[Kyle]

Quote:

Originally Posted by Kalcor This whole mod is a big experiment. I'm not aware of any games before sa-mp where you could run your own server for 500 people. The closest thing would be running an IRC leaf connected to a large IRC network. IRC operators do get abused a lot and there's lots of spam to deal with. I don't think I'm to blame for toxic people. You're asking me to dedicate my life to fending off a constant flow of attacks. Where did I sign up for that? It was only by chance that we gave out the dedicated server and added scripting support. My thinking was that running a server with more than 100 players probably required more resources than most normal people would have access to. You would have to require registration when joining the server and build a community of trusted players. We've all had to deal with it.

He's not asking you to dedicate your time to fending off stand; he's asking you to provide tools so he can.

[d3Pedro]

Quote:

Originally Posted by Johny32 At least can we hope that a future update is planned or we gonna wait like Half Life 3...

^ same question here.

[WestSide56]

Kalcor, please fix the synchronization of near damage and pickups outside the SA map as sa-mp 03DL R1-1 update. This is necessary for a normal game on custom maps. It's not that hard, we are waiting for this more than a year since demonstrations vc2sa4samp!

[Kalcor]

Quote:

Originally Posted by Kyle He's not asking you to dedicate your time to fending off stand; he's asking you to provide tools so he can.

We did. It's called pawn scripting, and it's undefeatable with client-side hacks.

[Kyle]

Quote:

Originally Posted by Kalcor We did. It's called pawn scripting, and it's undefeatable with client-side hacks.

Some better and more effective way of banning would have been useful. Mac address? I don't know but something effective. Is there a solution?

[__]

Quote:

Originally Posted by Kalcor We did. It's called pawn scripting, and it's undefeatable with client-side hacks.

Please tell me more about how every single client-side cheat and hack can be defeated with pawn scripting. Maybe release a book on it? You'd have a hell of a lot of ground to cover.

[Variable™]

Quote:

Originally Posted by Kyle Some better and more effective way of banning would have useful. Mac address? I don't know but something effective. Is there a solution?

Random kids trying to get mac address isn't a good idea. Running a server that stores mac addresses in plain text.

However, as gpci is hashed, I would recommend making a mac address function that provides a hashed mac address of a player without returning the address.

[niCe]

Quote:

Originally Posted by Kyle Some better and more effective way of banning would have been useful. Mac address? I don't know but something effective. Is there a solution?

Mac address can be spoofed like gpci, thus that's no go.

[Kalcor]

Quote:

Originally Posted by __ Please tell me more about how every single client-side cheat and hack can be defeated with pawn scripting. Maybe release a book on it? You'd have a hell of a lot of ground to cover.

The technique is called heuristics. You get samples of normal player data by collecting statistics during normal play, then you flag players who go outside normal statistical boundries.

[Tamer]

Making my server white-listed through registration would cripple my player base down because most of my players were players who could not speak English and they casually played.

My server peaked 80-90 players during sundays and had a stable average of 50-60 during midweek. Around 1/3 of the server were regular players and the other ones were newcomers, newcomers don't bother registering for a TDM server where they want to play casually, they would visit and go then come back a few days later to play.

Adding such registration system wouldn't bring new players to my server, because my server attracted players who would casually join and decide to stick around. Infact that's what made all servers popular, isn't it? Who bothers going through a registration process which can take a couple of hours until you're approved, just to find the server isn't of your taste? It's naive to think that such system would successfully attract players.

Quote:

Originally Posted by Kalcor The technique is called heuristics. You get samples of normal player data by collecting statistics during normal play, then you flag players who go outside normal statistical boundries.

Now I do agree on this one I am capable of doing this today. However when I started my server I was 15. Now I am 23. I didn't know anything about data interpretation.

[Kyle]

Quote:

Originally Posted by Kalcor The technique is called heuristics. You get samples of normal player data by collecting statistics during normal play, then you flag players who go outside normal statistical boundries.

That's fair enough but how do you block them from returning?

[niCe]

Quote:

Originally Posted by Kalcor The technique is called heuristics. You get samples of normal player data by collecting statistics during normal play, then you flag players who go outside normal statistical boundries.

Theoretically yes, but nowadays some aimbots are that well masked, it's almost impossible to differentiate between regular data and cheats. But I guess there is nothing that could be done even from SA-MP's side against this. Some locate hacks or wallhacks were always nearly impossible to detect.

[Variable™]

Quote:

Originally Posted by Kyle That's fair enough but how do you block them from returning?

To be honest active admins can take care of that. Also you don't need to make them not come back if they will keep getting automatically banned, they won't come back.

[Tamer]

Quote:

Originally Posted by Kyle That's fair enough but how do you block them from returning?

And what about the damage that has been done until the hacker has been detected? It's painful for other players, too.

Also there's always going to be a person who's out of the statistical boundaries but is completely legit, so such system can not be automated. Soo, again we return to the human factor here. Instead of adding countermeasures in the back-end of the client, the server owners are forced to do this. Pfft.

[niCe]

Quote:

Originally Posted by Kyle That's fair enough but how do you block them from returning?

Making some effective VPN detection is the best thing you can do to prevent cheaters evading their bans. There are many services such as ip-api.com, which you can use to detect and ban directly some providers such as OVH, Hetzner, LeaseWeb, DigitalOcean, Contabo etc. This will ban most of the working VPNs and significantly reduce chances of cheaters to ban evade.

We have currently over 1140 IP ranges of such VPNs banned and system automatically checks whether players are logging from a VPN range and ban it automatically. Since we introduced this system on our servers, it made admins job much easier on the servers.

[__]

Quote:

Originally Posted by Kalcor The technique is called heuristics. You get samples of normal player data by collecting statistics during normal play, then you flag players who go outside normal statistical boundries.

I was really hoping for a book.

There are so many things you can only access by using advanced plugins like this, which go way beyond the skills that a usual scripter would have, and not just that you have advised server owners not to use memory hacking plugins. But even with that, there's only so much that can be done. If you made more useful tools for server owners to detect and disarm cheats then this mod wouldn't suck so much, it's pretty SAC went down like a sack of shit but that shouldn't have led you to almost completely give up on preventing cheats.

Quote:

Originally Posted by Variable™ To be honest active admins can take care of that. Also you don't need to make them not come back if they will keep getting automatically banned, they won't come back.

Stop bumlicking, admins should be able to play the game too or focus on more important things than things that could be driven by code.

[IllidanS4]

There are already memory checks, which will hopefully make it to the main branch as well. An anticheat is better as an external software, not something incorporated into the server, besides there are servers that have no use for it.

This is not the time to request a complicated feature like this. More API can be provided to control the various server functions which would make writing such a software easier, but that's all.

[n0minal]

Kalcor, stop being so sticked to the past, you indeed made incredible stuff for the mod in the past, but your experiments and techniques aren't exclusive anymore, there are many multiplayer mods for many games around and you still treat samp like a pot of gold using it as an excuse to don't improve your own mod, it's outdated, I'm not talking about bring new technologies for the mod that would untone from GTA:SA, I'm talking about your persistency to don't bring server owners the capability to improve their servers quality, client side scripting is an good example of it.

[Tamer]

Quote:

Originally Posted by Kalcor I don't think I'm to blame for toxic people. You're asking me to dedicate my life to fending off a constant flow of attacks. Where did I sign up for that? It was only by chance that we gave out the dedicated server and added scripting support.

People made an exact replica of my server (my script was never leaked but their servers were the exact same thing as mine) two servers copied my work and tried to show it as if its was theirs. They used a map stealing script to copy my unique maps to their own servers, they used SA-MP exploits to crash my players.

I had nothing to say on it, I'm not asking you to fend off attackers, a proper abuse team could have been formed. Would you let Crazybob's or LS-RP replicas on the hosted list? My unique work, ideas, my effort, was copied and I could do nothing about it. As if that wasn't enough, those fuckers were ramping over my playerbase because their servers weren't crashing like mine did. What could I do? Please tell me.

There were ******* videos of people hacking and testing hacks on my server, those people were also copying my server.

[Kalcor]

Quote:

Originally Posted by n0minal Kalcor, stop being so sticked to the past, you indeed made incredible stuff for the mod in the past, but your experiments and techniques aren't exclusive anymore, there are many multiplayer mods for many games around and you still treat samp like a pot of gold using it as an excuse to don't improve your own mod, it's outdated, I'm not talking about bring new technologies for the mod that would untone from GTA:SA, I'm talking about your persistency to don't bring server owners the capability to improve their servers quality, client side scripting is an good example of it.

Whatever dude. Give me a game with client side scripting I'd find a buffer overflow in 2 days and be ready to wipe peoples hard drives.