Programming Forums > Application Development > C++

Dr.Backtick` · Jan 9th, 2006, 11:31 PM

OK,

So what your saying is that CRC32 is more for just checking if a files integrity stays intact while transmitting over a wire or whatever. I read your post and had some trouble with some of your grammer. Anyway from what I read you are really saying that the client side end of a game isnt really such a problem yet when it comes to the server you _MUST_ take extra precaution. I used to play HL2 and mod for it quite a bit and I must say I did learn a lot about it. I appreaciate your input on everything. If I decide not to worry about modification about files on the client side my next task would be to figure how to build a high score system. I assume there could be multiple ways of making one. I was originally planning my design around using MySQL. I soon realized that it wasnt the right choice to go with. I had the table planned out and all. Soon after I discussed how I was going to try to implement the plan and how I thought I should do it he said that I would have to open my database to the public which was a nono/Security Risk for me. Well, we can go with writing the scores to a flat file. Mainly we wanna make the scores available to view online. I wonder if I can have the scores generated then saved in a web page form then have the program open a connection to my FTP server and upload it to my web path for others to see. I could notify the users if they wanna see their scores just visit my web site. I just thought of that so I have to work it out on paper some more. Maybe you have more experience as to how I should implement it.

--George

Ooble · Jan 10th, 2006, 4:18 PM

Basically, what you'll need to do is do all the processing on the server. In Diablo (1 or 2... can't remember which), people used to cheat by sending "I killed this dude" messages to the server. So they patched it. Instead of sending messages saying "I killed him", it would be "I clicked on him". The server does the processing - the client is just a fancy interface.

Dr.Backtick` · Feb 13th, 2006, 9:06 PM

Well, its been some time since I have looked into the deep interesting things of data integrity checks and all. I have since then ventured into mapping for Battlefield 2 which is by far a great game in my view. I have played BF1942 and Vietnam and I have modded for it briefly and have noted to myself that it uses MD5 Checksums. I've seen it in action. I know from experience that if I modify the original map and try to play on a multiplayer server it will say sorry cannot run modified content and kicks me. From scratching at the details with MD5 stuff I know that you must use a command to generate a Hash file that contains a unique sequence of characters. It does checks against the current hash to the generated or something and determines if it was touched. I have knowledge with Linux and from experience I know you could do MD5 stuff but have little knowledge with it. I am willing to do some research. I have done a bit in my small free time these days and came up with some resources. I was wondering if any experienced person would be kind enough to just list some good resources that are well known so I could build my knowledge upon.

Ooble, yes I would agree with you upon that. I would think that it would be logical if one would implement such a check system on the server side. I believe that what the user will see is important so he cannot modify stuff.

--George

nnxion · Feb 14th, 2006, 3:44 AM

The point is that one cannot do everything server side, but the parts you do client side can be changed, and so can be cheated.

Dr.Backtick` · Feb 15th, 2006, 11:12 PM

Having things performed on the server side should put quite a heavy load on the server. Plus everything cannot be performed server side anyway.

For example, In BF2 if you modify an original slightly and try to join a online server it will load and allow you in for a little while then kick you and say sorry cannot load modified content. If you check the map folder you will notice a md5 file. I think it uses that as a component to check if local map content has been modified and if so the server rejects/kicks you.

Sorry, Am I being redundant? I am not ready to incorporate this feature into our project yet but I am just trying to get a feel as to what I will do when I come across this. I think I have a fair idea of how this concept works and how I will incorporate it. Of course i'd have to write it all out before implementing.

--George

Jan 10th, 2006, 4:18 PM	#12
Ooble I eat cake for breakfast. Join Date: Jul 2004 Location: In my box. Posts: 4,434 Rep Power: 9	Basically, what you'll need to do is do all the processing on the server. In Diablo (1 or 2... can't remember which), people used to cheat by sending "I killed this dude" messages to the server. So they patched it. Instead of sending messages saying "I killed him", it would be "I clicked on him". The server does the processing - the client is just a fancy interface. __________________ Me :: You :: Them

Feb 14th, 2006, 3:44 AM	#14
nnxion Programming Guru Join Date: Jun 2005 Location: elemental plane Posts: 1,429 Rep Power: 5	The point is that one cannot do everything server side, but the parts you do client side can be changed, and so can be cheated. __________________ "Employ your time in improving yourself by other men's writings, so that you shall gain easily what others have labored hard for." -- Socrates

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Jan 9th, 2006, 11:31 PM	#11
Dr.Backtick` Newbie Join Date: Dec 2004 Posts: 16 Rep Power: 0	OK, So what your saying is that CRC32 is more for just checking if a files integrity stays intact while transmitting over a wire or whatever. I read your post and had some trouble with some of your grammer. Anyway from what I read you are really saying that the client side end of a game isnt really such a problem yet when it comes to the server you _MUST_ take extra precaution. I used to play HL2 and mod for it quite a bit and I must say I did learn a lot about it. I appreaciate your input on everything. If I decide not to worry about modification about files on the client side my next task would be to figure how to build a high score system. I assume there could be multiple ways of making one. I was originally planning my design around using MySQL. I soon realized that it wasnt the right choice to go with. I had the table planned out and all. Soon after I discussed how I was going to try to implement the plan and how I thought I should do it he said that I would have to open my database to the public which was a nono/Security Risk for me. Well, we can go with writing the scores to a flat file. Mainly we wanna make the scores available to view online. I wonder if I can have the scores generated then saved in a web page form then have the program open a connection to my FTP server and upload it to my web path for others to see. I could notify the users if they wanna see their scores just visit my web site. I just thought of that so I have to work it out on paper some more. Maybe you have more experience as to how I should implement it. --George

Feb 13th, 2006, 9:06 PM	#13
Dr.Backtick` Newbie Join Date: Dec 2004 Posts: 16 Rep Power: 0	Well, its been some time since I have looked into the deep interesting things of data integrity checks and all. I have since then ventured into mapping for Battlefield 2 which is by far a great game in my view. I have played BF1942 and Vietnam and I have modded for it briefly and have noted to myself that it uses MD5 Checksums. I've seen it in action. I know from experience that if I modify the original map and try to play on a multiplayer server it will say sorry cannot run modified content and kicks me. From scratching at the details with MD5 stuff I know that you must use a command to generate a Hash file that contains a unique sequence of characters. It does checks against the current hash to the generated or something and determines if it was touched. I have knowledge with Linux and from experience I know you could do MD5 stuff but have little knowledge with it. I am willing to do some research. I have done a bit in my small free time these days and came up with some resources. I was wondering if any experienced person would be kind enough to just list some good resources that are well known so I could build my knowledge upon. Ooble, yes I would agree with you upon that. I would think that it would be logical if one would implement such a check system on the server side. I believe that what the user will see is important so he cannot modify stuff. --George

Feb 15th, 2006, 11:12 PM	#15
Dr.Backtick` Newbie Join Date: Dec 2004 Posts: 16 Rep Power: 0	Having things performed on the server side should put quite a heavy load on the server. Plus everything cannot be performed server side anyway. For example, In BF2 if you modify an original slightly and try to join a online server it will load and allow you in for a little while then kick you and say sorry cannot load modified content. If you check the map folder you will notice a md5 file. I think it uses that as a component to check if local map content has been modified and if so the server rejects/kicks you. Sorry, Am I being redundant? I am not ready to incorporate this feature into our project yet but I am just trying to get a feel as to what I will do when I come across this. I think I have a fair idea of how this concept works and how I will incorporate it. Of course i'd have to write it all out before implementing. --George

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Programming Forums > Application Development > C++

Trying to setup an anti-cheat system for a game friend and I are creating