Jump to content
Sign in to follow this  
paradoxparadoxon

ArmA-Banlist (Community Banlist)

Recommended Posts

ArmA-Banlist / BanFactory

banfactory.png

ArmA-Banlist is a community minded banlist which collects bans from registered and validated servers.

Thereby is a difference between Hackers / Bugusers or regular bans.

The bans caused by Hacking / Bugusing are avenged by a global ban in this list.

This avoids the jumping between servers by hackers.

The bans will be distributed to other connected servers within a few minutes.

At the moment there are more than 250 servers connected with the database, which already contains more than 7000 reported hackers.

To avoid abuse every server get checked and validated.

In doing so we specially check the contact opportunity.

When a banned person raises an objection, the server operators are in burden of proof.

If a server is detected to report hacker wrongly, the server will be removed from the system and we will revert all reported bans.

For that we have multiple support channels in different languages.

german@arma-banlist.de

english@arma-banlist.de

We are looking for further volunteers wo can speak English plus another language.

Especially we are looking for:

French

Czech

Russian

We would like to provide our service in so many languages as possible.

Additionally we are looking for volunteer programmers with knowledge in

PHP

ASP.NET

VB.NET

Candidacies are going to: paradox@arma-banlist.de

The ban list is said to be a new way of hacker protection, so if hackers are banned from other servers they are not possible to join yours.

Features:

- Global banlist carried together by the community

- PIDtoGUID converter (currently only for Alits Life databases)

- Battleye connection (first step to Battleye implementation)

- Player rating system (bans players which are banned on more than X servers)

Planned:

- Own anti hack system

- Management of own bans by an web frontend

- Multi Language support

Download: http://arma-banlist.de/downloads/ArmA-Banlist.zip

DOWNLOAD LITE VERSION: https://malte-sama.de/banfactory/

Edited by ParadoxParadoxon

Share this post


Link to post
Share on other sites
ArmA-Banlist

- Battleye connection (first step to Battleye implementation)

Whats the point of connecting to BE anyways? It already has its own ban list and once a dick gets GBed then he can't connect to any battleye enabled server anyways, just a waste of code to do that when the game already does it.

Other than that it sounds like a good idea.

Share this post


Link to post
Share on other sites

Battleye has its own Global Ban yes. But it does not global ban on GameHacks, BattleyeHacks or Script restrictions. or if some kids is jumping around on servers doing tk/messing up the session etc.

However.

Planned:

- Own anti hack system

Now thats a waste of time if you ask me.

As long as you can not implement it with the engine there is no point in doing it. using callExtension will not get you anywhere if you try of make your own AC.

And using SQF scripts for protection/ac is a joke.

Share this post


Link to post
Share on other sites

Yes Battleye has its own global banlist. But Some injection are Not detected. So you can check this only in your battleye logs/filters . There are so many hackers without a global Ban . My banlist will Ban all the hackers there are reported to me.

Share this post


Link to post
Share on other sites
Battleye has its own Global Ban yes. But it does not global ban on GameHacks, BattleyeHacks or Script restrictions. or if some kids is jumping around on servers doing tk/messing up the session etc.

However.

Planned:

- Own anti hack system

Now thats a waste of time if you ask me.

As long as you can not implement it with the engine there is no point in doing it. using callExtension will not get you anywhere if you try of make your own AC.

And using SQF scripts for protection/ac is a joke.

It may be a joke ... And yet, the vast majority of kiddies are caught via scripted AH solutions. Sounds reasonable as a layer of protection. Better to have 50 hackers who actually know what they're doing, than 50 hackers and 5,000 kiddies.

Share this post


Link to post
Share on other sites
It may be a joke ... And yet, the vast majority of kiddies are caught via scripted AH solutions.

Sorry but thats just "bs", The vast majority get caught by the BE Filters, atleast on servers who has them setup properly ;)

Using SQF as an AC solution only opens you up for exloits. sqf by its nature isnt seccure at all. "at least not with its current implementation".

Besides releasing some AC script solution to the public only shows the "hackers" how the code work.

Better to have 50 hackers who actually know what they're doing, than 50 hackers and 5,000 kiddies.

Best to have 0 of both :)

Share this post


Link to post
Share on other sites

@nuxil yes its true. I've also thought again and will stop planning the AH script.

Currently i work on the Client / server connection.

Next update is a Bugfix to fix the Connection insues

Share this post


Link to post
Share on other sites
Battleye has its own Global Ban yes. But it does not global ban on GameHacks, BattleyeHacks or Script restrictions. or if some kids is jumping around on servers doing tk/messing up the session etc.

However.

Planned:

- Own anti hack system

Now thats a waste of time if you ask me.

As long as you can not implement it with the engine there is no point in doing it. using callExtension will not get you anywhere if you try of make your own AC.

And using SQF scripts for protection/ac is a joke.

there are ways to do propper anti-cheat without letting the client know ANY of the anti-cheat mechanism at any point in time!

SQF IS capable of doing so but that requires a heavy knowledge of the callExtension command, a pretty unique anti-cheat utility and damn hard knowledge of all that shit

but youre kinda right ... doing a propper anti-cheat is a damn hard task but can be done if you do make a concept at first instead of just starting and trying to fiddle something together


why the hell vb.net?

i do can understand that support for asp.net would be nice but vb?

Share this post


Link to post
Share on other sites
there are ways to do propper anti-cheat without letting the client know ANY of the anti-cheat mechanism at any point in time!

SQF IS capable of doing so ...

Sure there is. but sqf is not one of those ways.

but that requires a heavy knowledge of the callExtension command

Not sure how callExtension is going to help you here.

Using it on the serve make no sense unless you want to have it to connect to some other system.

Using a callExtenson dll on the client is just "stupid".

Because.

1 * You can not sign a dll.

2 * You can replace it with you own custom dll.

3 * You can debpo the addon and see how it calls the dll and now it uses the data.

With out the access to the game engine such as Battleye have, your basically wasting your time on making an AC.

Once you go public with a sqf anticheat you are exposed. everybody can see how it works.

I am wondering

ParadoxParadoxon why all this?

PHP

ASP.NET

VB.NET

Share this post


Link to post
Share on other sites

I am wondering

ParadoxParadoxon why all this?

PHP

ASP.NET

VB.NET

With VB.Net i programming the Client/Serverside

With PHP and ASP.Net i will create a webinterface for the server owners to manage the bans that have triggered them

Currently, I'm still undecided whether I do it in ASP.Net or PHP.

Share this post


Link to post
Share on other sites
Sure there is. but sqf is not one of those ways.

Not sure how callExtension is going to help you here.

Using it on the serve make no sense unless you want to have it to connect to some other system.

Using a callExtenson dll on the client is just "stupid".

Because.

1 * You can not sign a dll.

2 * You can replace it with you own custom dll.

3 * You can debpo the addon and see how it calls the dll and now it uses the data.

With out the access to the game engine such as Battleye have, your basically wasting your time on making an AC.

Once you go public with a sqf anticheat you are exposed. everybody can see how it works.

it is not stupid (as there will be no callExtension on client)

the theory is pretty simple:

- Create a server side anti-cheat (client will get only functions it really needs with hooks etc. and server will trigger those functions over and over again for checking)

- upload that anti-cheat into a SQL base so the source is not inside of the mission

- create a dll that loads that SQF code onto the server

- let the system work

the client simply should not have any informations about the anti-cheat

it would even be better to make that anti-cheat "closed source" to prevent leaks (thats also possible with some dll magic)

its more simple then it sounds at all

With VB.Net i programming the Client/Serverside

With PHP and ASP.Net i will create a webinterface for the server owners to manage the bans that have triggered them

Currently, I'm still undecided whether I do it in ASP.Net or PHP.

tbh ... i would not use visual basic for anything ...

c++ would be the way to go (or c# for userinterface)

Edited by X39

Share this post


Link to post
Share on other sites
it is not stupid (as there will be no callExtension on client)

the theory is pretty simple:

- Create a server side anti-cheat (client will get only functions it really needs with hooks etc. and server will trigger those functions over and over again for checking)

- upload that anti-cheat into a SQL base so the source is not inside of the mission

- create a dll that loads that SQF code onto the server

- let the system work

the client simply should not have any informations about the anti-cheat

it would even be better to make that anti-cheat "closed source" to prevent leaks (thats also possible with some dll magic)

its more simple then it sounds at all

I said stupid for the client, i did not say it was stupid for the server.

I said it would make no sense unless you want to connect it to another system

A sql server is that. ;)

However. As i already said. If you where to go public with the AC you are exposing your self.

One could just peek at the sql table(s) and see what the function(s) do.

Also this would not work for "all missions" would it? that would be pretty damn hard to make.

I would rather spend my time on writing proper BE Filter(s) for my mission with Regular expressions etc. than make an custom AC.

tbh ... i would not use visual basic for anything ...

c++ would be the way to go (or c# for userinterface)

C or ASM would even be better :p

There are lot of programs written in vb.net. So nothing wrong with it.

Example. CDBurnerXP which i use alot

If you like to spend 5x more time writing something in c++. fine. then that is your choice.

I would not unless it requires heavy optimization, "in regards get most work per cpu cycle".

Anyway. i think we have hijacked this thread enough about anticheat discussion.

ParadoxParadoxon has already said he will "drop" that idea. ;)

---------------------

ParadoxParadoxon i would help you out if it where php.

But im about to check out from this community, i dont like the path Bis is taking and i will not have any part of it anymore.

Share this post


Link to post
Share on other sites
I said stupid for the client, i did not say it was stupid for the server.

I said it would make no sense unless you want to connect it to another system

A sql server is that. ;)

However. As i already said. If you where to go public with the AC you are exposing your self.

One could just peek at the sql table(s) and see what the function(s) do.

Also this would not work for "all missions" would it? that would be pretty damn hard to make.

I would rather spend my time on writing proper BE Filter(s) for my mission with Regular expressions etc. than make an custom AC.

it always sounds "impossible" from your point of view ^^ actually, i already developed little concept ideas which would work to create a closed AC but never started to realize one ...

(maybe its time to do that)

C or ASM would even be better :p

There are lot of programs written in vb.net. So nothing wrong with it.

Example. CDBurnerXP which i use alot

If you like to spend 5x more time writing something in c++. fine. then that is your choice.

I would not unless it requires heavy optimization, "in regards get most work per cpu cycle".

Anyway. i think we have hijacked this thread enough about anticheat discussion.

ParadoxParadoxon has already said he will "drop" that idea. ;)

visual basic is simply shit from my point of view (just to note it out: because visual basic IS visual basic and not because it has an even lower performance then C# for example (as they are more or less equal from that point of view))

i also need to disagree to the ASM usage due the fact that whatever programm you want to create cannot be created in pure ASM (or you will need ages before its finished (expect Arma 2000 to be out then))

C/C++ is simply the most performant way to go & it does not requires .net

---------------------

you do know there is a hr bbcode?

[noparse][hr][/noparse]

Edited by X39

Share this post


Link to post
Share on other sites

visual basic is simply shit from my point of view (just to note it out: because visual basic IS visual basic and not because it has an even lower performance then C# for example

In .Net there are no significant differences(performance) ^^

And... currently i use both :D c# and VB :P

In c# i got the GUID converter for Altis Life databases.

Share this post


Link to post
Share on other sites

Just bc an anti-hack is public doesn't mean it doesn't detect certain things.

For instance recoil. Checking the players current recoil coefficient is a small example. Doesn't matter if he can see the code, its still going to check and report if there's an anomaly.

For menus its much the same. If the player has a menu he shouldn't have, in his uiNamespace, doesn't matter if he can see how the code works, as long as it works.

IMO if something is shaping the behavior of kiddies and forcing them to adapt or get caught, then that is worthwhile even if a small few of them know how the code works.

As for BE filters, its been a massive fail in documentation for how to go about writing regex filters/exceptions. That blame falls squarely on bastians shoulders, and I would say on Dwarden as well, and anybody else who is 'good' at it. Seriously, a few hours spent by someone who knows the ins and outs of it, on documentation, would save a lot of trouble for a lot of people. Much more time has been spent on things much less useful and much less rewarding.

Share this post


Link to post
Share on other sites

Planned

- Full Battleye implementation

- Battleye Scheduler/Scripting (script restarts/scheduled messages and more)

- Big Performance update

Share this post


Link to post
Share on other sites

Server maintenance

We move to a stronger system, that's why the service won't be available for a few hours

10.03.2015 - 22:10 UTC +01:00

status: done

News:

- Website online

- New Client Update is release at 10.03.2015 - 22:10 UTC +01:00 with new serveradresses and update function

Edited by ParadoxParadoxon
News

Share this post


Link to post
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×