Cheat-catching parameters - Page 2

FIREk · 2011-09-18, 02:02 PM

If you ban someone's IP address, they will contact Support, claiming that they're a different person and have no idea why they're banned. Having no evidence against this claim, Support would just unban the IP.

If you fish out the local IP as well, they can either change the IP in the router's setting, or claim to live in the same building. Again, Support would have no choice but to unban the IP.

That's why IP baning doesn't take place in massive games. It can work on your favorite CS/TF2/CoD4/other server, but not in a massive game.

Brusi · 2011-09-18, 05:09 PM

+1 Devs/Community Agents playing the game. If they are getting pwned by hackers, it'll be coming up at the next meeting for sure, lol!

But seriously, this is something that both makes an MMO successful and that a successful MMO is able to afford. On-going quality assurance testing and support.

Outside of an APB type situation, where the game had problems with hacking from launch, i would say this would at least have the most impact on players perceived level of hacking in PS2. Something which i feel is almost more important.

Definitely an important topic, due to the free to play decision.

Infektion · 2011-09-19, 12:34 PM

Just ban subnet :P

MAC cloning or spoofing is way to easy.
If they ban the router/modem MAC, then that would be awesome. It's not so hard to get that with a CLi command, and only a dedicated hacker would go through the trouble of changing the gateways MAC.

PB DOES suck and I've gotten kicked for no reason.

VAC is good, from what i've seen.

give them OS License? LOL yea ok... because there are thousands of players using cracked version of windows, and most of them are gamers... good one.

I wouldn't be surprised of atleast six thousand people using a single windows 7 license with a WAT crack and updates turned off, and WGA disabled... not that I would know anything about that

Traak · 2011-09-19, 12:42 PM

Originally Posted by FIREk

If you ban someone's IP address, they will contact Support, claiming that they're a different person and have no idea why they're banned. Having no evidence against this claim, Support would just unban the IP.

If you fish out the local IP as well, they can either change the IP in the router's setting, or claim to live in the same building. Again, Support would have no choice but to unban the IP.

That's why IP baning doesn't take place in massive games. It can work on your favorite CS/TF2/CoD4/other server, but not in a massive game.

Ah, but it would take time. And having to spend time while you get your IP ban lifted, PS support can use that time to run a scan of your game files.

And get you to run some PS-specific diagnostics that look for stuff they know cheaters use.

I think there are methods that could be used to, as I said, apply a constant pressure against the cheaters.

There are people who know far more than I do, so I'm throwing ideas out there.

PS1 had close to no support on this issue. I suspect PS2 will not suffer the same fate.

**Malorn** · 2011-09-19, 12:50 PM

The cert system being an over-time thing makes the consequences for cheating gradually get more severe as they play the character more, as losing it loses the benefits of all that time playing. But it won't stop brand new characters or the flying MAX of Doom that we've seen in PS1.

I like the idea of flagging for abuse. It would help catch players that slip under the radar also because eventually they'll pile up a fair amount of flags and we can get the Eye of Sauron gazing upon them.

The flag interface should include a list of players you can click on so names like IlIlIlIlllIllllI are just as easy to flag as names like bob.

I also think it's important that outfit be included in the abuse flag to help prevent against abuse of the abuse flag, or give people a certain number of abuse flags per day. on the back end someone who does a lot of spiteful flagging can just be ignored on the system.

Flag for abuse is good. Puts power in the players hands so we arent entirely at the mercy of a system or petitioning to get rid of a hacker. It will make the jobs of those looking for cheaters easier as well since the flag system gives them a nice sorted list of who to look at.

History of flags should not ever be erased either. Just because someone who looked at a suspected cheater and didn't see anything doesn't mean that they aren't cheating so history should be viewed.

The right flag metric should also be used. Values such as...

- Total Flags received
- Flags per-unit-playtime received (divide flags by minutes or hours played). This is an important metric so you get the proper weight of playtime, as everyone will eventually accumulate flags over time. Blatant cheaters on new accounts will ahve very high number of flags-per-unit-playtime, while cheaters under the radar will have a higher-than-average number.
- Average flags per-unit-playtime across the population (excluding confirmed cheaters). Measuring what the typical population has in terms of flags will help spot abnormalities.
- Flags received in the last hour. This is a metric for finding people who might have enabled their cheats or are just blatantly cheating who are likely to get caught in the act. This just helps those watching to prioritize who they look at. Start with those with the most recent flag activity.

Also, someone should be able to flag another person multiple times, but only after a certain amount of time has passed (like a day).

I would really like to see this flagging system implemented & used by the anti-cheat service.

Traak · 2011-09-19, 01:26 PM

Well said. A sudden flurry of flags could result in an almost instant response from the devs, who would want to catch a cheat in action.

I really don't think cheats will be so prevalent this time around.

Wahooo · 2011-09-19, 02:01 PM

Originally Posted by Traak

I really don't think cheats will be so prevalent this time around.

???????
HUH?!?!

Why would you think this?

Traak · 2011-09-19, 02:10 PM

Originally Posted by Wahooo

???????
HUH?!?!

Why would you think this?

The indications that we have been getting from the devs. Such as SS and CS portions of the coding, not just all client side, as an example.

I didn't mean people wouldn't be TRYING to cheat. What I mean is that I don't think they will be so completely overrunning the servers unchecked.

Atuday · 2011-09-20, 01:57 PM

Number one thing to stop cheating players is in line packet analysis of the network traffic. This would also give a massive edge over things like Anons doing a DDOS attack against planetside2 servers.

In short if we want to stop the hacks then we need real people on site in some form to look at reports, look at log files, look at screen shots, THEN BAN HAMMER THE FUCK OUT OF THOSE CHEATING ASSHOLES!!!

Some one mentioned VAC. The reason VAC works is because your game is tied to you steam account. If you get hit by VAC you have to go out and buy another copy of the game before you can hack on the same sever again. Plus if there are enough VAC bans against your account Valve starts to take a good hard look at your activities.

FIREk · 2011-09-22, 06:07 PM

This isn't anything too important, just another reassurement (is this even a word?) that SOE at least wants to treat cheat protection seriously:
http://forums.station.sony.com/ps/po...6&#88000469104

NapalmEnima · 2011-09-22, 06:40 PM

Originally Posted by FIREk

This isn't anything too important, just another reassurement (is this even a word?) that SOE at least wants to treat cheat protection seriously:
http://forums.station.sony.com/ps/po...88000028136�

"reassurance"

FIREk · 2011-09-22, 06:41 PM

Originally Posted by NapalmEnima

"reassurance"

Thank you, sir. Me no speaky the English.

NapalmEnima · 2011-09-23, 05:30 PM

Originally Posted by IDukeNukeml

someone with a simple knowledge of packet editing can cheat at the game... someone with a great knowledge of packet editing can be another rick rolled....

False.

I'll bet you a Large Stack of Money that the packets will be encrypted. Looking at them won't tell you anything. Changing them will break them.

Now, anything your computer knows how to ENcrypt, your computer also knows how to DEcrypt. Hackers will eventually manage to figure out how to decrypt packets if they work at it long enough. SOE can make this Very Hard, but they can't make it impossible.

So a simple knowledge of packets just isn't going to cut it.

And there's more SOE can do. They can change encryption protocols with point releases. They can change the order fields are defined in the packets, perhaps even with the preprocessor. So they can break hacks with every release... and if they're clever they can break the hacks in a way that they can detect, hunt down, and KILL. Say they just change the checksum generation. Now the old hacks think they work, but they're actually getting themselves flagged as dirty cheating whores.

So the devs wait a couple weeks, build a nice long list of accounts to ban, and boot all those fuckers. They can look at IP addresses. If no one but cheaters is coming from a particular IP, ban it. When someone comes along and asks for that IP to be reopened, you do so, and stick all players from it on a "high risk" list for extra scrutiny from the server.

NapalmEnima · 2011-09-23, 07:17 PM

Originally Posted by IDukeNukeml

Encrypted pack X that is sent doing Y action = packet.
Packet analysis (takes about 3 minutes) can show you what encryption they are using if it's a commonly known protocol OR. take 8 hours with a good machine, and run through decryption software... damncheaters have teams they PAY to do this... simply encrypting the packet will do nothing but slow them down a day.... they could do alternating encryption but it will cause lag.

So don't rely on network encryption. Have the software itself jumbling the bits around prior to giving them to the network to handle.

And I have trouble believing that standard modern packet encryption techniques can be so trivially broken.

Hmmm... actually I can think of a way that wouldn't even require cracking the game, "just" the OS.

NapalmEnima · 2011-09-23, 08:32 PM

Originally Posted by IDukeNukeml

I think im on the same page as you, I also realize they are ways to modify the OS to do certain things..... but that is why most game developer's dont go linux.... well not BECAUSE of it.. but unix based systems are very easily manipulated.

If you set the encryption locally, you are giving the bad guys ammo like no other... I'd say burst the encryption, remove it, add it back... this saves on netcoding and keeps the lag to a minimal.

You really want it all encrypted from day 1. Makes it harder to figure out your packet structures, even if all you're doing is reducing the number of people capable of taking a look.

You can skip it for some stuff... text/voice chat between clients, but for client<->server communication you really want crypto from the start.