backwoods 0 Posted July 7, 2004 At this point most of you admins realize how pointless it is to ban an ID. For those of you who dont believe ID changers exist for 1.96, you are wrong I have found one. I have also found all sorts of screwed up little tools the BIS has done nothing to combat or prevent. The only true way to stop these bastards is to block IP addresses or entire IP subnet ranges. I suggest if you have a dedicated server you invest in some firewall software or firewall hardware, you can use NAT to restrict IPs for Windows 2003. Start the OFP server with the -netlog command to log everything coming into your OFP server. Find the IP for the name, your looking for, run an ARIN or RIPE whois, find out if its static or dynamic. If it is dynamic then ban every IP on the last octet of the range example. 192.168.1.1 - 192.168.1.255. If they have static then block the single address. I know it seems drastic to block an entire IP range, but I find most of the advanced cheaters I have problem combating are from Germany, if I have to ban every German IP address well thats an acceptable risk. I hope BIS can do something to combat this stuff, their must be legal action they can take against these groups. Their websites are well known, why isnt anything being done? Share this post Link to post Share on other sites
Keva 0 Posted July 7, 2004 this does seem a drastic measure to take but im afraid most isp dont have static ip address so blocking a whole subnet wouldnt do anything Share this post Link to post Share on other sites
backwoods 0 Posted July 8, 2004 Your wrong blocking the entire range will do plenty, if their DHCP lease is up or the refresh the IP 80% chance is the DHCP tables are set per region, so we just have to hope a non cheater does not get an IP from the range we ban. Share this post Link to post Share on other sites
GanjaSmuggler 0 Posted July 8, 2004 backwods is right. Admin must do something I have seen cheats that can not be detected by any file checkers. I myself have tested one hack that makes you able to do anything and I got onto many resi 1.96 servers with out being cought. Except KC server. Their file checker worked. and no I'm not a cheater tested it once and removed it for good. So don't call me one Share this post Link to post Share on other sites
benu 1 Posted July 8, 2004 Yeah, block my ip. I get a new one in about one second and it will not be the same. I checked my logs i never had the same ip twice. Ban my ip range and you ban about 95%-98% of all gamers from my country. In other words: in many cases ip bans are WORTHLESS. OTOH i haven't seen a single cheater yet. Share this post Link to post Share on other sites
NKVD 0 Posted July 8, 2004 benu, cuz u don't play much do you ? Share this post Link to post Share on other sites
backwoods 0 Posted July 8, 2004 Yeah, block my ip. I get a new one in about one second and it will not be the same. I checked my logs i never had the same ip twice. Ban my ip range and you ban about 95%-98% of all gamers from my country.In other words: in many cases ip bans are WORTHLESS. OTOH i haven't seen a single cheater yet. If that is what I have to do Benu, Â Then I will do it... If your get a Dynamic IP between 217.95.197.1 - 217.95.197.255 then your ass stays behind my firewall... I just think its sad that nothing is being done by BIS, and server owners like myself are forced into new drastic measures... Benu, ISPs dont allow each user access to unlimited DHCP addresses, Â try refreshing it now... I bet you within an hour you will get the same 3 IPs on the same subnet. Â There is not a pool of thousands of IPs for you to choose from. Â Most of those IPs are leased to other clients for an amount of time. I am not suprised you have not noticed any cheats, sometimes what you think is lag is actually some one limiting their bandwidth. If you want some education on what to look for I would be happy to help you out, the most powerful tool against cheaters is just being educated about whats out there. Share this post Link to post Share on other sites
benu 1 Posted July 8, 2004 As i said, i checked logfiles. I NEVER had the same ip in many many month, as far as my logfile dates back. And you can ban my ip range as much as you want as i have my own server and will play only there anyway. I just wanted to demonstrate that banning ips and ip ranges is pointless. If you really want to ban my ip-range, it is 80.138.85.x right now. You might check into editing the routing tables, might be easier for what you want to do. If i really were into that stuff i would just dynamically block the ip of the cheater based on his name or ofp id. But i am not. Oh, and as you are into collecting subnets to block, here are the ips i used in the last month: <table border="0" align="center" width="95%" cellpadding="0" cellspacing="0"><tr><td>Code Sample </td></tr><tr><td id="CODE">80.138.81.x 80.138.82.x 80.138.83.x 80.138.84.x 80.138.85.x 80.138.85.x 80.138.86.x 80.138.86.x 80.138.87.x 80.138.87.x 80.138.88.x 80.138.89.x 217.229.129.x 217.229.130.x 217.229.131.x 217.229.131.x 217.229.134.x 217.229.137.x 217.229.138.x 217.229.139.x 217.229.142.x 217.229.143.x 217.238.63.x 217.83.192.x 217.83.193.x 217.83.194.x 217.83.194.x 217.83.195.x 217.83.202.x 217.83.202.x 217.83.205.x 217.83.206.x 217.83.206.x 217.83.207.x 217.83.207.x I checked before x'ing out the last number, EACH ONE was used only once. NKVD: no, i don't play much. Only a few hours nearly every day since ofp v1.0 is out. Oh, and before that other games. But i don'T play on just ANY server. Strangely i met cheaters in other games seldom either. Maybe you guys are just playing with the wrong type of people... Share this post Link to post Share on other sites
MSpencer 0 Posted July 8, 2004 I have had to ban who knows how many people. Most of them have been from Germany and England, speaking little to no English (I know, that's really bad), and then turning on a god cheat, or unlimited ammo (Seen very well in WGCTI when a T80U shoots 4 missiles at you in a second), or even a console hack to drop LGBs everywhere. In OFP2 there must be an IP ban option for admins. Share this post Link to post Share on other sites
backwoods 0 Posted July 8, 2004 As i said, i checked logfiles. I NEVER had the same ip in many many month, as far as my logfile dates back. And you can ban my ip range as much as you want as i have my own server and will play only there anyway. I just wanted to demonstrate that banning ips and ip ranges is pointless. If you really want to ban my ip-range, it is 80.138.85.x right now.You might check into editing the routing tables, might be easier for what you want to do. If i really were into that stuff i would just dynamically block the ip of the cheater based on his name or ofp id. But i am not. Oh, and as you are into collecting subnets to block, here are the ips i used in the last month: <table border="0" align="center" width="95%" cellpadding="0" cellspacing="0"><tr><td>Code Sample </td></tr><tr><td id="CODE">80.138.81.x 80.138.82.x 80.138.83.x 80.138.84.x 80.138.85.x 80.138.85.x 80.138.86.x 80.138.86.x 80.138.87.x 80.138.87.x 80.138.88.x 80.138.89.x 217.229.129.x 217.229.130.x 217.229.131.x 217.229.131.x 217.229.134.x 217.229.137.x 217.229.138.x 217.229.139.x 217.229.142.x 217.229.143.x 217.238.63.x 217.83.192.x 217.83.193.x 217.83.194.x 217.83.194.x 217.83.195.x 217.83.202.x 217.83.202.x 217.83.205.x 217.83.206.x 217.83.206.x 217.83.207.x 217.83.207.x I checked before x'ing out the last number, EACH ONE was used only once. NKVD: no, i don't play much. Only a few hours nearly every day since ofp v1.0 is out. Oh, and before that other games. But i don'T play on just ANY server. Strangely i met cheaters in other games seldom either. Maybe you guys are just playing with the wrong type of people... Are you asking me to ban you because your a cheater? Would this be preventitive maintnance? Share this post Link to post Share on other sites
russin 0 Posted July 8, 2004 id like to see OFP core files kept from public this way they have no tools to cheat i no OFP was not that bad untill they realeased the CODE!!! and have more addon packs released from BIS releasing the code justs brings the cheaters from far and wide Share this post Link to post Share on other sites
number23 0 Posted July 8, 2004 "security by obscurity" never works. i doubt the possibility of making decent addons without any of the information derived from the "core-files". remember BF1942. without BIS releasing information there would never have been wgl, coc ua, ecp... Share this post Link to post Share on other sites
benu 1 Posted July 8, 2004 I don't cheat. And even if i did you couldn't ban me as i play on my own server only. So only i could ban myself But do as you wish... I just wanted to make a point: banning by ip is pointless in many/most cases. Look at my ips, not one was used two times. I can reconnect in 1 or 2 seconds. If i WERE a cheater you would have to ban my whole ip range. And then the next. And two seconds later the next. Until you have all the ips of the largest german isp banned. And then you will have a good part of the community banned. If you are so afraid of cheaters then put a password on your server and play only with people you trust. MSpencer: guess what, most american and british players coming to my server don't speak german either. And although we speak mostly german in ts, when we have english(-speaking) players on we try to translate at least the on-topic stuff to english. But not every german speaks english. Do you want to hold it against them? How many americans speak german? russin: the cheats have nothing to do with "the source going public". I am not sure what you are talking about, the config and the addons have been "public" for a long time. And executable never was public but there are hacked executables going around. And there are cheats for all games, even for those where no "source has been released". Cheat programmers are often little geniuses. They don't need "source" when they have (dis)assembler. Share this post Link to post Share on other sites
backwoods 0 Posted July 8, 2004 I didnt bother to read you post Benu, I was just curious on why you were so defensive... But seen as how you never seen a cheater and you dont play on any other servers, maybe its safe to say you are either not educated about cheats, or you dont care if people use them on your server. Because my friend they are out there... Share this post Link to post Share on other sites
backwoods 0 Posted July 8, 2004 It makes me sad because if this continues, we may as well invest our time in another game... why cant their be some cheat prevention software like Valve created? Share this post Link to post Share on other sites
Balschoiw 0 Posted July 8, 2004 Where is the problem with cheating in OFP ? Right, there are tools and such but seriously, I haven´t met a cheater for over 2 years now. Maybe it´s because we play coop only, I don´t know. To ban IP ranges means nothing. It will only bring the melting online community down. In fact : Has anyone had had serious trouble with cheaters lately ? In OFP you find cheaters very fast. Kick them and ban their player ID. That should do it. Share this post Link to post Share on other sites
edc 0 Posted July 8, 2004 While I've only played MP for about a year, I can only think of once or maybe twice that I've been in a game where there was a cheater. And it was handled very quickly, once there were found they were kicked and didn't come back. Share this post Link to post Share on other sites
benu 1 Posted July 8, 2004 It makes me sad because if this continues, we may as well invest our time in another game... why cant their be some cheat prevention software like Valve created? Yeah, like other games have no cheats. Tell me one game that does not have cheats. Even HL/CS has lots of cheats. I have been server admins for several cs servers for several years. And i still have contact to some of my old clanmates. I know a lot about cheats, trust me. I didnt bother to read you post Benu, I was just curious on why you were so defensive... But seen as how you never seen a cheater and you dont play on any other servers, maybe its safe to say you are either not educated about cheats, or you dont care if people use them on your server. Because my friend they are out there... I know what kind of cheats are out there. I am really educated about this. I don't have an opinion that is different from yours because i am stupid or dumb. It's just a matter of mentality i guess. Banning lots of innocent players in the same subnet just because of one cheater, who will change his ip, his subnet and his id and come back just doesn't seem right to me. But it doesn't have to, it is your server and you can do what you want. But actually, coming from cs community (lovingly called cheater-strike), i see a game killed by an unfriendly community and a cheater paranoia. Yes, there are cheats for cs and they are in use, even more than in ofp. But i have seen by far more good players insulted, kicked and banned as "cheaters", than actual cheaters. EVEN IN CS. Those lamer-dm-kids who cry cheater whenever they get killed poisoned the community with their spirit of cheating. So i don't like cheats hysteria and i don't like overreacting because of something PERCEIVED as cheat. Share this post Link to post Share on other sites
sicilian 0 Posted July 9, 2004 @backwoods Benu is right. You can't ban IP ranges of 254 because only one of these IPs was related to a cheater. And as you can see in benu's IP log he got even other ranges. So you will be banning more ppl as your intention was and you will never check that out... Yes it is a problem at these times doing anything against cheats but this is definitively the wrong way! You talked about ID changer.... Have you logged any IDs where you can say they came from a ID changer? If yes, then send them to me. I got an idea for autobanning wrong IDs. This is my offer to you! Share this post Link to post Share on other sites
darkpeace 0 Posted July 9, 2004 I am working on a CRC utility (with many uses) and eventually (give me a few months in C++) I may be able to setup an authenication that is far better than most games have these days. (Well better than Steam, but then again, what could be worse) Would be like joining a game hosted on a Virtual Private Network (VPN) just without stopping all other internet access to the user (it would work completely differently to this, just to the user the visual differences would be minimal) Eg: Username + Password + Player ID + CRC32 check of common files that server permits + Check for ANY extra files, and not CRC32 them, just deny access until they are removed, or moved to an addon folder. These days people make 1 (or more) Addon folder per server they play on (to avoid conflicts with Addons) and free resources on their systems for smoother gameplay. So I DO NOT see the "Check for ANY extra files, and not CRC32 them, just deny access until they are removed, or moved to an addon folder." part of authenication breaking anything. If you know of any other cheats, post em here, I keep my ears open, but what we really need is: 1) A cheating death for flashpoint (sure they can cheat undetected today, what about tomorrow, well tomorrow a lifetime ban is waiting) 2) A international register of all Player ID's and where they where last based by Country 3) The ability to record MP games, just like in goold old DOOM (I currently use a loopback video capture card at 720x576x25 fps and record to a raid array, JUST IN CASE, also good for OFPR Music Videos) (PS: Recorded game files are smaller than people think, and the admin could toggle it on/off silently to save even more space, the warning will deter most people, anyway who says recorded game files will be huge has no idea of the coding involved) 4) The sort of authentication above (or better) as outlined by myself (don't CRC32 everything, just the server required files, and if any extras are found, just drop the played until they sort their server addon collection. 5) A server addon collection manager, like OFPwatch 6) OFPwatch (get it now it rules), the next best thing to "join in progress" IMHO Share this post Link to post Share on other sites
darkpeace 0 Posted July 9, 2004 Double Post, so not extra stat: PS: I am not kidding about the VPNs either. Make your server double as a VPN server, host a webpage, make sure locals know about it, etc Sure beats having cheaters and strangers if you host on a private 'WAN' as such, as every single player is known by the admin, with their own username & password. To work around the invisible server issue, just host a 0 player server outside of the VPN, with just the web address of how to register as a player of that server. (Sure its more work for admins, it is only optional, and does add some lag, but it stops ALL CHEATERS, and any assholes get banned by ID, and also have no way to authenticate to the server) This may sound really complex, but in fact it is only a 90 minute job, and well worth it, even with the additional lag / overheads of a VPN. It can (to a degree) also ensure the player is not uploading or downloading anything (to cheat or otherwise) thus affecting their ping, and everyone elses 'perception' of that player, since once they join the VPN, unless they know how to edit their routing tables, they will lose internet access, and gain VPN only access. Its also good, as 'My Network Places' shows the shares on the server when they authenticate, and you can bandwidth control their usage (or host an FTP as normal, so they can use the Internet while downloading addons) Also to the above, we also need a Server Addon manager tool, that helps players remove old addons, setup (multiple) addon folders per server, etc, etc I am sure these 2 last posts will spawn HEAPS of FANTASTIC ideas Share this post Link to post Share on other sites
sicilian 0 Posted July 9, 2004 3 things related vpns: Network performance decreases -> pings will get higher! Everyone has to install vpn client and be sure not every server admin will/can use the same software. So everyone has to install multiple vpn clients where you cant be sure all will work properly! If you've been connected to the vpn you are in a "local" network with the other players. Your pc will be attackable more than through inet if any player got bad ideas! Remember that! It begins with your shares... and could and with a complete system death. I would never join to a vpn where I don't personally know the others! Expansion: Plz forget CRC32! This algorithm is to old for nowadays! It could be used to make sure files are uploaded/downloaded correctly but in security it is not a standard at all! If you want to do something use md5 or sha or anything else... Share this post Link to post Share on other sites
RN Malboeuf 12 Posted July 9, 2004 what i am confused about is what the problem is The RN server has been running for three years, more then any of yours, we see our share of cheaters, we probly cry about them more then others, but why do we have only 4 players banned on our server and not hundreds like the others the ablitly to anoy cheaters and making them not come back we do this by doing both, IP range banning (it bans 256 ppl not the whole country) and ID banning we remove the IDs later because we know they are done and gone and we try to avoid the little kiddie fights you all seem to get into every single day Share this post Link to post Share on other sites
RN Malboeuf 12 Posted July 9, 2004 also any work on vpn or secure client conections is way to pointless this late into the game the OFP Community is at its lowest, wait till OFP2 comes out, there are all ready guys working on this that know allot more then you guys do Share this post Link to post Share on other sites
sicilian 0 Posted July 9, 2004 it bans 256 ppl not the whole country Nice reading this! Very nice, banning 252 ppl because one of them was propably cheating! If you think your're right, go on with it. PS: For your info: Only 254 are possible. And be sure. It's our task to do anything now! Share this post Link to post Share on other sites
