kokuojeiku
New member
Shat happens, back up server and hope for the best, i back up usually twice a day....
PC AntiCheat Update Considerations
- Thread starter giKoN
- Start date
SylenThunder
Community Moderator / IT Guru
For those of us who self-host on Linux, this is stupid easy, and a no-brainer. All the servers our group hosts have incremental backups run hourly to dedicated storage. For people on Windows this isn't as feasible, but is still possible with the right software.
However the grand majority of people hosting are just renting from a service. For them, running regular backups is a nightmare, results in a fair amount of server downtime allotted to running backups, or is rather expensive when supported by the host. Restoring under these conditions is equally arduous.
giKoN
New member
Thank you for that awesome idea. That solves all the problems. This thread can be closed now and all necessary investments into netpackage security will no longer be required.
Roland
Moderator
@giKoN
Not sure if that's what you mean, but making sure the assemblies are not modified is exactly what EAC does.
I'd really like to see an example of that. Not saying there can't be bugs in the code making this possible, but not aware of anything yet.
@Grandpa Minion
I don't see this happening. But I'll gladly look into this if you can provide more information
@giKoN
Any proof on that one? This is should be fairly impossible thanks to the way Steam authentication works.
@CH1LLV1LLE
Not seeing any attached proof.
If you or parts of your message didn't get mentioned explicitly above and isn't covered with what's here (or what I said sounds wrong) feel free to bring it up. Also note that repro steps, information on tools etc help incredibly with getting stuff more secure.
Cheers,
Chris
Guys, @Alloc posted this almost a month ago and there has been zero response to it unless you are privately communicating with him. It is not enough to come on here and just say there is a problem. You need to bring proof: provide logs, show video, post reproducible steps to make the hacks work, etc. Chat bombing the dev stream is far far less effective in getting a fix you say you want than working with a developer who has invited you to send him usable information.
I agree that it is unproductive for others to come on here and minimize the issue by saying "shat happens" but lets get some actual traffic here reporting and posting usable proof like @Alloc asked for. If there is no proof or reproducible steps that can be provided then unfortunately the issue will go on.
giKoN
New member
The proof is the netcode.
Everything that has been mentioned prior we are able to provide more details for as soon as there is reasonable interest. We do share a discord group with Allocs and Hated but the communication has rather been one-sided. I think one entire tool was shared with Allocs which shows just how easy it is to do whatever you want on a dedi server.
By now:
* we have fixed serveradmin.xml corruption which is caused by invalid characters (missing check on save&load). Anyone joining and getting banned with < > & " ' characters in their name will wipe out your serveradmin file.
* we have fixed netpackage connect/disconnect spam which crashes servers all around the world. This is a workaround fix - needs to be adressed properly within the dev team. (Sharing my video as client, not the one performing the connect spam - the active connect spam video was shared in your testing discord)
* we have identified a few netpackages which we can add additional verification layers to the instigator/sender id's matching the id that's being sent in.
* for many of the netpackages we will not be able to add such verification layer. Sender and EntityID so often don't match - sometimes for good reasons. Sometimes it seems pretty random.
To be honest, open dedi multiplayer simply is a @%$#show right now.
>
Everything that has been mentioned prior we are able to provide more details for as soon as there is reasonable interest. We do share a discord group with Allocs and Hated but the communication has rather been one-sided. I think one entire tool was shared with Allocs which shows just how easy it is to do whatever you want on a dedi server.
By now:
* we have fixed serveradmin.xml corruption which is caused by invalid characters (missing check on save&load). Anyone joining and getting banned with < > & " ' characters in their name will wipe out your serveradmin file.
* we have fixed netpackage connect/disconnect spam which crashes servers all around the world. This is a workaround fix - needs to be adressed properly within the dev team. (Sharing my video as client, not the one performing the connect spam - the active connect spam video was shared in your testing discord)
* we have identified a few netpackages which we can add additional verification layers to the instigator/sender id's matching the id that's being sent in.
* for many of the netpackages we will not be able to add such verification layer. Sender and EntityID so often don't match - sometimes for good reasons. Sometimes it seems pretty random.
To be honest, open dedi multiplayer simply is a @%$#show right now.
>
JCrook1028
New member
What was that video supposed to show? I know you said you weren't the one performing the test but why is this video here?
giKoN
New member
It shows how the game handles netpackage spam for connect/disconnect packages. It attributes resources to the spam prior to checking for validity/steam auth, thus, all valid packages get delayed (ping) - if done with high enough frequency/long enough the CPU will cave in. RAM load is increased significantly too. We did this with relatively small bursts to test the concept.
the crash ptentially causes world saves to go corrupt and desync between client files.
the spam was performed locally.
Kalen
New member
Unless I'm missing something It really doesn't.... it just shows that there is high ping. I believe you when you say what it happening but the video doesn't really show anything other than high ping.
giKoN
New member
Well, i'm testing my client side performance during the attack. So yees this doesnt show anything with regards to the CPU of the server. The proper information is available in the pimps testers discord.
However, the ping is crucial given that it was performed locally - thus, no attack on the network itself. It's simple, the game isn't dropping the invalid connect/disconnect requests as it should and instead allocates ressources.
But as I mentioned, this is just one of the endless possibilities we have right now to manipulate on netcode layer.
However, the ping is crucial given that it was performed locally - thus, no attack on the network itself. It's simple, the game isn't dropping the invalid connect/disconnect requests as it should and instead allocates ressources.
But as I mentioned, this is just one of the endless possibilities we have right now to manipulate on netcode layer.
Roland
Moderator
Grandpa Minion
Active member
@Roland@kalen
What your failing to realize he is showing you in that video that any troll can log into any server and run this connect ddos scipt causing any server and its players to dynsc. Giving them all high pings...pretty frustrating. This is just one example of many the game is over powered client side letting trolls and hackers ruin it for the rest of us. The network issues need to be addressed sooner than later.
Roland
Moderator
I understand that. I was joking about the election night news reporting going on in the background if you have the sound turned on. I suppose that neither the election nor ddossing a server are joking matters, atm....
But as an analogy for how annoying the hack is, the background noise was a good one.
Last edited by a moderator:
kebab39
New member
Kalen
New member
I'm not failing to realize anything. I was saying the video does nothing but show someone with high pings. He explains in the post why he has high pings, but the video does absolutely nothing to prove his statement.
Grandpa Minion
Active member
He also explains in his post that the info was sent to the pimps. If you are expecting him to post the script and data here so any troll in the world can use it than i highly doubt that will happen. Frankly at @kalen it doesn't matter one way or another if you believe what he is saying as the proof has been sent to the pimps. It's up them to fix the issue or not now.
Kalen
New member
I already said I believed him.... all I did was point out that he posted a video as "proof" that didn't actually prove anything. Someone that did not believe him would not be convinced by that video.
giKoN
New member
The patch in fact fixes many of the issues on the netcode layer so thats a very good sign. First tests were positive from what I heard. The serveradmin.xml corruption is still a thing but I expect 19.3 to receive another Build which fixes that.
For the EAC bypass which is going around it won't help just yet - but the bar to hack the game has been raised significantly.
Honestly, thank you @Devs for taking this serious and reacting with a patch almost dedicated only to this. I think many in the server hosting community are feeling relief that they are not left alone.
For the EAC bypass which is going around it won't help just yet - but the bar to hack the game has been raised significantly.
Honestly, thank you @Devs for taking this serious and reacting with a patch almost dedicated only to this. I think many in the server hosting community are feeling relief that they are not left alone.