Sorry to say...
#31
central deban has been known to fail just like central admin has occasionally. it is obviously OS' idea and is a nice thought, but I don't see that ending well personally.

also, yes americas include central and south america.

also, I like the idea about making fixed client numbers or having registered accounts to play the game. That might be a B**** to implement but it could maybe alleviate some of the ban issues?
Thanks given by:
#32
There is a central auth system. I'm not sure if the devs know how they are going to implement it or even how to use it (now that flow is gone).
Thanks given by:
#33
jamz has been so nice to provide me with some ranges that he asked me to use instead of the /8 ranges.
I will try using them.
This will make some of the bans be lifted, but other innocents will still be banned.
Thanks given by:
#34
f2................
Thanks given by:
#35
(12 Feb 12, 09:43PM)tempest Wrote: Re "advanced" banning:
Mac address is not an option - it's unique, but the server never receives the client's Mac address, only that of the last switch/router/... in the chain, i.e. it's useless.
Unique IDs wouldn't be a reliable option even if the game was closed-source. Everything that happens on the client, and everything sent over the client's network interface, can be modified.

Gonna disagree on a few points here.

Firstly, it would be easy to have the client send their MAC address to the server. The issue with this is that MAC addresses are easy to spoof, and so that's barely a level of security.

Secondly, Unique IDs would be a reliable option, even with an open source game. Here's how:
1. Client registers on the AC website. They get a randomly generated (and very long) id from the site.
2. Every time the client wants to play on any server (or even to query the masterserver), they send their ID (this will be done automatically, you don't need to type it in or anything silly like this. Think of it as being similar to an SSH certificate).
3. The server checks the ID with the masterserver. The masterserver lets the server know if the player is blacklisted based on the ID.

These IDs would be impossible to guess, because they would be randomly generated and extremely long.
It doesn't matter if multiple people share the same ID, because if one of them hacks, they all get blacklisted.

The only issue with this system is finding a way to stop people from getting a new ID: meaning if some hacker asks for a new ID, the system should be able to do an IP check or something similar to keep them from getting one.
Thanks given by:
#36
(14 Feb 12, 06:49PM)Zarj Wrote: Firstly, it would be easy to have the client send their MAC address to the server. The issue with this is that MAC addresses are easy to spoof, and so that's barely a level of security.
Yeah, but that's merely a way to get a "unique" ID, nothing else. It can still be modified quite easily, plus many network cards and OSs actually let you change the MAC address.

(14 Feb 12, 06:49PM)Zarj Wrote: Secondly, Unique IDs would be a reliable option, even with an open source game. Here's how:
[...]
The only issue with this system is finding a way to stop people from getting a new ID: meaning if some hacker asks for a new ID, the system should be able to do an IP check or something similar to keep them from getting one.
Wait, do you notice a pattern here? What was the problem we were trying to solve, again?
This whole "unique ID" business simply won't work reliably until you make sure that each player can get only one ID. For commercial games, this is fairly easy, because getting a new ID means you'd have to buy the game again (although nothing stops you from doing that). It's even easier for systems like Steam, because AFAIK if you get caught cheating with a certain Steam account, the IDs for all VAC-secured games associated to that account get blacklisted.
For an open-source game, I doubt this problem can be solved reliably.
Thanks given by:
#37
(14 Feb 12, 07:35PM)tempest Wrote:
(14 Feb 12, 06:49PM)Zarj Wrote: Firstly, it would be easy to have the client send their MAC address to the server. The issue with this is that MAC addresses are easy to spoof, and so that's barely a level of security.
Yeah, but that's merely a way to get a "unique" ID, nothing else. It can still be modified quite easily, plus many network cards and OSs actually let you change the MAC address.

Yes, that is exactly what I said... :p

(14 Feb 12, 07:35PM)tempest Wrote:
(14 Feb 12, 06:49PM)Zarj Wrote: Secondly, Unique IDs would be a reliable option, even with an open source game. Here's how:
[...]
The only issue with this system is finding a way to stop people from getting a new ID: meaning if some hacker asks for a new ID, the system should be able to do an IP check or something similar to keep them from getting one.
Wait, do you notice a pattern here? What was the problem we were trying to solve, again?
This whole "unique ID" business simply won't work reliably until you make sure that each player can get only one ID. For commercial games, this is fairly easy, because getting a new ID means you'd have to buy the game again (although nothing stops you from doing that). It's even easier for systems like Steam, because AFAIK if you get caught cheating with a certain Steam account, the IDs for all VAC-secured games associated to that account get blacklisted.
For an open-source game, I doubt this problem can be solved reliably.

This is a little different from just a straight up IP ban, and would allow more control over who gets an ID. For instance, problem ranges (like the 188 and 189 ranges) could require manual activation of the ID. I'm sure we could find 15-20 community members who would be willing to do stuff to check this.
Thanks given by:
#38
lol, thx?
Thanks given by:
#39
Thou hast released the BanHammer of Justice!! May thou use it wisely in thy quest to vanquish the uberqueens on the Evil Hackanatrix!!
Thanks given by:
#40
a small software that reads your hardware settings and make a unique id out of that.. you can't start playing online until you installed that extra check software which check against master server before trying to connect?

-Wierd i know.. -blame me xD
Thanks given by:
#41
(16 Feb 12, 06:54PM)MorganKell Wrote: Thou hast released the BanHammer of Justice!! May thou use it wisely in thy quest to vanquish the uberqueens on the Evil Hackanatrix!!

hey want to skype

please
Thanks given by:
#42
(17 Feb 12, 06:28AM)Undead Wrote: hey want to skype
please
Lol so relevant to the matter at hand.
Thanks given by:
#43
// Mod edit: Added spoiler tag
Thanks given by:
#44
I would Undizzle but the Brahma has hacked my internets away from m. :*(.
Thanks given by:
#45
Feel free to close this thread.
I have said my part in the matter.

Oh, i can do so my self.

Anyone has any constructive to add, feel free to PM me or any other mod and we will open it.
Thanks given by: