Page 4 of 5 FirstFirst ... 2345 LastLast
Results 31 to 40 of 46

Thread: [NEW ANTICHEAT] AlphaMAC Is BACK!!!!!!

  1. #31
    Developer RyBack's Avatar
    Join Date
    Apr 2014
    Location
    In Front of the screen
    Posts
    1,603

    Default

    screenshots are accessed from servers page on the top of site.
    yes hardware id exists. but bans are yet to be activated.
    The reason i take so long is because i tighten up every thing in the program, make sure there are 0 exploits.

  2. #32
    Developer Todesengel's Avatar
    Join Date
    Dec 2013
    Location
    St. Louis, Missouri, USA
    Posts
    276

    Default

    I've spent some time with it, and it's heading a direction that I really like. Can't wait to see the next phase! THANKS RYBACK!!!

  3. #33
    Developer RyBack's Avatar
    Join Date
    Apr 2014
    Location
    In Front of the screen
    Posts
    1,603

    Default

    Ah you're welcome
    expect more

  4. #34
    Developer Todesengel's Avatar
    Join Date
    Dec 2013
    Location
    St. Louis, Missouri, USA
    Posts
    276

    Default alphamac feedback

    Ok, I have played with AlphaMAC and have a bit of feedback to share FWIW....

    1) Again, it is really fantastic to see this being worked on. It's probably one of the things that will really bring some folks back to mohaa. Kudos to Ryback! Please keep at it!

    2) The AC checks for both file name *AND* it's hash. I simply cannot use that. Almost every player has taken a common file/mod and renamed it. At the very least, by convention they put some random number of Z's on the front to change load order for their particular mix of mods, skins, etc. In other cases, they may change the name for a variety of reasons. As a server owner, I'm really glad I can whitelist or blacklist mods I want players to be allowed to use or not use (obviously, at the least my server skin packs and custom map packs). Good thought Ryback, I didn't envision that option originally (assumed that would all be set by master server). BUT... there's no way in heck I am going to take the time to whitelist 100 different files that are all the same except for the filename. And how many Z's are required will be different for each user likely. That will yield false positives, and after a number of those the AC would fall into disuse as 'not accurate'. Simply put... the easier and IMHO more straightforward and reliable thing is to ignore filenames, just generate the md5 for the current file (whatever it's named), and then check that hash against the list of hashes. You also can't assume it's Z's and just allow for that single case... as I for example renamed all my custom pk3 add-ons TPxx-whatever.pk3 where xx is a two digit number so I can ensure (and quickly/easily change) load order WITHOUT having to squint or put my finger on the screen and try to count Z's, or discern upper case Z's from lower case ones.... so... why bother with the file name at all? And that's just for whitelists.... if you consider blacklisting.... that's useless if all they have to do is change the file name (but yeah, it would probably be caught by md5 in that case?).

    3) The 'pure' classification from the AC assumes that the files match the hash of ryback's 'pure mohaa distribution'. I don't think that is realistic on two levels. First, there are perfectly valid game-supplied pk3 files that were different based on localization. One retail package has a pak6EnEU.pk3 for example. Others have slightly different md5's based on region sold or later versions or EA-supplied patches. All I can say is that if you install straight from a bonafide 1999/2000 US CD, and run the AC, it will say you are Dirty. That's not gonna fly. There were a handful of media releases, all should be added to 'ok'. Second, few users are going to be willing to mess with their current working install - you can't tell them "toss out your whole directory and use mine". Too many users are ingrained with weapon skins, pk3 loading order dependencies, etc. etc. At the very least, you should have multiple checksums considered pure, to account for these stock files that are really pure - just not YOUR single version of pure.

    4) As said above, I do appreciate the ability for a server owner to have a log in on the master server where they can whitelist/blacklist their own set of hashes for their server. Great idea. But I'm not at all happy that there isn't an overriding repository of 'we know these hashes are ok' and 'we know these hashes are bad' on the master server overall... for all servers. Because without that.... an unscrupulous server owner will whitelist known hack files so that they and their admins can hack. Sure, users could hack too... IF they knew the hack was whitelisted and which version (md5) to use. You can say 'oh, that's the server owners choice'. But if you have that.... you will not have people coming back to mohaa with confidence, which I believe is a primary goal. And I can think of at least 2 server owners that I am beyond positive that they will do just that. So I think there should be an additional level.... they could be called different things... but perhaps a level for 'pure according to the master server', then one for 'pure according to the local server'. They ARE different things and unfortunately need to be, and it should be highly visible for new players what each player is. Perhaps take the open source mentality, and make each servers allow/deny rules publicly visible. But there still should be a central authority if you want to bring players back....

    5) <soapbox>Ok, pet peeve of mine. DNS has been around a long time. It's a thing. What is this obsession in the gaming world with keeping track of servers by IP only?? That's just... odd to an IT guy For example, we set up our main server at mohaa.todesplace.org, the website is at www.todesplace.org, the teamspeak server is at teamspeak.todesplace.org, the development/test server is at dev.todesplace.org.... once my users know the todesplace.org domain, they can remember everything MUCH more easily than xxx.xxx.xxx.xxx. Please for the love of ${dietyOfChoice} let us put in host names instead of only IP addresses in the anticheat IP addresses do change, and there is absolutely no reason to make that process difficult by only using IP's as 'host names'. </soapbox>

    I'd love to hear different views on any of the above. Quite possibly I'm not seeing everything that should be considered. Just tossing out the above to get conversation going and get some thoughts out there... so we can always improve!

    Best,

    T

  5. #35
    Administrator James's Avatar
    Join Date
    May 2010
    Location
    on the intraweb
    Posts
    3,180

    Default

    Those are all great points, I've been out of the loop for a while with online gaming, but with regards to hashes and MD5, I'm pretty sure there are tools that allow people to spoof those checksum values. I'm not sure if this is still the case...
    Hypothetically speaking.... Let's assume someone is using this AC... Would they be able to debug your AC or somehow log what checksums are "approved", then if any files or pk3's get flagged, they can just modify the checksum on those files so they will get bypassed??? I'm just curious. Like I said, I've been out of the loop for a while with this stuff.

  6. #36
    Developer RyBack's Avatar
    Join Date
    Apr 2014
    Location
    In Front of the screen
    Posts
    1,603

    Default

    then if any files or pk3's get flagged, they can just modify the checksum on those files so they will get bypassed
    Change the file's checksum ? or change checksum variable in The anticheat ?
    if you're talking about the first question. That's nearly impossible AFAIK.
    The second one means bypassing the ac, which is highly unlikely .

  7. #37
    Administrator James's Avatar
    Join Date
    May 2010
    Location
    on the intraweb
    Posts
    3,180

    Default

    I mean it writes bytes or adjusts the binary to make the checksum = whatever you want. Basically spoof it.

  8. #38
    Developer RyBack's Avatar
    Join Date
    Apr 2014
    Location
    In Front of the screen
    Posts
    1,603

    Default

    that'd highly unlikely or even impossible.
    Even if that happened it's minor changes to switch to another better hashing algorithm.
    Last edited by RyBack; February 16th, 2018 at 10:43 PM.

  9. #39
    Developer RyBack's Avatar
    Join Date
    Apr 2014
    Location
    In Front of the screen
    Posts
    1,603

    Default

    Quote Originally Posted by Todesengel View Post
    Ok, I have played with AlphaMAC and have a bit of feedback to share FWIW....

    1) Again, it is really fantastic to see this being worked on. It's probably one of the things that will really bring some folks back to mohaa. Kudos to Ryback! Please keep at it!

    2) The AC checks for both file name *AND* it's hash. I simply cannot use that. Almost every player has taken a common file/mod and renamed it. At the very least, by convention they put some random number of Z's on the front to change load order for their particular mix of mods, skins, etc. In other cases, they may change the name for a variety of reasons. As a server owner, I'm really glad I can whitelist or blacklist mods I want players to be allowed to use or not use (obviously, at the least my server skin packs and custom map packs). Good thought Ryback, I didn't envision that option originally (assumed that would all be set by master server). BUT... there's no way in heck I am going to take the time to whitelist 100 different files that are all the same except for the filename. And how many Z's are required will be different for each user likely. That will yield false positives, and after a number of those the AC would fall into disuse as 'not accurate'. Simply put... the easier and IMHO more straightforward and reliable thing is to ignore filenames, just generate the md5 for the current file (whatever it's named), and then check that hash against the list of hashes. You also can't assume it's Z's and just allow for that single case... as I for example renamed all my custom pk3 add-ons TPxx-whatever.pk3 where xx is a two digit number so I can ensure (and quickly/easily change) load order WITHOUT having to squint or put my finger on the screen and try to count Z's, or discern upper case Z's from lower case ones.... so... why bother with the file name at all? And that's just for whitelists.... if you consider blacklisting.... that's useless if all they have to do is change the file name (but yeah, it would probably be caught by md5 in that case?).

    3) The 'pure' classification from the AC assumes that the files match the hash of ryback's 'pure mohaa distribution'. I don't think that is realistic on two levels. First, there are perfectly valid game-supplied pk3 files that were different based on localization. One retail package has a pak6EnEU.pk3 for example. Others have slightly different md5's based on region sold or later versions or EA-supplied patches. All I can say is that if you install straight from a bonafide 1999/2000 US CD, and run the AC, it will say you are Dirty. That's not gonna fly. There were a handful of media releases, all should be added to 'ok'. Second, few users are going to be willing to mess with their current working install - you can't tell them "toss out your whole directory and use mine". Too many users are ingrained with weapon skins, pk3 loading order dependencies, etc. etc. At the very least, you should have multiple checksums considered pure, to account for these stock files that are really pure - just not YOUR single version of pure.

    4) As said above, I do appreciate the ability for a server owner to have a log in on the master server where they can whitelist/blacklist their own set of hashes for their server. Great idea. But I'm not at all happy that there isn't an overriding repository of 'we know these hashes are ok' and 'we know these hashes are bad' on the master server overall... for all servers. Because without that.... an unscrupulous server owner will whitelist known hack files so that they and their admins can hack. Sure, users could hack too... IF they knew the hack was whitelisted and which version (md5) to use. You can say 'oh, that's the server owners choice'. But if you have that.... you will not have people coming back to mohaa with confidence, which I believe is a primary goal. And I can think of at least 2 server owners that I am beyond positive that they will do just that. So I think there should be an additional level.... they could be called different things... but perhaps a level for 'pure according to the master server', then one for 'pure according to the local server'. They ARE different things and unfortunately need to be, and it should be highly visible for new players what each player is. Perhaps take the open source mentality, and make each servers allow/deny rules publicly visible. But there still should be a central authority if you want to bring players back....

    5) <soapbox>Ok, pet peeve of mine. DNS has been around a long time. It's a thing. What is this obsession in the gaming world with keeping track of servers by IP only?? That's just... odd to an IT guy For example, we set up our main server at mohaa.todesplace.org, the website is at www.todesplace.org, the teamspeak server is at teamspeak.todesplace.org, the development/test server is at dev.todesplace.org.... once my users know the todesplace.org domain, they can remember everything MUCH more easily than xxx.xxx.xxx.xxx. Please for the love of ${dietyOfChoice} let us put in host names instead of only IP addresses in the anticheat IP addresses do change, and there is absolutely no reason to make that process difficult by only using IP's as 'host names'. </soapbox>

    I'd love to hear different views on any of the above. Quite possibly I'm not seeing everything that should be considered. Just tossing out the above to get conversation going and get some thoughts out there... so we can always improve!

    Best,

    T
    I replied to todes a while ago in pms about this essay and forgot to reply here.
    2-I could make a filename mask like !general or smth.
    3-There are a lot of mohaas out there and I don't have enough bandwidth to download them all.I allow language pk3 btw.
    4-Having a hack database would defy the reason of the current mechanism ! There are a lot of hacks too. I could make it a lot better but that later.
    I do have some unique hack detection techniques but they're not implemented yet
    5-Some people misused that so I decided to lay it of for a while. Also it becomes an issue when the hostname and the ip are both registered.

  10. #40

    Default

    is there a chance on a Breaktrough version?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •