Anti-Cheating Disussion

Currently viewing this thread:

yami_pirate

Sergeant Knight
Best answers
0
Namakan said:
So who hijacked my post to make it into a thread?
I did! It was getting long and cluttering up the semi-finals thread, but it's an interesting discussion that deserves a cozy place of its own :grin:
 

OurGloriousLeader

Grandmaster Knight
Best answers
0
The easiest way without rewriting a new module for admins is to just limit the password distribution and reset the password before officials. Seems like some don't care though as within 24 hours of the troll banning on Sunday we had an unknown player (at the time) with admin in a Tq vs Fearless match. Considering the password had been reset less than 24 hours previous and given to very few people, we have a small pool of players obviously happy to share the password despite knowing what it can do.

As of now we'll be banning players we can't identify with admin and anyone discovered to be handing the passwords out like candy will likely see some punishment.
 

MaHuD

Section Moderator
WBM&BNWWF&SVC
Best answers
1
The admin ID checker could just be server side, no need to rewrite admin module.
 

Alene

The Queen of Diamonds
Archduke
M&BWBWF&SNWVC
Best answers
0
MaHuD said:
The admin ID checker could just be server side, no need to rewrite admin module.
Oh right, that would be a lot more simple thing to script. Earlier we tried to make a system that gives admin based on ID, and that needed client side mod as well, otherwise the client did not know it had admin.
 

Namakan

Master Knight
M&BWBWF&SNWVC
Best answers
5
Alene said:
MaHuD said:
The admin ID checker could just be server side, no need to rewrite admin module.
Oh right, that would be a lot more simple thing to script. Earlier we tried to make a system that gives admin based on ID, and that needed client side mod as well, otherwise the client did not know it had admin.

For Native, you'd have to have an updated client version, otherwise you run into what Alene mentioned. The only way  around it would be to still give out adminpasswords and then check if the person that joins with it has permission to do so, which I can see making trouble.
 

MaHuD

Section Moderator
WBM&BNWWF&SVC
Best answers
1
Yes, that is exactly what I suggested.
Passwords are still given out, but only those that are on the ID list can actually make use of it, others will get banned.
 

Oliveran

Master Knight
WB
Best answers
0
I've used Gotha's Adimi Tools, and implemented all ECS settings (classes, flags, maps) on it. Gotha has a built-in ID-based admin system; I've personally tweaked around in the code and changed access on the different admin levels (for an example, trial-admins on IGBG can only temporarily ban, kick, write in the admin chat; that's it).

It can be so that ADMINS are the only ones with perma ban options; the rest (at the most) with tempban, or no ban at all; everyone can change map. It's easy to implement, and while this could be added, I think adding a rule for only registering one ID to use for matches would be a good idea... And IP checkups on every player so there's a (general) location added to each player (so that "IG_Oliveran" suddenly isn't playing from Austria instead of Sweden...), and so on. Has been long enough where there's been no system to root out cheaters and multi-clanning players.

MaHuD said:
Yes, that is exactly what I suggested.
Passwords are still given out, but only those that are on the ID list can actually make use of it, others will get banned.
Why any password? They're not needed; IDs to team-leaders only removes the overuse of the servers as it currently is. Teams register 2-3 leaders anyway, why need more? Passwords are unsafe; there's no need for a two-way identification (like a card+code that banks uses, for an example). ECS servers are not someone's bank account; simply servers. No more guy to come and permaban, anyway. Also, completely new IDs (like, 3.000.000+) shouldn't access as easily to the ID-based system either. There's always risks that these are other players (even if it's not), and to top it off some old ID ranges (like, 430000-440000 for an example) are bought up by other companies, I sometimes see 100k-ranges of IDs that aren't used at all on the server; IGBG has had around 200.000 unique users since mid-2012, and it's strange to see a range there in a 200k+ area (unless it's ~2.5 million-3.8 million in the ID range, because these are new and might not have started playing MP yet) where nothing is used.
 

MaHuD

Section Moderator
WBM&BNWWF&SVC
Best answers
1
The password is to circumvent the need of a modified admin mod for players, but if you have modified it already and the ECL staff would use it, then no passwords would not be required.
However, admin mods are officially not allowed, as it is a game modification not in the list of allowed modifications.  :facepalm:
 

Oliveran

Master Knight
WB
Best answers
0
MaHuD said:
The password is to circumvent the need of a modified admin mod for players, but if you have modified it already and the ECL staff would use it, then no passwords would not be required.
However, admin mods are officially not allowed, as it is a game modification not in the list of allowed modifications.  :facepalm:
Actually, how it works is that the game need to "make sure" the player has the right mod. Since a majority of the game's functionalities are not server-sided, but user-sided there's too many things that are not possible; like check an ID and password, as the server needs to 'hook up' with the user and if some codes and such are different, there'll be major problems (crashes, errors that makes it unusable etc), so... It means non-leaders and non-admins can use their raw Native's, just that the leaders and admins has to use the admin mod.

What's the difference anyway, between using "ECS Admin Mod" and any other admin mod, if you're a teamleader you'll have to use it anyway, right? It's already like this as it is (because of the map list), so it won't make any difference if you compare to how it is now.
 

Namakan

Master Knight
M&BWBWF&SNWVC
Best answers
5
Oliveran said:
I've used Gotha's Adimi Tools, and implemented all ECS settings (classes, flags, maps) on it. Gotha has a built-in ID-based admin system; I've personally tweaked around in the code and changed access on the different admin levels (for an example, trial-admins on IGBG can only temporarily ban, kick, write in the admin chat; that's it).

-snip-

Are you using Gothas system that requires the server owner to write the IDs into the scriptsfile or have you updated it to use an external database?
Either way, that's what I'd do, be it the current module or some other tools.
 

Oliveran

Master Knight
WB
Best answers
0
I use Gotha's system; I specifically use exactly his code and his admin mod. I've just rewritten the gold-system to work properly (big thanks to Gubbo), changed the flags to the WNL/ECS-style and changed Gotha's settings for the admin levels and so on.

I've thought about re-doing some parts, so there's no need for "the server to check" what person it is; sadly, unless using an external database (a webserver is the only thing support in Warband; no external scripts afaik), but it's pretty much hopeless. Otherwise, there's also big risks of other things (such as putting in another ID into the checkup; quite easy to do...), so there need to be a client-server relationship; cannot be only server, or only client since both ends are problematic in Warband's case...

There is some fixes so one can use external scripts, but seeing as we're reaching for Bannerlord (hopefully this year), just using Gotha's solution is the easiest, safest and best at the current time (imo).
 

Namakan

Master Knight
M&BWBWF&SNWVC
Best answers
5
I don't think that adding an external database is too much of an effort, and it's easier to add/remove people from that.