Currently I am working on a game.It will use peer to peer
method to communicate between players.To lessen hackers
I have decided on a scheme to encrypt the data packets by using a new key generated for each player each game. Every player will swap their key with an opponent's key.If the hacker is going to get anywhere he has to hack the key he got while the game is going on, not a smart idea since he can lose the game by wasting their time.
To add more security for the people who actually want to play legit:)! I was thinking of having each player report their every move to their opponents to see if their actions are possible within the game.The only problem I see with this, is that the opponent can easily hack to see what his opponent is doing, but I think this is better then having the hacker get unlimited resources and such.
My basic goal is to keep secure data of their computer and program the game to be on gaurd of cheating.If they actually want to cheat then they have to rewrite the game, not very fun.
If anybody has any other logical ideas to prevent cheating and such please let me know?
Hi
let me tell you what we do in Hostile Encounter
If you are going peer to peer...like us :) like Blizzard(tm) (c) :) like...eh...every good RTS :)
Every PC has a copy of the world...so..make a CRC32 on your copy of the world and send it to others...then check your CRC with their CRC...its very hard for the hacker to keep a world copy for every peer in the game (a false and a true one that is)...so very soon the game will desincro and the hacker will loose connection to the game :D
Think about it...there are other details that i cant speack about openly...but soon you will understand that this way no hacker can have more resources or units compared to other players....or he will live in a dream world playing a dream game...all other players will beat him...he will be the only one to think he won...and he will also have to be a damn good programmer just to be able to do that...actually he will have to recreate the most of the game for that..
This has only one flaw: MAP Hacking...
because each PC has a copy of the world...the local player can get info about the other players movements...eh...nobody can really stop that...or...
let me think a little...maybe i can...ssssst :) dont tell the hackers...we will see in Hostile Encounter ...comming soon to a monitor near you :) just kidding
The real problem that we have to resolve is this MAP HAACKING..all the other types of hacking dissapear if you use a peer to peer game session
any ideeas?
Errm,
maybe this sounds ignorant/stupid/whatsoever BUT
what the hell is this hacking stuff all about. I know that we don't live in a nice and harmless world but what is MAP HACKING and the other hacking methods you try to prevent?
Can somebody enlarge upon this on a simple minded basis?
Stefan
:) Hi Again,
Modifying the exe, modifying packets, packet sniffers etc.
Stefen and Bogdan you might want to read this article
www.gamasutra.com/features/20000724/pritchard_01.htm
I learned alot from it myself.
Starcraft has the advantage of a server helping route packets and verify the legitimacy of data between players.Me for one can't afford a server:(. So I have to come up with client side methods to at least lessen hacking. The only way you can prevent it is make it so hard that people have to rewrite the game to effectivly cheat or keep anything unsecure of the hackers pc.
So does anybody know of any weakness my above scheme has and if they have any general security algorithms(:)please don't paste code, only logic)?Also any problems disassemblers have when trying to disassemble code?Could Self modifying code help and could someone explain this technique to me?
By the way :)Bogdan your game is looking sweet. Im no where near you in my engine.
Clients connect to a server, and the client usually cheats, not the server.
so do all the checking serverside.. (and a little bit clientside ofcourse).
example: somebody hacked the game and set his life to 99, but server only counts 10...
(if you dont have a server option in your game, just do the checking on the puter that opened the connection for listeners)
but ofcourse, this wont stop all cheaters, look at Half-Life/Counter-Strike :mad:
my 0.2
Hi
its me again :) i dont sleep at this hour 05:45 am here in Romania :)
JDog:
I told you to think about it...
you got it wrong: Starcraft (tm) (c) has a server...but...
HERE I TELL A BIG SECRET :D
NOBODY can affort a 100.000+ online players plaing on a server...neither you neither Blizzard (tm) (c) etc
SO? well they just use the server to chat, (chat works with 5.000.000 clients easy) and start the game, after the game is started...oops the server is out of the picture...so basically you play over the internet...(IP to IP)
belive it or not ITS TRUE...
shiffers/etc will not help the hacker here (THATS THE SECRET) because all he can do (is get another baby :) just kidding) CAN NOT affect the othet PC's copy of the world
Sniffers and packet modifications etc ONLY work if you have a CENTRAL SERVER...
think better about it...what can a hacker do?
to hack he will have to modify the world on every PC that is in that game...no can do (easy i mean)
told you a client client is best antihacking in the world!
Alittle example:
==================
game starts the same on every PC, 1000 minerals and 1 unit
PC1 is in comtrol of player 1
PC2 is in control of player 2
PC1 gives comand to gather minerals to his unit 1
PC2 receive comand and move their unit 1 player 1 acordingly... unit 2 player 2 stands for simplicity
Unit 1 returns with minerals
PC1 adds 50 tominerals for player 1
PC2 adds 50 minerals for player 1 also
(no add 50 minerals command is exchanged!)
so if here PC1 wants to cheat he will add 100 minerals to player 1 on PC1...but hellas :D he can not add the same to player 1 on PC2...game will loose sincro on the next frame...and PC1 and player 1 will end game in disconect!
if 3 players are in the game a CRC on game data (units resources) CAN decide what PC's will remain in the game :)
so ONLY the hacker will be disconected!
GOT it NOW? if not
eh...wait for my tutorials on GAME MAKING on our NEW site...
About what is " map hacking"
=============================
That is a cheat tha allow a player to see what the other player do (usually under the "FOG of WAR" layer) and so gain information to help him win )othe player thinks he makea a surprise attack...but hellas..opponent knows the exact location and the exact forces that will attack)
this remains the only hacking possible in RTS's today...
and we have to do something about if! :D
This message was edited by BogdanOntanu, on 2/25/2001 11:04:25 PM
Hi its me again :), Sorry ,but I’m a little bit stubborn(or hell of allot inquisitive).
If you look at my first post you would notice that I have the same scheme your are implementing. However, peer to peer games have growing problems with latency. Checking the status of everyone’s world can go beyond the limits of peer to peer sessions. The Internet does not have a viable multi-casting capability, sending the same message to three destinations requires three times as much bandwidth as
sending it to a single destination. To aid this generally someone in the session steps in as the host to process the game data and send it out to the other peers(That way
only one copy of the game has to be made).This host can now tell how the other player’s environments are affected. Each player sending packets to 8 other peers is not viable. TCP stops delivering any of the other packets in the stream while it waits for the next "in order" packet. Latencies could easily grow in a 5-second range. Second if a packet is having a tough time getting to its destination, TCP will actually stop re-sending it. If packets are being dropped then it's due to congestion. It is worthless to try re-sending because that will only make the congestion worse. So
TCP will actually stop sending packets, and start sending occasional test packets.When the test packets start to get through, TCP will gradually start sending real
packets again. So latency can grow out of hand. I’m sure Starcraft servers do handle the transmission of packets between peers to speed up transmissions(Their servers
can handle this because they count on the players PC’s to do most of the grunt work). If you don’t believe me then ask any self respecting star craft player when
Diablo II came out. The conditions were horrible. As a well thought developer the most you can count on is 5k per second until people start getting cable modems.
Divide 30 frame rates a second and you get about 170 bytes per second. Also TCP/IP packets contain a 24 byte overhead. However most people won’t update their games every frame rate, mostly 2-5 is ok. Now including the normal chat
thats going on in the game and sending all revelant data to be checked by the other players worlds is not efficient way of handling multiplayer support. Modifying the
packet can allow the player to be able to cheat. It is very tough to implement a to good to be true algorithm, that shields honest players from cheating, without the
possible effects some might suffer from actually playing honestly.
So enough of my ramblings, I Guess I will have to see how you handle it in your game:), oh and if anyone is willing to add to the conversation they are encouraged,
I would like to hear if anybody has any new ideas for implementing a viable security
measures to their games.
This message was edited by JDog, on 2/26/2001 4:21:03 PM
Yeh i know all that about low speed of internet..
and it is true
solution is:
1. use UDP (nonguaranteed) no TCP other then for chat and initial setup (make your own protocol on top of UDP
)
2.dont sincro at every frame add a delay for latency
3....secret :) all i can say is: dont send everything ..just the bare required....it will be much smaller then 128 bytes :)
4.limit the player count to 8-12 max in a game (if more then 16 players...you need a server...but costs will rise like hell ..so MMO is out unless you have a lot of money to spend)
again...think about it :D...this things are not wide open ...yet
k,
Nice chatting, hope your game does well :).
I will certainly be reading the posts at this board, thanks to all the moderators for putting the effort to get this wonderful board together.
Personally, I think cheats can be a lot of fun for both the player (who has to FIND them first in the disassembly or beg the programmer to give them to him!) and the programmer himself. Just make sure you have a "disable cheats" command in multiplayer mode (with human opponents) like in Age of Empires II. (Just make sure you can't mess with THAT option... :D).
They way i look at something like this, the best idea is to stick in a design of protection, that isn't way silly, but makes things difficul for anyone that wants to try and cheat or sumthing. The next step is to make it so this method is easily modifible, so when the next version comes out, everything is changed. The person has to go through the entire hacking process again.
And if after all you have done, if someone still wants to hack that to cheat, the probably enjoy the hacking side more than the actualy playing.
Hmm.. all this seems a little complicated, why not just have a key for every client who uses the game. The server checks the key when the client connects, if that key is in use then bam, you have a hacker.... (have a username and password that they choose too)
Of course people would say it's not fair if you are the onw who bought the game, but if you gave away copies it's hard cheese for you isn't it?
Umbongo
I have something to add, alot OT ... anyone who plays starcraft knows that the bnet servers suk bigtime.. if ya gonna build servers, go for quality IMO
Hi flyby....
Now why the hell do they suck?
(and how do they do it :D)
They do NOTHING besides a IRC chat window and start/end of game (winn/loss counting) besides that the server does nothing he is not even there when you play the game :)
i guess that IF they suck it must be your UDP speed that sucks..
Besides, I play Starcraft a lot over bnet and never noticed
that the SERVER "sucks"...some ppl's connections are slow..
(includeing me) because we still use dial-up modems
(even if 56K)and we dont live in USA...i live in Romania...
and is normal to have a little lag when i play over the
Atlantic with somebody from US...
And i can tell you from my game that is damn hard to do a decent speed in a RTS network game...
Sure Hope you can do better ... because until now:
NO GAME EVER DID BETTER THEN STARCRAFT ON NETWORK
i used to play it even at 1,5 seconds latency...try that in your game...
Please be more "technical" or "logical"
and less "emotional"
about such things here...we are all professional...
words like "suck" make me think to something else...
:) very unprofesional :)
Bogdan
This message was edited by BogdanOntanu, on 3/13/2001 10:25:22 PM
This message was edited by BogdanOntanu, on 3/13/2001 10:27:14 PM