[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Nel] RE: Nel digest, Vol 1 #214 - 9 msgs
From: |
Jon Watte |
Subject: |
[Nel] RE: Nel digest, Vol 1 #214 - 9 msgs |
Date: |
Fri, 4 Jan 2002 10:52:01 -0800 |
> 2b) The final and worse form of this, Bots. Auto-hunters that can run
> around, and hunt for players hour after hour without the player actually
> being there or only occasionaly monitoring. Quite unfair from my stand
> point.
If this is a real problem, you should ask yourself what your game
offers a real human being to actually enjoy. If the game is reducible
to a simple series of scripted actions (or even a complex series of
scripted actions) then it'll become monotonic for a human sooner rather
than later. Witness EQ: if you didn't have the human communication
element, it would SUCK as a game.
> Possable solutions. These just came to me. These will only work in a
> closed source solution.
Security through obscurity doesn't work.
> 1) Re-arrange the order of data in the packets every build or whenever
This leads to much more testing for you, and only deters hackers a short
while when you update the version. It doesn't work over time. (Verant does
it for EQ -- ShowEQ still lives)
> 2) Update/change your encription: Again, they will discover what you
> are using, and just changeing one of the keys won't be enough. I don't
This leads to much more testing for you, and only deters hackers a short
while when you update the version. It doesn't work over time. (Verant does
it for EQ -- ShowEQ still lives)
> 3) Change the ports you use for communication: Again a delaying tactic
> at best. It's not a great solution but, it's better then nothing. You
This is not even a delaying tactic. Any packet sniffer will show you
what the new port is, and changing that constant in the radar app is
going to be a simple re-compile. If you do it a lot, and I was writing
a radar app, I'd just have the radar app sniff the network and look at
all UDP packets, and figure out what the port is automatically. It's
so weak as to be fully ineffective.
Proper design and tight server-side control is the only way to avoid
hacking users to have an advantage over non-hacking users.
-- Jon
PS: To the others replying on the list: PLEASE don't quote the ENTIRE
messages. It's quite annoying in digest mode.
- [Nel] RE: Nel digest, Vol 1 #214 - 9 msgs,
Jon Watte <=