[mysan]

Hi all.

I have a one idea.

sa-mp 0.3b has not yet released ? yes ? until he came out, I want to ask to add the function of cookies there.

Why should it be ?

You may using this for really nice ban.

Watch. You ban player and sa-mp client make the special file on his computer in windows directory with IP,PORT,REASON,EXPIRY.

And when a change of IP address , when player connect , sa-mp client has checkin the all cookies files in special directory. If client is find line of ban in chanched ip , he like is be kicked.

So... posible really create the function. Example : SaveCookie(playerid,data[]); and LoadCookie(playerid,data[]);

And then the players will be able not only to keep ban, but and statistics player. (kills,deaths, and other).


PS: This topic is mainly related to the main developer of sa-mp, Kye, but I think it will be interesting to each user.


Thank you for your attention !

[weedarr]

People could just delete the file?

WeeDarr

Whats with all the security ideas? SAC was one of the best it would be better if they just used that in conjunction with sprunkbuster.

[mysan]

Quote:

Originally Posted by WeeDarr People could just delete the file? WeeDarr Whats with all the security ideas? SAC was one of the best it would be better if they just used that in conjunction with sprunkbuster.

Yes, you are right, but you can do so without base of cookies sa-mp did not run. And hash this base for no posible hack !

[Bayler]

Then you run into 'Firewall Compatibility issues' ... You cant go writing files from a Server to a Client without triggering ANY known Anti Virus Software...

If the Idea is to set to a 'random location' then you have no way of checking it server side without knowledge of set location.

Weedar, you can in essence define a 'requirement' that such 'file' is needed to join the server, as well as placing a 'key' that's unique to the server. thus resulting in[ if(clientkey != ServerKey){ return trigger } ]

The Problem STILL returns to setting a static Location on the client to store such a key.

[mysan]

Quote:

Originally Posted by Bayler Then you run into 'Firewall Compatibility issues' ... You cant go writing files from a Server to a Client without triggering ANY known Anti Virus Software... If the Idea is to set to a 'random location' then you have no way of checking it server side without knowledge of set location. Weedar, you can in essence define a 'requirement' that such 'file' is needed to join the server, as well as placing a 'key' that's unique to the server. thus resulting in[ if(clientkey != ServerKey){ return trigger } ] The Problem STILL returns to setting a static Location on the client to store such a key.

The server will simply send a request to the client to create a new cookie. For example in the archive samp.saa. In this it will not be a direct request from the server to the client Computer. Take for example savedpositions.txt. At the same anti-virus software had not complained.

[iLinx]

Personally i think all these new security ideas are stupid.
Everything in SA-MP can be serversided, on top of that you can make powerful enough Anti-Cheats in your actual script to prevent all hacks for SA-MP.

Really, these security ideas will just be a hassle for server owners and players alike - if a hacker wants to hack in a server, he's going to do it anyways.

Cookies, Hardware Serial numbers...
If servers were given this kind of control, i would stop playing SA-MP all together, think about the access your giving to the server owner.

The fact that they have your IP is enough already..

[Bayler]

iLinx,

Believe it or not, i actually agree with you, However, the hassles I seem to find with operating a Server are its slack in controlling WHO and WHEN a player can access your community. I never really 'Cared' about Cheaters ... it seemed to be the 'Ethics' behind some players that seemed to be the problem.

I rarely ever had some player come into one of my communities and did anything that violated the server to cheat it to a point it actually caused other players to suffer. What i found to be the BIGGEST problem, was some ass hole coming in and stirring up the 'Drama', and clearing out a server wit the filth they called a 'vocabulary' ... Most would reply to that with using a word censor and chat scanner ... What i found to be a rather surprising problem is that those 'text' files that store the censored word lists can get rather large, not to mention, your IP ban List gets pretty large as well..

These files are 'most often' scanned every time a player types ... and believe me, if you search up and resources for a 'Banned Word' listing... you'll find no less then 30k lines of text, and that does NOT even include half of the 'variations' that can be used.

An Advanced Ban System allows the Script writer to spend less time dealing with 'administration problems' and more time working on something 'Relevant' to the community...

Add on Top of that, a lot of us community operates would LOVE to share each others Ban List ... which you Rarely ever see 2 communities work together to get rid of these 'trouble players'. So again, the solution comes down to a 'globalized Ban List'.

As Far as 'Privacy' goes ... There is NO such thing on the Internet.
Example: Nuke Evolution Extreme Edition ( Yes im a sideline Developer ) youll see in the administration panel, there is NOTHING the client can do while connected to the site, that doesnt get tracked... its NOT simply just recording IPs.

[SfPwns]

These security things have been made for those who dont know how to ban cheaters.

[KingJ]

The problem with creating this "ban cookie" on the player's computer is that you are then trusting their computer.

You never trust anything the remote computer sends. This system would quickly be manipulated.

[Guedes747]

Quote:

Originally Posted by KingJ The problem with creating this "ban cookie" on the player's computer is that you are then trusting their computer. You never trust anything the remote computer sends. This system would quickly be manipulated.

Ye but i think it can stall the real noobish cheaters. Dunno if this is worth to be created tho.