You are not logged in.
Hi man :-), how are you? I hope so all is good :-))))).
I want ask you if you are think about anticheat for N!tmod? This idea is so N!tmod will have implemented own anticheat. Something like ETPro, but actually (for new cheats).
Have fun mate :-))) cya.
Offline
would be a great idea
Offline
We can't add a real anticheat cuz it's a lot of work but i started some experimental checksum verifications (windows only for the moment, gonna work on linux/osx if the windows part works) so we could protect from unknown ET binaries and possibly scan the game path to find suspicious files (if players don't consider this too intrusive).
Something similar to etpro_cheats.dat file, except this will not require any additionnal file nor any extra load for clients/servers because data will be sent and checked on an external server.
Offline
".............and possibly scan the game path to find suspicious files (if players don't consider this too intrusive)."
I am SURE, many players wont like this. And ofcourse, I mean those players useing thise files.
If ONLY it will be the game path wich will be scanned, I think you should go ahead. In my opinion, that is not intruding private life.
Maybe let server do a .log file, for wich file is found at wich player/showing ip and so on. Make it an option for server Admins if useing those files gives autoban or not.
I am so sick of players telling me, .....you cant prove I cheat.
Another thing is, .... is it legal to do so. Scanning peoples PC without their knowlegde ?
Offline
PB was probably a lot more intrusive than my idea and people kept using it.
By scanning, i mean only getting checksums of files located in the game path, file contents will never be stored/sent anywhere, only their checksums.
If a cheat checksum is found, player will be kicked/banned (not sure yet, might be an option) and a record will be added on our master server cheaters database, this could also let us create a global ban system if we find a safer way to identify clients.
I guess we could also scan the process memory to know which dll's are loaded by ET.exe (code for this already works) and verify these dll's checksums too, just in case.
I'm not a pro at knowing how an anticheat works but i guess that could be a good start.
Opinions?
Offline
".............and possibly scan the game path to find suspicious files (if players don't consider this too intrusive)."
I am SURE, many players wont like this. And ofcourse, I mean those players useing thise files.
If ONLY it will be the game path wich will be scanned, I think you should go ahead. In my opinion, that is not intruding private life.
Maybe let server do a .log file, for wich file is found at wich player/showing ip and so on. Make it an option for server Admins if useing those files gives autoban or not.I am so sick of players telling me, .....you cant prove I cheat.
Another thing is, .... is it legal to do so. Scanning peoples PC without their knowlegde ?
I am not sure but when player installed ET game agree so his computer will scaned PunkBuster. And I am not sure, but I think so PunkBuster scanned HDD.
And as I am wroted only something like etpro have.:-))
to N!trox: your idea or my idea? :-))))))))))
Last edited by Klobby (10-Jul-12 12:39:17)
Offline
Had some time to work on it today and managed to move the whole "anticheat" stuff to another thread, so the game will not freeze when scanning large files or performing any action that takes time.
This avoid getting problems like the well known "PB lags" we used to have when using punkbuster.
I'm testing this on a pretty old laptop and it doesn't seem to affect performance at all.
Currently, the tests are still only performed on Windows client and the MD5 scans are fully functionnal.
This built-in "anticheat" now has a name: NxAC
I'm not sure it will be included in 2.2.1, but if it is, it will only be for internal testing purposes.
Offline
That is good news mate :-). Good joob :-))
Last edited by Klobby (01-Aug-12 11:23:13)
Offline
uh oh...
had to format my computer and totally forgot to backup the source code on my external HDD, which means all the NxAC code and probably a lot of other minor fixes have been lost.
Sorry for being so stupid
Offline
uh oh...
had to format my computer and totally forgot to backup the source code on my external HDD, which means all the NxAC code and probably a lot of other minor fixes have been lost.
Sorry for being so stupid
Don't you work with online repo...?
Offline
uh oh...
had to format my computer and totally forgot to backup the source code on my external HDD, which means all the NxAC code and probably a lot of other minor fixes have been lost.
Sorry for being so stupid
This is not good. Backup and backup and backup again. Too bad about the amount of work.
Offline
N!trox* wrote:uh oh...
had to format my computer and totally forgot to backup the source code on my external HDD, which means all the NxAC code and probably a lot of other minor fixes have been lost.
Sorry for being so stupid
Don't you work with online repo...?
I usually work with the SVN repo, but my laptop was running XP SP2 (i moved to france and i gave my desktop pc to my sister so now i'm using my old laptop) and latest SVN version requires XP SP3 minimum, so i kept working on a local copy of the source code till i get enough time to update my laptop's OS...
Meantime i forgot to backup, and here we are now, i managed to re-fix most of the known bugs, but the NxAC project will probably be in standby for a while, i guess.
Offline
That is really sad :-(.
Offline
That is really sad :-(.
Consent. It would a huge challenge I think but a lot of work.
Offline
I agree, realy sad about the set back for anti-cheat. I been waiting for this.
I hope you will be able to remember most of it, and come up with some kind of test version in near future.
Offline
ABORTED ?????
Sorry mate, I realy dont understand this. THIS IS SO IMPORTEN !!!
Offline
Dont have enough time for the moment, and lost all the code i had written
Offline
I've started working on this again
For the moment i've added client binary checksum verification for Windows clients.
I also coded 50% of the new "NxAC Cvar Scanner". Server admins will be allowed to define what cvars they want to scan and optionnaly define a cvar range/value to match.
NxAC will then scan these cvars on client side and kick/ban players in case of cvar violation.
Really similar to what PB used to do.
Not sure this will be included in 2.2.1, and if it is, it will be for testing purposes only.
Offline
I am ALL again. This is GOOD news.
For the moment i've added client binary checksum verification for Windows clients.
This means, server will scan players game-install for unwanted files like opengl32.dll (Aimbot/wallhack) ??
NxAC will then scan these cvars on client side and kick/ban players in case of cvar violation.
It would be nice if possible to deside for our self, if server gives !kick "x-minutes" or !ban.
Maybe a good idea to add some kind of ET standard cvar settings for Aim and movement (and what else needed) as a help to server admins, .....like a quick start to enable anticheat. Idea is, if easy to set up, more servers will use NitMod + anticheat.
I am willing to offer my public sniper server for testing this anti-cheat, as it is developed.
Offline
I am ALL again. This is GOOD news.
N!trox* wrote:For the moment i've added client binary checksum verification for Windows clients.
This means, server will scan players game-install for unwanted files like opengl32.dll (Aimbot/wallhack) ??
No, this just scans the current ET client binary to make sure they are using a known ET.exe version. This is of course customizable and server admins can define which client binaries checksums they want to allow on the server.
It uses SHA1 Checksums so if some of you have a list of current "legal" ET clients checksums let me know.
N!trox* wrote:NxAC will then scan these cvars on client side and kick/ban players in case of cvar violation.
It would be nice if possible to deside for our self, if server gives !kick "x-minutes" or !ban.
Maybe a good idea to add some kind of ET standard cvar settings for Aim and movement (and what else needed) as a help to server admins, .....like a quick start to enable anticheat. Idea is, if easy to set up, more servers will use NitMod + anticheat.
I am willing to offer my public sniper server for testing this anti-cheat, as it is developed.
This was also part of my idea, there will be different type of violations that will result in either kick or ban.
About sample files, once again if you have a list of cvars that you think should be checked by default, give me this list
If you would like to test this ASAP, simply apply to join our BETA Testers team
Offline
Here's an exemple of the current syntax in custom cvar scan config:
r_shownormals EQ "0"
nxac_cvstest NULL
It's for example only at the moment, and the action to perform if a violation is detected is not defined from the config file yet.
The 1st line means "r_shownormals" cvar value must be EQ (EQUAL) to "0"
The 2nd line is just an example, this cvar doesn't exist.
The "NULL" cvar scan rule means that this cvar should be NULL, in other words, it will trigger a cvar violation action if it is found.
The custom cvar scans config will supports these rules:
EQ "val" (Cvar value must be EQUAL to val)
IN "val1" "val2" (Cvar value must be INSIDE val1 and val2)
OUT "val1" "val2" (Cvar value must be OUTSIDE val1 and val2)
G "val" (Cvar value must be GREATER than val)
GE "val" (Cvar value must be GREATER than val or EQUAL to val)
L "val" (Cvar value must be LOWER than val)
LE "val" (Cvar value must be LOWER than val or EQUAL to val)
INC "val" (Cvar value must INCLUDE (must contain) val)
EXC "val" (Cvar value must EXCLUDE (must not contain) val)
NULL (Cvar must not exist)
If you're used to PB Cvar scans, this will probably seem very similar
Here's what a CVAR_VIOLATION kick looks like in NxAC log:
2:03 [CvarScan::ClientKick]: Client #0 ETPlayer NGUID[CA632A56C9FC13E3F14DB951AD39EAPA] - CVAR_VIOLATION[nxac_cvstest NULL] (1)
How to read it:
2:03 [CvarScan::ClientKick]: Client #0 ETPlayer NGUID[CA632A56C9FC13E3F14DB951AD39EAPA] - CVAR_VIOLATION[nxac_cvstest NULL] (1)
Time elapsed since map start
Function
Client num
Client name
Client NGUID
Violation type
Cvar and Cvar Rule
Current client cvar value
Offline
great job
keep it up
Offline
Hi all,
maybe the old dude not understand all, so now I ask
I understand new anti-cheat will check for ET version. This is a good thing.
We already have option for "fcvars.cfg" - do we need more options to force player settings in new anti-cheat ? (Nitrox, did you check on any limits on amount of fcvars ? )
I think, ...now we can check on players ET version, and we force their cvars,...... Isen´t next step to scan their gameinstall for Aimbot files and so on ?
I think those files give more trouble in clans, than the value of a cvar as "bobroll".
I like to hear opinions on Aimbot/wallhack problem ?
(By the way Nitrox, good job
Last edited by Grandad (04-Nov-12 23:25:00)
Offline
The cvar scanner is not going to force any cvars, and this is totally different and not related in any way to the forcecvar and sv_cvar features.
It will make sure clients don't have illegal cvar values and kick players in case of violation, just like Punkbuster did.
On our side we can try to create a "cheat" cvars database that server admins could use to update their Cvar scanner configuration.
About scanning client gamefolder, i have already writted the code for that, but it is not ready to be implemented yet. We will need as many cheat files' SHA1 Checksums as possible in order to be able to perform efficient file scans on clients, so we're definitely not ready for this now, and it'll probably take a lot of time to find all these checksums...
Remember than NxAC will not be 100% Hack proof, it's just an extra protection.
Offline