It is generally better for the client to do the updating, as alot of servers have firewalls to prevent extraneous socket communications(why cheating-death was more popular than paladin). Also, there is no way a client hack could do anything with the system I described without breaking your master server's signature keys. Actually, the system I described is *exactly* how the WON authentication works, you send a crypted version of cdkey to won with timestamp, it sends back your wonid as well as a hash of your wonid+ip+timestamp signed, then when you connect to a server the client sends the wonid+signed hash in the second packet(you can packet sniff and see this, it will say \uniqueid\12345\raw\AABBCCDDEEFF112233445566778899\ where the uniqueid is your wonid and the raw is a signed hash of the wonid + ip + timestamp. The only way for someone to spoof their wonid is either with a keygen or by breaking WON's signature keys(something that wont be happening in the next 10^27 years given current technology). It is almost always better to use an existing protocol than to develop your own. Existing protocols, such as kerberos, have been torn apart by security experts and still held strong. Also, it wont be much different for the clients now. In addition to connecting to the won master server, they connect to your server..thats all thats required.
>From: "Paul Samways" <[EMAIL PROTECTED]> >Reply-To: [EMAIL PROTECTED] >To: <[EMAIL PROTECTED]> >Subject: Re: [hlcoders] Client commands >Date: Sun, 16 Jun 2002 08:53:04 +0100 >I was intending to make the master server allow updates only from >registered >'trusted' IP addresses. Whats trusted and whats not would be down to me >trusting an admin. > >Since I'm pretty much the only admin for our mod (no-one else ever seems to >run a dedicated server) it's why I'm not overly worried about this being a >chore. > >If I have select trusted game servers then I can relax a lot of the >concerns. I'm intending for the client to have no interaction with the >database server, but instead to send username/password to the game server, >which then either gets their data or makes a new database entry if they >don't exist (or tells them where to go if the password is wrong). This >reduces the amount of places I need to trust, and also means clients have >no >power to change their stats with clientside hacks. > >Opinions? > >----- Original Message ----- >From: "Jonah Sherman" <[EMAIL PROTECTED]> >To: <[EMAIL PROTECTED]> >Sent: Saturday, June 15, 2002 9:47 PM >Subject: Re: [hlcoders] Client commands > > >For that, the most secure way would be something like... >Master server contains users keys(passwords), and data >When connecting to a server, the client connects to the master server, and >gives its login name. The server sends back the clients name, its data, >and >a timestamp, encrypted with the clients password. It also sends a SHA1 hash >of an unencrypted version of what it sent to the client, digitally signed >with the master servers private key. The client decrypts the data packet, >then sends this to the server, the server checks the timestamp is recent, >and that the signed hash matches the data. If so, all is well and the >client is authenticated. > >This only covers GETTING the data. As for updating it..there is no real >secure way to do that. Any method you do would rely both on a secure >client >and a secure server, neither of which could exist in reality. The server >could spoof whatever it wants to the master server, and the master server >has no way of verifying this. So, anyone could just make a server and send >spoofed updates the master server. There is absolutely no way to prevent >this whatsoever. > > >From: "Paul Samways" <[EMAIL PROTECTED]> > >Reply-To: [EMAIL PROTECTED] > >To: <[EMAIL PROTECTED]> > >Subject: Re: [hlcoders] Client commands > >Date: Sat, 15 Jun 2002 21:32:21 +0100 > >All servers. Master DB server kind of thing. And please drop the > >patronising > >tone, I will understand your answer. The reason I'm asking for > >clarification > >is I want to make find out if what you're thinking of is something I've > >already thought of or not. > > > >----- Original Message ----- > >From: "Jonah Sherman" <[EMAIL PROTECTED]> > >To: <[EMAIL PROTECTED]> > >Sent: Saturday, June 15, 2002 8:20 PM > >Subject: Re: [hlcoders] Client commands > > > > > >You wont understand what i said untill you answer my question: > >Is this persistent data for a player just on that server or for all > >servers? > > > > >From: "Paul Samways" <[EMAIL PROTECTED]> > > >Reply-To: [EMAIL PROTECTED] > > >To: <[EMAIL PROTECTED]> > > >Subject: Re: [hlcoders] Client commands > > >Date: Sat, 15 Jun 2002 19:04:03 +0100 > > >But your argument there can be applied to anything. Yes, someone can > > >intercept the username and hashed password, but that can be said for > >pretty > > >much everything I log onto on the web. There's no way to prevent that > > >without me putting SSL code in and rewriting the database server code >as > > >well (like I'm gonna do that). > > > > > >And what exactly do you mean by "just sending a hash of your password >to > > >the > > >server isnt secure, as the server can just replay that hash and act as > > >you..." ?. Not sure which server you mean by 'server' and also how you > > >think > > >they'd use this to their advantage? > > > > > >----- Original Message ----- > > >From: "Jonah Sherman" <[EMAIL PROTECTED]> > > >To: <[EMAIL PROTECTED]> > > >Sent: Saturday, June 15, 2002 6:11 PM > > >Subject: Re: [hlcoders] Client commands > > > > > > > > > > Actually, this isnt as much of a problem as you might think. ALL HL > >data > > >is > > > > encrypted before being sent over the network.. Are you planning on > > >storing > > > > player data for just that server or globally? If you planning on > >having > > >a > > > > master server store everyones info, you might want to rethink your > > >protocol, > > > > just sending a hash of your password to the server isnt secure, as >the > > > > server can just replay that hash and act as you... > > > > > > > > > > > > >From: "Paul Samways" <[EMAIL PROTECTED]> > > > > >Reply-To: [EMAIL PROTECTED] > > > > >To: <[EMAIL PROTECTED]> > > > > >Subject: [hlcoders] Client commands > > > > >Date: Fri, 14 Jun 2002 18:54:21 +0100 > > > > >Is it possible to preprocess client commands being sent to the >server > > > > >before > > > > >they're sent? > > > > > > > > > >I'd like to run an md5digest on a password argument before it flys > >off > > >over > > > > >the internet to the server. Is this possible? > > > > > > > > > >I was going to have players persistent info stored against AuthID, > >but > > >then > > > > >I realised it'd be nice to be able to log in at someone elses >machine > > >and > > > > >still get your stats/score updated. So now I need some way of a > >player > > > > >entering a username/password combo and not have a plaintext >password > > >either > > > > >travel across the network or be stored in a text file (which would > > >happen > > > > >if > > > > >I used a cvar wouldn't it?). > > > > > > > > > >Any suggestions to throw into the pot? > > > > > > > > > >Paul > > > > > > > > > >_______________________________________________ > > > > >To unsubscribe, edit your list preferences, or view the list > >archives, > > > > >please visit: > > > > >http://list.valvesoftware.com/mailman/listinfo/hlcoders > > > > > > > > > > > > > > > > > > > > > > > > > _________________________________________________________________ > > > > Chat with friends online, try MSN Messenger: >http://messenger.msn.com > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view the list >archives, > > >please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlcoders > > > > > > > > > >_______________________________________________ > > >To unsubscribe, edit your list preferences, or view the list archives, > > >please visit: > > >http://list.valvesoftware.com/mailman/listinfo/hlcoders > > > > > > > > > > > > >_________________________________________________________________ > >Join the world's largest e-mail service with MSN Hotmail. > >http://www.hotmail.com > > > >_______________________________________________ > >To unsubscribe, edit your list preferences, or view the list archives, > >please visit: > >http://list.valvesoftware.com/mailman/listinfo/hlcoders > > > > > >_______________________________________________ > >To unsubscribe, edit your list preferences, or view the list archives, > >please visit: > >http://list.valvesoftware.com/mailman/listinfo/hlcoders > > > > > > >_________________________________________________________________ >Join the world's largest e-mail service with MSN Hotmail. >http://www.hotmail.com > >_______________________________________________ >To unsubscribe, edit your list preferences, or view the list archives, >please visit: >http://list.valvesoftware.com/mailman/listinfo/hlcoders > > >_______________________________________________ >To unsubscribe, edit your list preferences, or view the list archives, >please visit: >http://list.valvesoftware.com/mailman/listinfo/hlcoders _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp. _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlcoders
