it antivirus or anti-hack or whatever leaps behind. It can only react to threats, sounds logical if you think about it. Or how on gods green earth security software should know what comes next week? --- This is true, with any type of virus to anti-virus software. However, usually the lag between the two is generally a lot shorter than we find here (as of late.) Source? Great idea, pay the scumbags for what they did! Why no one else had that idea before? The only problem here is that within weeks you have not hundreds of hackers but thousands because anyone wants to make money with his hacks. Ok, I stand corrected. Stop paying the people that are supposedly securing our servers with battleye until it works... Share this post Link to post Share on other sites
Dwarden 1125 Posted February 2, 2013 (edited) 99% of anti-hacks there is utilizing BattlEye LOGs and ingame scripting ... so claims how they better than BattlEye are pure non-sense ... Edited February 2, 2013 by Dwarden Share this post Link to post Share on other sites
kualus 1 Posted February 2, 2013 99% of anti-hacks there is utilizing BattlEye LOGs and ingame scripting ... so claims how they better than BattlEye are pure non-sense ...I'm getting annoyed with this. Evidence, please, to back up your 99% claim. As a potential customer, this topic means something to me. Share this post Link to post Share on other sites
TSAndrey 1 Posted February 2, 2013 I'm getting annoyed with this. Evidence, please, to back up your 99% claim. As a potential customer, this topic means something to me. He's a BI developer. You really ask for evidence from a developer? Wow... Share this post Link to post Share on other sites
$able 2 Posted February 2, 2013 Do you even play or work with this game in the last few weeks? I mean, I know who you are $able, but that response kinda shocked me. I know how bad the situation is, but I'm doing what I can. In fact BE is doing way more than other popular anti-cheat systems. This has been explained many times here, the big problem is the game engine (combined with cd-key theft which is also related to the game), not BE. You will probably say that this is a poor excuse from my side, but it's just a fact. As much as I personally hate it, BE can't fix this issue, it can only help. Ok, I stand corrected. Stop paying the people that are supposedly securing our servers with battleye until it works... Well, thank you. I hope someone never considers your work to be useless either. But that's what I hear every day anyway, so I guess it must be right... Share this post Link to post Share on other sites
chortles 263 Posted February 2, 2013 I know how bad the situation is, but I'm doing what I can. In fact BE is doing way more than other popular anti-cheat systems. This has been explained many times here, the big problem is the game engine (combined with cd-key theft which is also related to the game), not BE. You will probably say that this is a poor excuse from my side, but it's just a fact. As much as I personally hate it, BE can't fix this issue, it can only help.Does no one remember the pre-standalone interviews where Rocket's public advocacy for a standalone involved him verbally blaming Real Virtuality 3 and Arma 2's "open" nature for the security vulnerabilities?I wouldn't take Rocket's announcement that the standalone will use VAC as a knock on BE either -- after all, the standalone is going "the whole yard" into Steamworks and Arma 3 is not. Share this post Link to post Share on other sites
[frl]myke 14 Posted February 2, 2013 Does no one remember the pre-standalone interviews where Rocket's public advocacy for a standalone involved him verbally blaming Real Virtuality 3 and Arma 2's "open" nature for the security vulnerabilities? Ironically it is this "open" nature of A2 which made mods like DayZ possible. Either you have a open sandbox with literally endless possibilities....and vulnerabilities. Or you have a closed system without (or highly restricted) possibilities to make mods and/or missions. Share this post Link to post Share on other sites
iceman77 18 Posted February 2, 2013 No no no no.. Maybe my fault for not stating clearly. Admins are having to get the hacks from the people who are making them, pick them apart and build anti hacks. SOME of the major hackers that are out there have flip flopped and now target the hacker community and do the work for the admins. Don't believe me? Do some research, you'll see. @ Addiction - I can only go buy what you posted. Most of us server admins are having to PURCHASE anti-hacks from the very same people that create the hacks. Share this post Link to post Share on other sites
Dwarden 1125 Posted February 2, 2013 (edited) people fail to realize that amount of cheating quite often isn't coverable by BE (no matter how hard it can try) the Dayz mod itself have both client and server side scripting which is insecure (aka easy to abuse) *it was and is quite often abused by script kiddies, quite some remote exec cheats and messing with database and item/players state the OA engine has own scripting sub components like MP framework and similar which are insecure (were built for coop not safe pvp) ** abused again with script kiddies the OA engine sports 3 nearly full documented scripting languages and also documented file architecture (again makes cheating easier) the OA engine itself is insecure (as it was built for coop) with client-server-client architecture (where client can spawn/control events/objects and alter state of simulation (aka it's not server side in style server is always right)) for these reasons was added logging of most 'abused' / 'dangerous' script events via BattlEye's server side filters ... these filters not just allow logging and kicking but also allow BE + engine to prevent the script execution if set to kick well written scripts and BE filters can detect and prevent some abuse in script subsystem full logging (1 "") can allow detect some more script cheaters afterward (e.g. via PERL parsing) + BattlEye protects the servers from more than just cheats on netcode level (most of admins takes this for granted but it's thanks to BE not engine itself) BattlEye also offers admins RCON for remote administration which engine lacks by default overally, BattlEye does extremely good job on detecting and banning public free and paid cheats we talking about 1000s bans / weekly i'm not saying the system is perfect or has everything (PunkBuster still has some nice little features I would like to see in BE) but I doubt (in fact I don't believe) that any other anticheat (PunkBuster, VAC, GameGuard, HackShield or else) can do better than BE in the end, the quality of protection is also limited to what we know about exploits or attack vectors ... if there is something we don't know or can't predict, then we can't fix it Edited February 2, 2013 by Dwarden Share this post Link to post Share on other sites
kualus 1 Posted February 2, 2013 He's a BI developer. You really ask for evidence from a developer? Wow...Old journalism: “If your mother says she loves you, check it out.†Today’s journalism: “Hey, it made a nice story.†Guess who is today's journalism? Share this post Link to post Share on other sites
Dwarden 1125 Posted February 2, 2013 Old journalism: “If your mother says she loves you, check it out.†Today’s journalism: “Hey, it made a nice story.†Guess who is today's journalism? while you have such bold claims, what about show me single of these non-BE based anti-cheats ;) for years the only additional method to BattlEye (and before BE (pre-ARMA era) was to read packets in raw mode and parse and filter afterward while it can be classified as anticheat method, it's just scripts detection (incoming to server) ... yet it has nothing with client side anti-cheat (e.g. against ESP, aimbots etc) which is primary BE's job Share this post Link to post Share on other sites
Ezcoo 47 Posted February 2, 2013 When I found Arma, I noticed soon the massive number of script kiddies and thought that this anti-cheat is crap... But when I learned more about the nature of this lovely game, I noticed that it's not fault of BE that there are so much script kiddies. Like said, it's the moddability of game itself that let's the script kiddies to spoil the game for others. I don't mean that the moddability of game is a bad thing, I love it – it's just natural that every thing has both pros and cons. In this case the pro is the ability to create almost anything that you want in the game, and the con is the easiness of cheating. Remember, that the best aren't those who win hundred battles against the enemy – the best win the war without any battles at all. I'd recommend you to read The Art of War and telling your server admins to read it too. Just create the analogies to server administration yourself and you'll be good to go. Share this post Link to post Share on other sites
kualus 1 Posted February 2, 2013 while you have such bold claims, what about show me single of these non-BE based anti-cheats ;)I don't have to. In the words of Chico Marx, "Never mind, whose confession is this?"for years the only additional method to BattlEye (and before BE (pre-ARMA era) was to read packets in raw mode and parse and filter afterwardwhile it can be classified as anticheat method, it's just scripts detection (incoming to server) ... yet it has nothing with client side anti-cheat (e.g. against ESP, aimbots etc) which is primary BE's job That was then, this is now. I am still interested in ArmA2 regardless as the developers actually aren't interested in censoring feedback and isolating themselves from it, unlike a certain sim and developer I've already vented about... Share this post Link to post Share on other sites
Harzach 2517 Posted February 2, 2013 I don't have to. In the words of Chico Marx, "Never mind, whose confession is this?"That was then, this is now. I am still interested in ArmA2 regardless as the developers actually aren't interested in censoring feedback and isolating themselves from it, unlike a certain sim and developer I've already vented about... For someone who has never actually played Arma 2, you are raising a heck of a stink about it. Share this post Link to post Share on other sites
kualus 1 Posted February 2, 2013 For someone who has never actually played Arma 2, you are raising a heck of a stink about it.You exaggerate. I merely want proof of Dwarden's as of yet unsubstantiated claim. Share this post Link to post Share on other sites