Ban System

[Ravenheart]

Its good you guys are improving the ban system, but its still not what most servers need. Today a lot of people don't have static IPs and one reconnection of the internet and they are back in-game.

So what i think will be best if there is a option to ban someone by his MAC address, instead of IP.

[Ravenheart]

Don't think any developer could comment... or say something.

[Brophy]

MAC Addresses can be changed too

[Jani]

Unless you force a user to pay for an account to play (like Valve do with their Steam content delivery system), there's no way you can ban someone. IP, MAC address, hostname, hardware serial numbers, it can all be changed.

[Ransom]

This has been gone over before multiple times, search the forums if you want the answer. Jani summed it up.

[Si|ent]

A potential solution is a registration system for servers. Not sure I'd fancy going through all the hassle just to play on a new server though.

[Ravenheart]

True it can be changed, but most of the users that cheat are like 12 year old, most don't know how to install windows so i doubt they could change they're MAC address

If it isn't very time consuming could you guys ass MAC address baning anyway(or maybe leave it for DM 1.1 or something).

[eAi]

We've spent a long time thinking about and discussing this issue (its been brought up time and time again - use the search button). Theres no real point us investing time in something just because "many people don't understand how to do it". They certainly will learn how. Any ban system has to be rhobust. The thing we've come to every time we discuss this is that charging or otherwise attaching value to an account is the only reliable way to ban users. We could attach value in some other way, but often that value isn't really worth anything to cheaters. We cannot really charge for accounts ourselves, but I'm sure server admins could charge for accounts on their servers if they wish - this would probably improve people's games but would somewhat reduce the player count. Anyway, if anyone has any magic ideas, feel free to tell us!

[Ravenheart]

DELETE please

Edited June 20, 2006 by Guest

[Ravenheart]

For one day of thinking this is the result:

MTA reads the installation date and time of windows (lets say 21 June 2005, 11:32 AM) from those numbers(21.06.2006:11.32) it generates a code(you can use blowfish or another algorithm), the code which MTA will generate is to be written somewhere on the user's computer and masked so they cannot find it with special tools(probably place it in a place where no one will look unless they see what MTA client does when booting with file monitor). The file which MTA writes on the PC with the user's code/key has to be encrypted also(this is a test code from blowfish on ViRC: ËjyXtc.KVLGd/1bq3Y.vUwuZ0, you take that code(which is to be the raw code generated using the date and time of windows installation) so that code is to be encrypted AGAIN so it would become even more strange for users.

Basically every time MTA would connect to a server it would read that code, decrypt the encryption and then decrypt the code itself to get the time of when windows was installed and if it is OK, they let the player in. The two encryptions(one that generates code from windows date and time of install, and the other that just mixes up that code) are needed so if the player tries to edit the install time of windows(guess that could be done), MTA will tell him that it's not correct and because even if they find the file which contains the code, they will still have to crack the second enryption(which mixes the raw code).

I'm thinking if you guys look at this:

http://ravenlabs.50megs.com/rsa.html

Hope you can understand me, cuz i'm not english

[Kamazy]

Wow all that just to ban a guy.

Maybe MTA can check the Physical Address.

Can that be changed?

[orappa]

That wouldn't work because it wouldn't be unique. Several people could have installed Windows on the same day. Also, if they reinstall, they will be unbanned

You could do it with hardware serial numbers though.

[Brophy]

Yes..

[Ravenheart]

I doubt they would have installed windows on the exact same second, and yes... if they reinstall windows they would get unbanned(unless the ban system adds that MTA code, MAC address and IP), i don't belive people would reinstall windows every day just to get into the servers they ware banned.

[Kamazy]

here's a thought:

How's about MTA creates a file with the time and date that you firsts started MTA and save it somewhere in the Windows folder so that it's not easy to find. (don't name it "MTA fist log") This way even if a somone reinstalls MTA it will stay there and won't change unless you format your PC or find the file. Make sure you hide it good with a name that doesn't have anything to do with MTA.

This seems to be a good way to do it that doesn't need to view windows files. Also, Maybe they are playing in with some other OS not windows what them?

Just put a file somewhere secret that makes a code depending on the person IP and time/date that he first started it.

Anyway that my idea.

[lil Toady]

here's a thought:

How's about MTA creates a file with the time and date that you firsts started MTA and save it somewhere in the Windows folder so that it's not easy to find. (don't name it "MTA fist log") This way even if a somone reinstalls MTA it will stay there and won't change unless you format your PC or find the file. Make sure you hide it good with a name that doesn't have anything to do with MTA.

This seems to be a good way to do it that doesn't need to view windows files. Also, Maybe they are playing in with some other OS not windows what them?

Just put a file somewhere secret that makes a code depending on the person IP and time/date that he first started it.

Anyway that my idea.

Hmm, reinstall mta, recon you're internet connection(if you have dinamic ip) and you're unbanned.

[Kamazy]

Hmm, reinstall mta, recon you're internet connection(if you have dinamic ip) and you're unbanned.

Not really cuz if there already a ID file (the one made at first start of MTA) It should be overwritable by just re-installing MTA and starting it again.

Thats why it should be well hiden in the windows folder.

ANd changing ANY setting (other then findinf the file and changing/deleting it) won't effect the file and thats what MTA will check.

[lil Toady]

anyway if peeps find this file it woldnt be good, ip bans are even better imo

[Kamazy]

That's the only flaw in it. If people really want to they'll probobly find it.

[Lággy]

That's the only flaw in it. If people really want to they'll probobly find it.

Maybe if the unique MTA file was stored in the registry. Could be more harder to find.

[Ravenheart]

Nothing unprotected will be found very easily, simpel becouse there is File Monitor and Registry Monitor, one start of MTA and they are detected, thats why the file needs two sets of encryptions(one to generate code from windows date and time of install, and one to mix it even more so they get lost).

Like my original post

[Jani]

Can you guys not read? Obviously not, so I'll quote my original post:

IP address, MAC address, hostname, hardware serial numbers, it can all be changed.

Now, lets hope you actually read it this time. The idea of the Windows install time is good, since there's actually very very little chance of two people having installed it on exactly the same time, day etc.

[ijsf]

Now I'm sure there are ways to protect and ban correctly in a way it is very hard even for the skilled crackers to crack the protection.. however the complexity of these systems may be a problem for us too.

Besides, nothing's uncrackable and it's just a matter of time before a new crack appears.

Banning systems are usually done by IP because this is, of course, the easiest way. ISP's are starting to supply more static ip's than dynamic ip's, and with IPv6 coming in a few years we might all have a static ip by then.

Banning by MAC addresses isnt possible. Try to send someone over the net a packet, and you'll discover that the person at the other end will actually not receive your MAC address, because the packet has been forwarded by numerous switches and routers thus changing the packet's MAC address to theirs. Feel free to correct me on this one.

Besides, as has been pointed out before.. MAC addresses can be changed too. You don't even have to change them in your hardware. e.g. Just stick a program between the application that's reading the MAC address and the driver. That's how it can go with anything.

Try hiding a file.. then it's just a matter of intercepting a few calls between the application and Windows and find out where that file is. You could even stick a program in there to make the application believe the file was created on another date or contains different data.

So for now we'll stick to IP banning, unless someone has a waterproof idea.. (which are rare)

[max-668]

true true.. i think there is no way to ban som one there is allways a way to go around the ban the only way will be is accounts as youy guys brought up... but my question is y cant MTA team charge for accounts well i know that you cant charge fo the mode because its a R* product so

y cant you guys charge for accounts??

sorry for the question

ps you can allways give evry one free acount but (new users ) need to pay for one that will make som people lose ther acount and if they cheat

[Ravenheart]

Pay to play a free multiplayer modification don't you think SA-MP will love that.