Sharing Bans.txt, lets help eachother keep our servers free of cheaters.

Geekin

Valued Member!
This has probably already been said but I have ignored this thread right along as I refuse to believe hackers exist ....

IMHO any bans posted here that you expect anyone to add to their own server should include a screenshot, video or some proof showing the offending player. What if I were some newb admin who thought every time I got killed the person must be using a hack? What if I were a vindictive type and put in Dangeruss's ID just so he would be banned on every server (including his own, wouldn't that be funny :D).
And when your viewing a player and they are destroying the map , killing everyone on the server, and killing the db, your just trying to catch and get rid of .. not time to leisurely get screen shots and videos .. like I had tonight
 

DangerRuss

OpenDayZ Rockstar!
you're preaching the choire man. I have a very popular streamer/youtuber visit my server quite frequently and almost every time he plays some kids feel they need to nuke the server or teleport everyone 30km out to see.
Did you by chance capture their IP address?
InfiSTAR is only going to stop the newb cheaters. Anyone who knows what they're doing are going to be able to bypass it unfortunately. However, it does give you a lot of really nice tools to be able to monitor players and trends. An antihack is definitely a must, but you have to use your logs and everything as well. I've kind of given up on updating this thread though. I need a way to quickly delete duplicate entries.
 

DangerRuss

OpenDayZ Rockstar!
always ban by both IP and GUID. It can't hurt it will prevent them from joining with a new GUID using the same IP. Also, IP's are usually similar for people who are constantly connecting from the same place. If you're having a hard time figuring out who was hacking, you can look at IP's too see if someone joined with a very similar IP to one on your ban list. Either way, it can't hurt to have it.
People can have multiple GUID's as well. I banned some guys last night, they've been banned like 4 or more times but keep coming back with different GUID's and IP's. I know it's them because they often use the same name, or once they get banned, they instantly try and rejoin with a previously banned IP or GUID.

ysdeng
8fb111e1066bcee77c9c45a5b97341e3
27.24.253.96
60.248.176.241

Rap/Hip Hop
1fcd811d4cebd92791b37c100fc17f93
60.248.176.241

xm418
5661b3980d28abc7dd69bfcc12aa12d4
58.52.206.161
216.83.44.114
223.255.241.133
 

Geekin

Valued Member!
Well It came down to this .. 4 user names 2 guids and ips .. and a twitcher /youtube name of AckeyGames.. it may not have been him .. may have just been using the nick .. but I noticed it all started right after he joined .. so first I kicked him .. then caught two of the names in the act after looked at logs all 4 names belonged to 2 guids and ips

I sent AckeyGames msg on youtube to see if he was recording on my server .. so far no response.. but could be just using his name .. have to see what he says .. if he responds .. never heard of the dude .. not cool them not asking if ok to do that .. at least give u heads up to be aware of the havoc may cause
 
you're preaching the choire man. I have a very popular streamer/youtuber visit my server quite frequently and almost every time he plays some kids feel they need to nuke the server or teleport everyone 30km out to see.
Did you by chance capture their IP address?
InfiSTAR is only going to stop the newb cheaters. Anyone who knows what they're doing are going to be able to bypass it unfortunately. However, it does give you a lot of really nice tools to be able to monitor players and trends. An antihack is definitely a must, but you have to use your logs and everything as well. I've kind of given up on updating this thread though. I need a way to quickly delete duplicate entries.
What? do you mean that they get past Infistar AND the Battleye Filters? OMG, I wish I knew that before I wasted hours messing with infistar and filter scripts! .. Oh wait, I DID know that ;)

The only working antihack is whitelisted servers. I have an idea, instead of a global bans.txt list there should be a global whitelist.txt file that is shared providing all the non-cheaters. I have never used a whitelist because i dont like to exclude any players, but if there was a central database of non-hacking players that could be updated by participating admins and then those players could freely join any of the participating servers ... now THAT would be an idea.
I could create a website with a DB updateable by admins who have joined the "whitelist ring". It can also have the bans updateable. And if you have an FTP access to your account it could automatically update the servers with the new whitelist and bans. ??
 

Geekin

Valued Member!
sounds great .. but some of the admins have issues as well .. would have to rely on honesty of the admins that participate as well.. so in a perfect world we could all hold hands and sing Kumbaya lol.. and wouldn't need any of this :eek:;):rolleyes:
 
Been thinking ... I think this is the solution to all hacker problems.
I have the domain whitelist.us

So admins sign up and must be approved by existing admins and the server the admin is registering must have been online for 30 days. What we need to prevent is a hacker admin from joining and whitelisting hackers and a method of removing poorly managed servers from the list ... The admins that just ban everyone.

I am not sure if the bec whitelist.txt and custombans.txt files is writable while bec is running, if not, that complicates matters some. If we can write to those files while bec is running then all updates can be done automatically via ftp. Admins dont even have to add bans or whitelist on the website db, it can be retrieved and written periodically, they just have to use their bec to edit their own bans and whitelist and it will propagate throughout.

The db will track which servers have added players to the lists so if we have to remove a server because the admin was a nutter, we can easily remove all the players that admin had added since they would be in doubt.

So in a nutshell
  1. Admin adds players to his own whitelist and bans.
  2. Website db retrieves each whitelist,and bans and updates the database.
  3. Website writes new community whitelist and bans to each server.
How to get new players on the whitelist? The server i played on would tell players to req added to whitelist via teamspeak. They also disabled the whitelist while admins were online so they could monitor new players.

Any ideas, thoughts, ????
 

DangerRuss

OpenDayZ Rockstar!
Whitelists kill servers. Regular kids can't be bothered to go through the trouble of signing up, they'll just find a public server without a whitelist and play there. Ive seen many servers go the whitelist route, and die.

The problem is infiSTAR is a server side antihack, and of course cheats are client side. It's just a game back and forth between script writers and infiSTAR. InfiSTAR blocks one thing, they make another that gets by it, infiSTAR blocks that, etc etc. BUT it's better than nothing and gives the admin several tools to catch cheaters, especially those whos' cheating doesn't show up in the logs.
 
but that is my point with the whitelist. if a bunch of servers with existing plyerbase would put their players on a community whitelist then there would be many servers to choose from for the whitelisted players that they are ALREADY on, even if they never played there yet.
the server i played on was always full BECAUSE it was whitelisted, hence no worries at all about hackers. i agree that its a pain to use and that is why i never whitelisted my servers. but imagine if we had 20,000 players or more already on the list? it would get to the point where players would either take the time to be added or they would play on servers with hackers.
 
but that is my point with the whitelist. if a bunch of servers with existing plyerbase would put their players on a community whitelist then there would be many servers to choose from for the whitelisted players that they are ALREADY on, even if they never played there yet.
the server i played on was always full BECAUSE it was whitelisted, hence no worries at all about hackers. i agree that its a pain to use and that is why i never whitelisted my servers. but imagine if we had 20,000 players or more already on the list? it would get to the point where players would either take the time to be added or they would play on servers with hackers.
i fully support this idea :)
 

SchwEde

OpenDayZ Rockstar!
me too.

I think its a good idea and with something like this we also could add something to the server names, so people would see if that these server share this list.
 
i will get to work on a website and php today ... see what kind of feasability issues arise and will post details this afternoon. my idea is that participation in both directions of data flow would be configurable by each admin depending on how paranoid they are about providing ftp and/or mysql access to the websites php scripts.
this might all be able to be done with a bec plugin instead. i have never looked at that framework but it seems pretty flexible by the rss and teamspeak plugins.
what would be ideal is for server admins to signup on the website and in their account they would provide their mysql connection and ftp info so the scripts could work completely autonomous.
 
So here is my plan .. tell me where it gets retarded.

  • I have a website (http://whitelist.us) where server admins can create an account and be 'approved' to be able to add/edit the player lists. We cant allow just anyone to add to our whitelist or else the hackers will create their own server, whitelist themselves and then insert their whitelist into our community lists. So servers will have to be up for a certain time and have some other qualifying factors.
  • I will create a mysql database that will keep a list of each player that is submitted. This is searchable by anyone and keeps the following data. We will keep every player that plays on every server and mark whether they are on the whitelist or banlist then using these values we can create a community whitelist.txt and banlist.txt files.
    Code:
    GUID, playerName, onWhitelist, onBanlist, lastServer, serversCount (provides confidence)
  • Create a BEC plugin that will automatically handle the updating of the BEC whitelist and custom banlist on the local server by retrieving the files from the website. What to use from the website is admin configurable (whitelist, banlist or neither). I am familiar with python and have created several plugins for http://www.bigbrotherbot.net/ including an IRC relay to allow servers to send messages to each other ... which I could someday port for use on Arma I think.
  • (This is a WiP) How to get player info from the server to the website database. There are several possiblities here and since they probably dont have a current whitelist what we need is all the players from their mysql table and then mark all their banned players as such. Initially we are going to have to assume that the players for each server are legit if they are not on any banlists. Ideally the BEC plugin will do this, it does have the ability to connect to a mysql db so it can read the local server db and write to the website community db. It can automatically update the community db with banned players.
  • I would like to contrive some sort of local whitelist for each server using the BEC plugin. So servers that dont want to have use the "required to be on whitelist" model can use the whitelist and have a 'temporary' whitelist where a player can join the server and play but at some point must be added to the permanent whitelist by an admin or moderator. This would allow new players to join a server and play without potentially compromising the community whitelist (until the admin adds them to the permanent whitelist).
 

alexlawson

OpenDayZ Rockstar!
So a player joins plays for a while if hacking gets banned if not gets added to permanent white list and is allowed to keep playing is that the idea. o_O
 
yes. I suppose they could be automatically added because if they dont get caught cheating then they must be assumed to be honest, right? The whitelist expands on the simple banlist because it only allows players who have been shown to be non-cheaters .. so far.
The key is to make it as automatic and painless as possible
 

DangerRuss

OpenDayZ Rockstar!
Mainly my concerns with this relate to honesty of the people doing the banning/whitelisting. How will people appeal to this process if they feel they've been banned unfairly?

The biggest problem right now, this is extremely small. I run a pvp overwatch server, which most people do not. My player base is much different and much more random then most other servers. There is a high likelihood that no one who plays on my server has ever played on any of your servers, and the vice versa. Furthermore, new cd keys are like $5 right now, and the last group of hackers I've had come through are completely undetectable.

I don't think this is going to keep servers hacker free, it's a lot of work, and I think it will kill server population.

It is a nice idea though, I just doubt it will work.
 
lots of rambling follows, I wrote this at work on my cellphone. Then got home and added, edited more and its too late at night to worry about coherent thought.

  1. How will people appeal to this process if they feel they've been banned unfairly?
  2. and the last group of hackers I've had come through are completely undetectable.
  3. , it's a lot of work,
Answers to the above comments:
  1. http://whitelist.us will allow anyone (admins or players) to look up any player and see what list they are on and what server placed them on that list.
    What does a player do now? They contact the admin of the server they were on via the advertised teamspeak or website and make a request which is usually denied with "play on one of the other 4000 servers". Alternatively, I think a forum on opendayz.net would be the best communication method to discuss players and bans. I am a believer in 'beyond a reasonable doubt' and 'second chances' unless there is some hard proof. There could be a list that allows server admins to override the community lists and allow certain banned players that they believe are legit.
  2. Undetectable? then how did you know they were hackers? Shouldn't their IP's be banned globally via our community blacklist if they are getting new keys? I realize they can change their IP but its one more defense.
  3. The entire point of writing this as a BEC plugin is that it would require ZERO work. Well maybe not zero, but far less than it takes right now. The bans are shared, the whitelists are shared and both are updated on each server automatically and the community lists are updated automatically by the BEC plugin. Of course the admins will still have to catch hackers and ban them but you are doing that now, it should be easier though if the players that are caught on the WICKED server are then banned on other participating servers automatically and almost instantly.

honesty and reliability of the server admins is an issue which is why we can't accept just anyone to add/edit the lists, only responsible admins with stable servers (no servers that were setup yesterday). Any server can USE the community whitelists or banlists though.

Lets go over the basics again to remove any confusion.
  • All features are OPTIONAL at each admins discretion. You can use the community whitelist or the community banlist or neither. So this will automatically update the 'community banlist' that this entire thread is about if that is your preference.
  • Only certain servers and admins will be able to update the whitelist and banlists.
  • ANY admin can install the BEC plugin and freely use the community whitelist or banlist.
  • There will be a feature in which the admin can use the whitelist but still provide temporary access for new players who must be added to the whitelist by a server admin or moderator. By temporary I mean the server will use the whitelist and if a player joins who is not on the whitelist they are added to the Templist and they can join the server X number of times (X being configurable by the admin). So player NottaHaxor joins for the first time and can disconnect and rejoin 3 times. At any time, a server moderator/admin can use the command !WHITE NottaHaxor and he will be added to the full whitelist. If he is not added to the whitelist within 3 connections, he is not allowed to join any longer.
  • BEC commands
    !WHITE to add a player to the whitelist.
    !GREY removes a player from the whitelist
    !BLACK to add a player to the blacklist (banned). Should add GUID and IP also.
Personally, I think the whitelist is better than a banlist because it removes all those players that go and get a new cd key. But thats a personal choice and you dont have to use it. The whitelisted servers will have smaller populations but they are significantly more secure and therefore some players will be happier as well as the admin who doesn't want to constantly worry about the next Nuke attack.
 
Top