Anti-Cheat Protection?

Got something on your mind about the project? This is the correct place for that.


Forum rules

This forum is for feature requests, content changes additions, anything not a Bug in the software.
Please report all bugs on the Support Forums

Post Reply
User avatar
Peacemaker
Novice
Novice
Posts: 96
Joined: 04 Apr 2005, 19:41

Anti-Cheat Protection?

Post by Peacemaker »

hi

Will there be a anit-cheat protection if the client and new Server reaches a final version?

I know, at the current developing phase such a protection makes no sense... because the client is changing often and many ppl compile there own (like me)... but I want to mention it ;)

I think that there are a lot people who wants to put on their own server... if tmw goes final someday :) and they surely want to protect their server somehow...

Here is a simple protection system, using md5 hashes.
http://www.rainbowsix.org/temp/tmw/tmw_ ... ection.png
There is a problem: the hash might be faked anyway on the way to the login-server... solution? maybe a closedsource launch application which hashes the client and challengeresponse it to the Server?
Peacemaker: Level 58 - STR 60+ / AGI 30 / VIT 36 / INT 5 / DEX 20 / LUK 5 - wiped because of inactivity... :(
User avatar
ktm
Novice
Novice
Posts: 201
Joined: 14 Jul 2005, 09:24
Location: Vokietija

Post by ktm »

keeping those checksums up-to-date is gonna be a real Female dog, wolf, fox or otter. good luck with that. i think since everything's open source there's no proper way to check that stuff client-side (heck, i dont even trust closed source clients that i wrote *myself*, since someone could have disassembled & "improved" them), so let the server do it (kinda like it's being done now: send only stuff the client absolutely has to know, and not a byte more). to protect from bots etc one could implement a captcha to do every full hour or so, but that'd be a major annoyance to regular players. the best way would still be the old-fashioned "gm watching players that behave suspiciously".
User avatar
ElvenProgrammer
Founder
Founder
Posts: 2526
Joined: 13 Apr 2004, 19:11
Location: Italy
Contact:

Post by ElvenProgrammer »

There are many ideas on our server development docs to prevent cheating. But they usually don't include hacking protection: everyone should be able to hack his client and play TMW if the client follows the server rules.
I guess you're referring mostly to what happened on the "Drunken snakes" event. Someone had his modified client version with auto pick up enabled. This is possible because eathena allows everyone to pick up dropped items (it sound strange to me though, since when I was playing RO that wasn't happening). Our server will of course prevent stealing of loot even with an hacked client. Using checksums is only useful for authentication which probably won't be a problem even when using our server, encrypted username and password should be more than enough.
Matt
Grand Knight
Grand Knight
Posts: 1759
Joined: 07 Aug 2004, 10:47
Location: Germany->Bavaria

Post by Matt »

My idea is that every sever has rules like "Speed is x", "You can only pick up items of monster that you killed", ... So you can hack your client as you wish without the possiblity of cheating.
User avatar
Bjørn
Manasource
Manasource
Posts: 1438
Joined: 09 Dec 2004, 18:50
Location: North Rhine-Westphalia, Germany
Contact:

Post by Bjørn »

Checksums make no sense in this open source project. Actually we should even be encouraging people to modify their client and distribute improved versions and contribute patches. All cheat protection will be done server side.

This does mean that banning bots will be more difficult. This problem is the same as banning misbehaving players in general though, and can probably best be handled by GMs as ktm said.

It could be cool to have a server on which bots are explicitly allowed, to see what people can come up with and potentially have bots vs bots fights.
User avatar
Peacemaker
Novice
Novice
Posts: 96
Joined: 04 Apr 2005, 19:41

Post by Peacemaker »

ok thanks

I'm not only referring to the event... The other topic in which somebody wants cheats was decisive for my topic...

another problem are hacked maps with no collisions. I didnt see ppl using it yet but a few months ago the desert map was updated via CVS for example... The CVS Players were able to see the other (monthly release) ppl walking through the fences because they used the old Map ... so it might be possible to leave a closed PVP Area while fighting?!? I think the new Server will check the corrds. serverside right? so that problem would be solved :) EDIT: Bjorn already answered it -> Serverside ;)

what about an optional action-recorder for clients? that actionrecorder should record every interaction in view... so user can record obvious interactions and submit it to the gm's? (i dont know which data the server sends to the client... so i dont know if its possible or not)
Peacemaker: Level 58 - STR 60+ / AGI 30 / VIT 36 / INT 5 / DEX 20 / LUK 5 - wiped because of inactivity... :(
Post Reply