Jump to content


Photo

Online Anti-Hack Strategies [Design Article]


  • Please log in to reply
11 replies to this topic

#1 Glen

Glen

    GMC Member

  • GMC Member
  • 841 posts
  • Version:GM:Studio

Posted 28 July 2010 - 04:28 PM

Hello there. It's been awhile since I last wrote my Online Games article and lately I've been working with clients and servers and have many ideas to share with people concerning the oh so favorite topic with GM Online Games. Hacking. You see, many people are trying to find a way to make their games impossible to hack. But that kind of thinking isn't going to get you anywhere. In my opinion, a game that's making it most annoying to hack is the winner.

To explain what I meant by being annoying, rather than spending alot of time on making it impossible to open up your game and changes settings, I feel that the best way to deal with modified clients is to have the server do checks to player actions. If there's something flawed, disconnect them with a ban warning and roll their account back to reverse their gains in exp, money, or items.

I want to focus on common MMORPG style games out on the market these days. Let's throw a few out there: World of Warcraft, Perfect World, Maplestory, and Runescape all have common features. Your role is to take part as a single individual who trains by killing things, increase stats to make you stronger, aquire items that improve your performance, and you do it all while interacting with other players. The reason hackers do what they do is because it gives them an edge and makes things easier to outperform the other players on the server.

So... what kind of hacks do we have to watch out for? Well, there's alot of variations and most have universal names. Common ones are the: Vac Hack, Speed Hack, No-Delay, Money Generators, God Mode, Stat Hack, Level Hack, Fly Hack, and Message Spammer. These types of hacks are usually available to all online games and if your online game gets anywhere, it won't be long before someone gets bored or determined to hack yours.

Vac hack works like a vacuum. It sucks all the monsters in the room to a certain position. That way the player doesn't have to walk to the monsters. They can just sit there and attack constantly and everytime a monster respawns, it teleports to the player. My best solution to avoid anyone making decent gains with a vac hack is to place monsters that are to stay invisible at all times, (ones that don't attack, or die), and if they're sucked into a vac hack, that's a signal and you can have the server automatically disconnect them. To further make this system work better against a vac hack, have the names of the invisible monsters identical to the ones that are visible. That way if the hack is designed to attract all monsters by name, the invisible hack detection ones are included in that group.

Speed hacks involve increasing the movement of characters to an insane amount, that way they can cover a larger distance in a short period of time. To detect this, I would implement a distance check that measures the players' x,y coordinates compared to their previous x,y coordinates and make sure that the distance is reasonable. If the returned values on the distance checks exceed the max speed you allow players to move then you'll have the server automatically disconnect the player.

No-delay hacks focus on the attacks and skills that players use. Usually there's a timer on attacks. You can only attack every few seconds, or something along those lines. That way if a player holds the attack button they don't start to attack endlessly. A No-delay hack makes a player attack at the rate of the room speed. So if your room is running at 60 and a person bypasses a timer that allows them to endlessly attack, they attack 60 times rather than 1. Best way to deal with this is a server side timer, to time check. You could record the time of their last attack in their player file. And compare it to how long it has been when the next attack request is sent to the server. This won't disconnect them, but the system would prevent the hack from working. No-delay hacks are client side. If you make the timer on server side, that alone will prevent them.

Money generators. They're value editors. They can work in many ways. One way is to try and edit the amount of money recorded in your player's file, but if it's server side, then this is annoying and difficult. Another way is to use memory editors that allow you to change values, but that's client side. If important features like money are kept server side, then there's nothing a money generator can do. As long as the server has a recorded file of how much they really have and makes checks everytime the player makes a transaction then you're all set. The server will be the only thing that has access to your money and the client only gets what the server returns. If a person is in fact finding a way to change the amount of money they have then one possible way to deal with it is make shadow clones of your player's files that act like a backup everytime a real change has been made and the server agrees with it. That way if something is flawed and changed, a quick comparison between the file and the backup will furthermore check it out. Disconnect if all fails and a change that was not supposed to be made is done. The disconnects will eventually make them give up.

God Mode simply means you can't be hit by anything. You don't lose any health if a monster hits you. You should have some kind of formula that checks whether a person should be hit or not. And if they were supposed to be hit, but were not, well... there's something going wrong and the server needs to check it out. God Mode anti-hacks can be difficult because games often implement accuracy and avoid stats in their characters and monsters. A God Mode hack can alter those stats and make it so that the monsters always miss them or just skip the damage step involved in subtracting their health. Make sure the monsters are server sided so their stats can't be changed. Most games include the monster files with their clients and only keep the monsters' positions server side. I find it best to keep all the monsters' information on the server and only include the images and sounds for the monsters on the client. That will prevent players from being able to edit monster values.

Stat hacks are value edits. They work in several ways. One way is to edit the player's file but if it's kept server sided, it won't matter. Another way they can be done is editing the amount of stats they have displayed on the client side and have those sent to everyone when your stats are called by other clients. As long as the server manages the stats that every client has and keeps the legit changes recorded, you won't have problems with faulty stats being given to other clients.

Level hacks can be done in numerous ways. One way is to edit the value. But like other stats, quite difficult. The other option for hackers is to autospawn or vac hack monsters and have them killed immediately at a fast pace to build up experience rather quickly. If you have shadow cloned monsters to prevent vac hacks and have a system check for monsters that were summoned by the client and not the server, then you can prevent the client from using the fast experience technique.

Fly hacks are teleporting hacks that have the player move to any position desired, usually controlled by the mouse. The fly hack doesn't take collisions in consideration either. To prevent fly hacks, you could keep track of x,y coordinates server sided and have the proper x,y values returned to the client rather than having the movement client side.

Message Spammer. You can have a client side timer, but there's a possibility that the person will just bypass the timer or modify the timer so that it's set to 0. A server sided timer could work, or having the time a person sent a message recorded to their player file and comparing the current time to their last would suffice as a timer. After determining if they can send another message, the server would return the result to the client upon their request to the server to send.

Those are some of the common hacks to online games these days. Anyone can search them up by googling "<insert game> hacks". Some of the techniques that I've discussed can be quite process consuming. For example, x,y coordinates being sent every step to prevent fly hacking and speed hacking can build up alot of bandwidth, but it works. Server sided timers opening and closing player files to compare message and attack times can be beneficial but if someones spamming the requests, it could cause lag. So make sure if you use these types of systems that they detect the hack right away and disconnect the player as soon as possible to prevent server lag. Most games use a seperate program to deal with hacking to prevent lag in the game. If you find making a separate anti-hack program works best for lag, then go for it. You would just have to make the anti-hack program communicate with your client at all times.

As I was saying though, alot of people try to make it harder for hackers to read their games and honestly, no matter what, someone's going to find a way to open it up and change things. I feel that detecting the changes and kicking the player off is more efficient. Combined with encryption and obfuscation then yes, things put annoying to a whole other degree. I remember reading somewhere that someone used words to spell out the numbers the used and would have a system that converted the words to numerical values but encrypted the words when stored into files. What was great about this idea is that value editors had a harder time reading the values because they were strings rather than real numbers. I thought that was cool.

Anyway, if you're going to implement systems that check for unauthorized changes due to hacks, make sure you use what works best for you and realize that some systems are more costly than you think. Many online programmers will tell you that sending information from the client to the server all the time will cause alot of lag. Especially with many players online. But, if you need the protection, I've given you all the ideas you need to cover the basic hacks out there. If you have any other ideas or ways to improve the ideas I've discussed on how to design a technique that detects a certain hack, then please share.

Btw, if you're going to post those idiotic tl;dr messages, just sign off and stay away from the computer. No one likes people who waste their time to post those kind of messages. If you don't care, don't read. My reason for writing this up is because I like to share my ideas and it helps me to write out my thoughts.
  • 0
Avic Pro (Work in Progress):
Portable media manager. Just pop in your usb drive and use Avic Pro to organize and present all of your media content in categories. On top of that, it makes handling portable games, software, and other utilities a breeze. It allows you to launch just about any of your media content quickly and efficiently from your system tray. No more long paths to finding content.
Savage Defence| Text FX | Ragdoll Axe Engine | Professionalism | Online Games | Game Progression | 3D Game Development | Online Anti-Hack Strategies

#2 score_under

score_under

    Least kawaii

  • GMC Member
  • 1321 posts

Posted 28 July 2010 - 04:58 PM

Vac hack works like a vacuum. It sucks all the monsters in the room to a certain position. That way the player doesn't have to walk to the monsters. They can just sit there and attack constantly and everytime a monster respawns, it teleports to the player. My best solution to avoid anyone making decent gains with a vac hack is to place monsters that are to stay invisible at all times, (ones that don't attack, or die), and if they're sucked into a vac hack, that's a signal and you can have the server automatically disconnect them. To further make this system work better against a vac hack, have the names of the invisible monsters identical to the ones that are visible. That way if the hack is designed to attract all monsters by name, the invisible hack detection ones are included in that group.

Clientside vacuum hacks: The client thinks the monsters are next to the player, but the server doesn't.
Serverside vacuum hacks: The client sends messages saying that the monster has attacked them, which makes the server move the monster to the player's position.

So, for clientside - how would you tell if they were using a clientside hack as opposed to just accidentally attacking the monsters?
Also, don't you think hackers are intelligent enough to put "if(visible)" before their code? If someone can break into your game, they've already demonstrated a fairly deep understanding of it.

Speed hacks involve increasing the movement of characters to an insane amount, that way they can cover a larger distance in a short period of time. To detect this, I would implement a distance check that measures the players' x,y coordinates compared to their previous x,y coordinates and make sure that the distance is reasonable. If the returned values on the distance checks exceed the max speed you allow players to move then you'll have the server automatically disconnect the player.

What if the packets lag at one point by 200ms, for example? Your initial measurement would be 200ms out, which is 1/5th of the distance the player is allowed to cover per second. You have to allow a small amount of leeway for lag.

No-delay hacks focus on the attacks and skills that players use. Usually there's a timer on attacks. You can only attack every few seconds, or something along those lines. That way if a player holds the attack button they don't start to attack endlessly. A No-delay hack makes a player attack at the rate of the room speed. So if your room is running at 60 and a person bypasses a timer that allows them to endlessly attack, they attack 60 times rather than 1. Best way to deal with this is a server side timer, to time check. You could record the time of their last attack in their player file. And compare it to how long it has been when the next attack request is sent to the server. This won't disconnect them, but the system would prevent the hack from working. No-delay hacks are client side. If you make the timer on server side, that alone will prevent them.

Don't stop the attack going through, again for lag reasons, just delay it until the next available time-slot for attacks.

Money generators. They're value editors. They can work in many ways. One way is to try and edit the amount of money recorded in your player's file, but if it's server side, then this is annoying and difficult. Another way is to use memory editors that allow you to change values, but that's client side. If important features like money are kept server side, then there's nothing a money generator can do. As long as the server has a recorded file of how much they really have and makes checks everytime the player makes a transaction then you're all set. The server will be the only thing that has access to your money and the client only gets what the server returns. If a person is in fact finding a way to change the amount of money they have then one possible way to deal with it is make shadow clones of your player's files that act like a backup everytime a real change has been made and the server agrees with it. That way if something is flawed and changed, a quick comparison between the file and the backup will furthermore check it out. Disconnect if all fails and a change that was not supposed to be made is done. The disconnects will eventually make them give up.

It's not a case of checking - it's a case of handling EVERYTHING money- and item-related server-side. The client gets sent a copy of the amount of money you have, for viewing purposes only. The client NEVER adds or subtracts this value, merely requests a new value after an action on the server.
Also, for the same reason, never save client-side save files.

God Mode simply means you can't be hit by anything. You don't lose any health if a monster hits you. You should have some kind of formula that checks whether a person should be hit or not. And if they were supposed to be hit, but were not, well... there's something going wrong and the server needs to check it out. God Mode anti-hacks can be difficult because games often implement accuracy and avoid stats in their characters and monsters. A God Mode hack can alter those stats and make it so that the monsters always miss them or just skip the damage step involved in subtracting their health. Make sure the monsters are server sided so their stats can't be changed. Most games include the monster files with their clients and only keep the monsters' positions server side. I find it best to keep all the monsters' information on the server and only include the images and sounds for the monsters on the client. That will prevent players from being able to edit monster values.

No, most god mode hacks are made by removing the "collision with obj_monster" code. This could easily be mistaken for lag, and always requires a human to detect.

Stat hacks...

Use the same system as items and money.

Level hacks can be done in numerous ways. One way is to edit the value. But like other stats, quite difficult. The other option for hackers is to autospawn or vac hack monsters and have them killed immediately at a fast pace to build up experience rather quickly. If you have shadow cloned monsters to prevent vac hacks and have a system check for monsters that were summoned by the client and not the server, then you can prevent the client from using the fast experience technique.

Actually, clients shouldn't be able to summon anything. Attacks should be handled server-side, and if the server doesn't have the instance of the enemy object... then that's too bad, nothing happens.

Fly hacks are teleporting hacks that have the player move to any position desired, usually controlled by the mouse. The fly hack doesn't take collisions in consideration either. To prevent fly hacks, you could keep track of x,y coordinates server sided and have the proper x,y values returned to the client rather than having the movement client side.

The lag here would be nothing short of insane. You'd tap the right arrow and a few seconds later you'd jerk right a bit and start moving.
To prevent flying hacks, you could instead check for movement packets coming from the client that result in it staying in the air for too long, and if so, teleport a moderator (as invisible) to the room to see if the person is hacking.

Note that a right-click "report abuse" system helps too, and maybe a list of all people (except invisible GMs) in the room just in case someone's whizzing about, evading cursor clicks.
  • 0

Anti-Decompiler for GM6.1 to GM8.1.91! :GM8_new: [Main skin by Sindarin]
Discontinued.

decimal2.png
^ Signature image because it's been sorta empty since the old host died

If you need to contact me, I still get notification emails from PMs.


#3 Glen

Glen

    GMC Member

  • GMC Member
  • 841 posts
  • Version:GM:Studio

Posted 28 July 2010 - 07:26 PM

Serverside vacuum hacks: The client sends messages saying that the monster has attacked them, which makes the server move the monster to the player's position.

Isn't that still client side seeing how the client is trying to send messages to the server? What if all the decisions were done on the server? The server wouldn't respond to the messages. Unless I'm missing something. I don't know how a server-side vacuum would work.

Don't stop the attack going through, again for lag reasons, just delay it until the next available time-slot for attacks.

Are you saying let the messages get sent, but only respond to one after a certain amount of time? Like a server-side timer?

No, most god mode hacks are made by removing the "collision with obj_monster" code. This could easily be mistaken for lag, and always requires a human to detect.

That's interesting. I want to find a way to detect it through a system.
  • 0
Avic Pro (Work in Progress):
Portable media manager. Just pop in your usb drive and use Avic Pro to organize and present all of your media content in categories. On top of that, it makes handling portable games, software, and other utilities a breeze. It allows you to launch just about any of your media content quickly and efficiently from your system tray. No more long paths to finding content.
Savage Defence| Text FX | Ragdoll Axe Engine | Professionalism | Online Games | Game Progression | 3D Game Development | Online Anti-Hack Strategies

#4 quadriseene

quadriseene

    Ninja

  • New Member
  • 547 posts

Posted 29 July 2010 - 12:37 PM

Isn't that still client side seeing how the client is trying to send messages to the server?


The distinction is where the vacuuming is handled, I'd say. How else would you suggest a server sided vacuum hack would work? By asking the host nicely to set it up for you?



But in the end, every single system is 100% secure

There's always a way. Always. Even when there isn't.



- Password encryption/protection.
- Massive packets.
- DoS attacks.

At least 2 of those require special coding, and the other is literally impossible to prevent.

Which is 'literally impossible' to prevent?


Edited by quadriseene, 29 July 2010 - 12:38 PM.

  • 0
This, here, this is a signature. And if the above post doesn't make sense, chances are I'm messing with your brain.

#5 Glen

Glen

    GMC Member

  • GMC Member
  • 841 posts
  • Version:GM:Studio

Posted 29 July 2010 - 11:47 PM

Which is 'literally impossible' to prevent?

I think he might be referring to the last one. DoS attacks.
  • 0
Avic Pro (Work in Progress):
Portable media manager. Just pop in your usb drive and use Avic Pro to organize and present all of your media content in categories. On top of that, it makes handling portable games, software, and other utilities a breeze. It allows you to launch just about any of your media content quickly and efficiently from your system tray. No more long paths to finding content.
Savage Defence| Text FX | Ragdoll Axe Engine | Professionalism | Online Games | Game Progression | 3D Game Development | Online Anti-Hack Strategies

#6 quadriseene

quadriseene

    Ninja

  • New Member
  • 547 posts

Posted 30 July 2010 - 02:09 AM

Which is 'literally impossible' to prevent?

I think he might be referring to the last one. DoS attacks.


Yeah, but I don't think 'literally impossible to prevent' is the term for them. It's not as if you can't install measures to prevent DoS attacks.
  • 0
This, here, this is a signature. And if the above post doesn't make sense, chances are I'm messing with your brain.

#7 sabriath

sabriath

    12013

  • GMC Member
  • 3197 posts

Posted 30 July 2010 - 09:16 AM

My turn on opinion *jumps for joy*

1. Most of these are not "hacks"...I do not consider cheating at a game a "hack." A hack to me is taking a locked program and unlocking it without having the key to it. For example, taking GMLite and making it GMPro without purchasing an activation...I do not condone hacking, but that is the intensity that I give the term. All of the things mentioned in this article are "haxor" cheats.

2. On to the individual "hax":

Vac Hack
This sounds more like an "agro cheat" to me. Forcing monsters that are not in range to attack to your location (or aggro to you). The monster's location/speed/direction should always be handled by the server (from this point on, "server" will stand for the relay station OR the mod clients). So there is no way a client program can "vacuum" the enemies toward any point on the map like a blackhole, the only way to get an enemy to move is to aggro it. If you are not in "visible" range, the game should not even TELL you that it's near you, so the program you are running doesn't even have an ID for the monster mapped out until you are in range. Once in range, if you "attack ID" to get him to move, the server should detect that "you are not in range to attack." Problem solved.

Speed Hack
There are a couple ways to avoid this, but the easiest way is interpolation over coordinates given with a timestamp. I have mentioned this a few times on the boards (in fact recently) about timestamping signals, I'll briefly mention it here:

client sends PING, and stores it's current time as TS0
server receives PING, and sends PING_ACK along with the server's current time as TS1
client receives PING_ACK and creates OFFSET = TS1-TS0
client now adds OFFSET to it's current time for _every_ coordinated message

The server should not receive any packet faster than a PING time, so if the timestamp is in the "future" of the server's current system time, then boot the person. The TS/X/Y/DX/DY are stored for every coordinate update, and checked through interpolation (as I mentioned) as such:

DT = NewTS - OldTS
NewX = X + DX*DT
NewY = Y + DY*DT

If the incoming X/Y coordinates are within a comfortable range (say 5%), then store them and update...if not, boot them for speed hacking. If the incoming TS is older than the newest update, you can safely drop the packet, it's not needed anymore.

No-delay hacks
Money generators

These should always be done server side.

God Mode
Stat hacks
Level hacks

lol What? All stats should be handled server-side.

Fly hacks
Your statement is a bit wrong, flying usually ONLY deals with the Z coordinate, the XY hack is normally a speed hack issue. Normally a 3D game (to save processing power) would allow the client programs to do their own jumping mechanisms, even WoW did this (up until 2.4 I think). So all anyone had to do is alter their Z-coordinate to an extreme height and press the jump button to let the server know "hey, I jumped to Z". The best way to do it is have gravity server-sided, and jumping should be a signal code only (no Z given). This would allow anyone who got the message to calculate your jump for their individual screens, so even though you "hacked" the game to put you 50 miles above the ground, everyone else sees you jump 2 feet, including the server.

Message Spammer
This is similar to DoS attack, but as for the game itself, throttling should already be implemented. This means that every client is given a set amount of "bandwidth" they are allowed to use (WoW limits it to about 4K/s). Every time the server receives a message, it increments a throttle variable (and subtracts by an amount equal to the step size, minimum 0). If the variable reaches a threshold, the person can be booted for spamming. This spamming can be ANYTHING from chatting too much, to simply "wiggling" his characters direction/speed (which sends a massive amount of updates -- WoW will boot you if you right click and wiggle rapidly while running and jumping).

---

DoS attacks ARE in fact impossible to prevent, but they can be ignored....the problem is, if you get bombarded with a million packets per second, no one else can get through (that's the point of "denial of service" attack).
  • 0

Tutorials of Interest:
* Multiplayer: mine or True Valhalla's

Projects:
* Net39
* My 39dll scripts
* My 39dll lib
* Multiplayer Engine
* Artificial Chemistry

Posted Image

#8 Seamonster

Seamonster

    Meow!

  • New Member
  • 743 posts

Posted 30 July 2010 - 10:00 AM

1. Most of these are not "hacks"...I do not consider cheating at a game a "hack." A hack to me is taking a locked program and unlocking it without having the key to it. For example, taking GMLite and making it GMPro without purchasing an activation...I do not condone hacking, but that is the intensity that I give the term. All of the things mentioned in this article are "haxor" cheats.


That's a crack :P
A hack to me, is a third-party applications running along with the game an manipulating the game and/or any manipulation of the game client side.

Hacks like Speed and Fly hacks as you mention above is probably very intense to handle server side since almost every online game has this problem.
As for massive packages, I guess you could discard all packages over a limited size to prevent the server from progressing them.

Edited by Seamonster, 30 July 2010 - 10:01 AM.

  • 0

#9 rade134

rade134

    GMC Member

  • GMC Member
  • 212 posts

Posted 30 July 2010 - 10:57 AM

DoS attacks are impossible to prevent. I've had long discussions with several GMC members and also researched this extensively myself.

Definitely, there are ways to reduce their impact, but a D/DoS attack can cripple any game or website, guaranteed. By cripple I mean take offline until the attack is over.

Yeah, but I don't think 'literally impossible to prevent' is the term for them.


It is.



DDoS attacks are not impossible to prevent. Look at an example such as runescape... I hate
to give you that example but it's the first one that comes to mind. I my self used to have a
private server and even I could preventtttt these attacks.

Such as if a ddos was to attack my game and it's ip was...

adam.internet.jfawer,.35a235awdfaqw35a235

then..

adam.internet.a2asdf.awfwerawetkawjrtkjawe

I know the basic format of their ip and I can ban that first extension of the ip until the attack is over.
  • 0

*looks into magic crystal ball to find answer*
*the ball clouds up in smoke, swirling and fluttering, and then it speaks aloud*
"Please show code, for even I am not that good"


#10 sabriath

sabriath

    12013

  • GMC Member
  • 3197 posts

Posted 30 July 2010 - 07:48 PM

That's a crack :P
A hack to me, is a third-party applications running along with the game an manipulating the game and/or any manipulation of the game client side.

No, you have them reversed. A crack is using another piece of software TO crack it....a hack is the process OF cracking it. But as I said, all of these are "cheats" and not "hacks" at all -- nothing more than putting a "game genie" for them.

There's a difference between looking for "18348" health in a section of RAM then rescanning for "3818" health when you take damage to find the location (cheating)......and....knowing that 80104B is "addc byte ptr [bx+si], 4B" (hacking).

Hacks like Speed and Fly hacks as you mention above is probably very intense to handle server side since almost every online game has this problem.
As for massive packages, I guess you could discard all packages over a limited size to prevent the server from progressing them.

The methods I provided are part of dead reckoning, and is used anyway by software in order to make things look "smooth," so there's really no added problem in making it part of a security against such things. I also believe in the relay+modding method rather than just having 1 server do everything, which I also mentioned.

You may have missed my post in another topic awhile ago about it, but basically your "server" should JUST relay information to people, that's it. So when someone tells the server "I moved to XY with speed/direction", the server should just send that to everyone in that zone. You also have what I call "mod clients" which are just like normal clients but are controlled by the computer -- they have the ability to boot people, ban them, and are invisible to everyone. When someone says "I am at XY", it would also get relayed to a mod client that is "supervising" him, the mod clients job is to make sure things are correct and if not it sends a message to the server to boot them.

DDoS attacks are not impossible to prevent. Look at an example such as runescape... I hate
to give you that example but it's the first one that comes to mind. I my self used to have a
private server and even I could preventtttt these attacks.

No it can't, and no you can't. You can only "ignore" the packets to a point on YOUR side of the internet line, but you cannot prevent someone from spamming pings/syns/acks at you.

I know the basic format of their ip and I can ban that first extension of the ip until the attack is over.

1. banning an IP won't make them stop sending packets
2. you have to do a reverse dns to get their named address, so you can't as easily ban the "first extension", because you may not even know their DNS that contains their named address. Not to mention that most DoS/DDoS attacks use faked IP addresses in the header (so you might be banning the wrong person).

Here's a fault to your plan...I am playing your game. Someone decided to DoS you, so they send a bunch of empty packets to your location but use MY ip address as the source. Your game just banned me and it wasn't even my fault. On top of that, let's say that it created random IP addresses as the source, you just banned everyone, good job.


By the way, nice quote rade134! lol
  • 0

Tutorials of Interest:
* Multiplayer: mine or True Valhalla's

Projects:
* Net39
* My 39dll scripts
* My 39dll lib
* Multiplayer Engine
* Artificial Chemistry

Posted Image

#11 sabriath

sabriath

    12013

  • GMC Member
  • 3197 posts

Posted 31 July 2010 - 06:37 AM

Yup, thanks for that D:

?? What did I do wrong now?
  • 0

Tutorials of Interest:
* Multiplayer: mine or True Valhalla's

Projects:
* Net39
* My 39dll scripts
* My 39dll lib
* Multiplayer Engine
* Artificial Chemistry

Posted Image

#12 quadriseene

quadriseene

    Ninja

  • New Member
  • 547 posts

Posted 01 August 2010 - 08:51 AM

Yeah, but I don't think 'literally impossible to prevent' is the term for them. It's not as if you can't install measures to prevent DoS attacks.

Whoopsie. I meant 'resist', as in "We don't have to be sitting ducks about this whole DoS business". I know it's not possible to completely eradicate the problem, else there wouldn't be a problem. But there are ways to resist.



There's always a way. Always. Even when there isn't.

>_> Ignore that. I'm an idiot. I think I was trying to be dramatic, or... something (just imagine it said in a dramatic whisper). And that, kids, is why we don't post in threads late at night. Or why I shouldn't, at least.

Edited by quadriseene, 01 August 2010 - 08:54 AM.

  • 0
This, here, this is a signature. And if the above post doesn't make sense, chances are I'm messing with your brain.