Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Hi Mart-Jan, Will you clarify this bit for me? I'm not sure I follow: Add a requirement of entering once every day (2?) the code on a F2P empty (no bought games) account will prevent them using trow-away email addresses. And F2P game being active after X time (2 days?) of creation of the account (+ being online over 4 hours or w/e, one needs to download the game, right?).. hmmz, that would help in the previous prevention of throw away mail addresses. -Jon -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Mart-Jan Reeuwijk Sent: Wednesday, August 31, 2011 7:28 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? +1 on Neph I wonder if a such hardware hashed ID could be send along with a steam ID, so servers could ban on those. Too much evasions lately with F2P via proxies, imo any form of blocking proxy/vpn usage would recieve my cheers. I understand that that might hinder ppl that run steam on their work etc. Another thing that might be an idea, is to limit empty accounts in a way (ie: no games bought on them). That they only can start playing the game after x time of creation, or at least have some game bought/regged on it (above a certain price, not for a 1 digit dollar/euro game). A vac ban on those accounts would hinder them more, cos they have something that is bought on it. Or let them do some time consuming requirements (ever rotating, otherwise they automate that) before they can play on regular servers. One other thing, why not having a automatic ban feedback from the servers to Valve, esp with F2P accounts that would be interesting I guess, for valve then having a monitoring tool for F2P accounts that are being banned over and over, and they have ultimate resources to see whom those are and who are linked to it. If they have also a requirement on steamguard enabled would be a nice one to combine bans + steamguard linked emails / the ID's they bind accounts to for steamguard etc. With the right query they can make a nice linkage of alt F2P accounts. Add a requirement of entering once every day (2?) the code on a F2P empty (no bought games) account will prevent them using trow-away email addresses. And F2P game being active after X time (2 days?) of creation of the account (+ being online over 4 hours or w/e, one needs to download the game, right?).. hmmz, that would help in the previous prevention of throw away mail addresses. Simply: make them work for it. They are already too lazy to aim themselves... work sound like a very good thing to get 'm at bay. As for namechangers, a simple SM plugin should be able to deal with those, just autoban for more then x name changes per x time. Say 3 changes per 5 minutes and a 30 min ban added. I rarely encounter anybody (legit) that wants to change his name anyway when on the server. Later with a complaint of hacking a perm can be made of it. Personally I would advertize its 3 name changes per 6 minutes, but in reality its per 4, to get those that want to try it out etc. For wallhacks, I always understood its 2 possible ways, one was via hacked skins(I tho mostly solved some time ago in a update?), which can be blocked by having walls etc adjusted, the other via entities in adjecent rooms being send, with anti-cheat blockers having downsides that they show the enemy a fraction after they are actually should be seen etc. Others might be better in getting a solution on that. I can see a load of problems with any solution for it, with distance differences to the corner (one being close, the other far, like 2fort balcony sniper vs sniper). One I encounter sometimes, that so far isn't mentioned, is a so called clickbot. It's clicking the button if its crosshair on the head. Sometimes quite obvious with impossible shots. Its incredibly hard to upheld such ban, even with long demo's and impossible shots etc. Shame I cannot find the video back that shows 'm. Final thing, if the VAC detection sees an old hack, I see no point in waiting several weeks. I understand the wait on new ones, so development on them is slowed down a lot, but old ones? letting 'm play for 2-3 weeks or w/e b4 banning 'm is only annoying and does imo nothing in slowing down development of new hacks. Maybe an x hours or w/e tops. also, it should taint the other accounts too on that machine. I'm well aware that not everything can be addressed, hackers will find new ways. I hope something above was helpful in the cause ;) From: David Schmieder dm_schmie...@hotmail.com To: Half-Life dedicated Linux server mailing list hlds_linux@list.valvesoftware.com Sent: Thursday, 1 September 2011, 2:24 Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Definitely speedhackers are the most frequent with a mix of aimbotters
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
He's saying that you should send them a link or some other code every so often via email that they must enter in steam, so it'd be more of a hassle to use throw away email accounts (especially the one time / 24 hours use ones). On Tue, Sep 06, 2011 at 12:48:25AM +, Jon Lippincott wrote: Hi Mart-Jan, Will you clarify this bit for me? I'm not sure I follow: Add a requirement of entering once every day (2?) the code on a F2P empty (no bought games) account will prevent them using trow-away email addresses. And F2P game being active after X time (2 days?) of creation of the account (+ being online over 4 hours or w/e, one needs to download the game, right?).. hmmz, that would help in the previous prevention of throw away mail addresses. -Jon -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Mart-Jan Reeuwijk Sent: Wednesday, August 31, 2011 7:28 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? +1 on Neph I wonder if a such hardware hashed ID could be send along with a steam ID, so servers could ban on those. Too much evasions lately with F2P via proxies, imo any form of blocking proxy/vpn usage would recieve my cheers. I understand that that might hinder ppl that run steam on their work etc. Another thing that might be an idea, is to limit empty accounts in a way (ie: no games bought on them). That they only can start playing the game after x time of creation, or at least have some game bought/regged on it (above a certain price, not for a 1 digit dollar/euro game). A vac ban on those accounts would hinder them more, cos they have something that is bought on it. Or let them do some time consuming requirements (ever rotating, otherwise they automate that) before they can play on regular servers. One other thing, why not having a automatic ban feedback from the servers to Valve, esp with F2P accounts that would be interesting I guess, for valve then having a monitoring tool for F2P accounts that are being banned over and over, and they have ultimate resources to see whom those are and who are linked to it. If they have also a requirement on steamguard enabled would be a nice one to combine bans + steamguard linked emails / the ID's they bind accounts to for steamguard etc. With the right query they can make a nice linkage of alt F2P accounts. Add a requirement of entering once every day (2?) the code on a F2P empty (no bought games) account will prevent them using trow-away email addresses. And F2P game being active after X time (2 days?) of creation of the account (+ being online over 4 hours or w/e, one needs to download the game, right?).. hmmz, that would help in the previous prevention of throw away mail addresses. Simply: make them work for it. They are already too lazy to aim themselves... work sound like a very good thing to get 'm at bay. As for namechangers, a simple SM plugin should be able to deal with those, just autoban for more then x name changes per x time.? Say 3 changes per 5 minutes and a 30 min ban added. I rarely encounter anybody (legit) that wants to change his name anyway when on the server. Later with a complaint of hacking a perm can be made of it. Personally I would advertize its 3 name changes per 6 minutes, but in reality its per 4, to get those that want to try it out etc. For wallhacks, I always understood its 2 possible ways, one was via hacked skins(I tho mostly solved some time ago in a update?), which can be blocked by having walls etc adjusted, the other via entities in adjecent rooms being send, with anti-cheat blockers having downsides that they show the enemy a fraction after they are actually should be seen etc. Others might be better in getting a solution on that. I can see a load of problems with any solution for it, with distance differences to the corner (one being close, the other far, like 2fort balcony sniper vs sniper). One I encounter sometimes, that so far isn't mentioned, is a so called clickbot. It's clicking the button if its crosshair on the head. Sometimes quite obvious with impossible shots. Its incredibly hard to upheld such ban, even with long demo's and impossible shots etc. Shame I cannot find the video back that shows 'm. Final thing, if the VAC detection sees an old hack, I see no point in waiting several weeks. I understand the wait on new ones, so development on them is slowed down a lot, but old ones? letting 'm play for 2-3 weeks or w/e b4 banning 'm is only annoying and does imo nothing in slowing down development of new hacks. Maybe an x hours or w/e tops. also, it should taint the other accounts too on that machine. I'm well aware that not everything can be addressed, hackers will find new ways. I hope something
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Thanks a bunch for all for the good feedback! -Jon ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
There is a plugin for that on AM to punish quickly changing names players. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of AJ Palkovic Sent: donderdag 1 september 2011 2:11 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Another common problem is hackers who are repeatedly changing their name, making it quite difficult to determine their steamid. It would be nice to rate limit name changes if possible. For instance if someone changes their name more than 4 times in 1 minute, they are blocked from changing their name again for 10 minutes? On Wed, Aug 31, 2011 at 5:07 PM, John Schoenick nephy...@doublezen.netwrote: Aimbotters and speedhackers are by far the most common, in that order. Aimbotters are rarely trying to hide what they're doing - they're often getting headshots as fast as they can fire while taunting people in chat. Speedhackers are very common too - a lot of these get detected by our anti-hack script, which has been averaging a ban per day since the F2P update. Wallhacks are hard, because there's no obvious giveaways if the player isn't being obvious, and most people who want to be obvious go the aimbot route. We get a few auto-detections of these per month from our anti-hack script, but the script is far from perfect, and I suspect there's a lot more of them than anyone realizes. I should also note that most of our hacker bans in the last months have been free accounts with no friends, seemingly created just to go troll people. It would be rather sweet justice if some sort of hardware fingerprinting were to find and VAC their real accounts. That would be one hell of a deterrent. - Neph On 08/31/2011 02:39 PM, Jon Lippincott wrote: I'd like to compile a list of the most common hacks/cheats you all are seeing and see what measures we can take on game servers to help. No guarantees about when this will happen, but it would be great to get your feedback so we can chip away at it at least. -Jon __**_ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/**mailman/listinfo/hlds_linuxhttp://lis t.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
On Wed, 31 Aug 2011 19:27:56 -0700 (PDT), Mart-Jan Reeuwijk wrote: As for namechangers, a simple SM plugin should be able to deal with those, just autoban for more then x name changes per x time. Say 3 This already exists, https://forums.alliedmods.net/showthread.php?t=161320 /Peter ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
I'd like to compile a list of the most common hacks/cheats you all are seeing and see what measures we can take on game servers to help. No guarantees about when this will happen, but it would be great to get your feedback so we can chip away at it at least. -Jon -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of AnAkIn . Sent: Friday, August 26, 2011 4:55 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? This is already done with DBlocker and multithreaded: http://dblocker.didrole.com/ The multithreading only works on Windows though, as Valve disabled the CPU detection code on Linux, so it's just like the servers always start with -threads 1. If you got a linux server you can add the -threads command and it will work though. 2011/8/26 Saint K. sai...@specialattack.net I can recall from the hlds times that we used to have an anti-wall hack extention or plugin which was quite low on load. What it did was it simply didn't send any information about clients that were not visible from your point of view. Can't figure out what the name was though, it was one of the high used tools (hlguard or so perhaps?) Saint K. From: hlds_linux-boun...@list.valvesoftware.com [ hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Daniel Nilsson [ daniel.joki...@gmail.com] Sent: 26 August 2011 13:36 To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Why does command like sv_cheats exist? Remove it //Daniel Eric Riemers skrev 2011-08-26 13:33: I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn .anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigentheki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J Minvaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavinec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
The most common type of hack I see on my servers are speedhacks, although i haven't modified the sv_max_usercmd_future_ticks cvar. One would assume the default should be enough to prevent speedhacking. The other issue I'm aware of is that the $ignorez prevention sometimes doesn't work. I don't have any specific repro steps, but sometimes after map changes, playermodel textures that should be ignoring $ignorez don't work correctly, and the textures appear through walls. On top of that, there are some particle effects (such as medic overheal, and a few others) which I believe should also respect the $ignorez fixes in the future. On Wed, Aug 31, 2011 at 4:39 PM, Jon Lippincott j...@valvesoftware.com wrote: I'd like to compile a list of the most common hacks/cheats you all are seeing and see what measures we can take on game servers to help. No guarantees about when this will happen, but it would be great to get your feedback so we can chip away at it at least. -Jon -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of AnAkIn . Sent: Friday, August 26, 2011 4:55 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? This is already done with DBlocker and multithreaded: http://dblocker.didrole.com/ The multithreading only works on Windows though, as Valve disabled the CPU detection code on Linux, so it's just like the servers always start with -threads 1. If you got a linux server you can add the -threads command and it will work though. 2011/8/26 Saint K. sai...@specialattack.net I can recall from the hlds times that we used to have an anti-wall hack extention or plugin which was quite low on load. What it did was it simply didn't send any information about clients that were not visible from your point of view. Can't figure out what the name was though, it was one of the high used tools (hlguard or so perhaps?) Saint K. From: hlds_linux-boun...@list.valvesoftware.com [ hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Daniel Nilsson [ daniel.joki...@gmail.com] Sent: 26 August 2011 13:36 To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Why does command like sv_cheats exist? Remove it //Daniel Eric Riemers skrev 2011-08-26 13:33: I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn .anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigentheki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J Minvaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavinec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Aimbotters and speedhackers are by far the most common, in that order. Aimbotters are rarely trying to hide what they're doing - they're often getting headshots as fast as they can fire while taunting people in chat. Speedhackers are very common too - a lot of these get detected by our anti-hack script, which has been averaging a ban per day since the F2P update. Wallhacks are hard, because there's no obvious giveaways if the player isn't being obvious, and most people who want to be obvious go the aimbot route. We get a few auto-detections of these per month from our anti-hack script, but the script is far from perfect, and I suspect there's a lot more of them than anyone realizes. I should also note that most of our hacker bans in the last months have been free accounts with no friends, seemingly created just to go troll people. It would be rather sweet justice if some sort of hardware fingerprinting were to find and VAC their real accounts. That would be one hell of a deterrent. - Neph On 08/31/2011 02:39 PM, Jon Lippincott wrote: I'd like to compile a list of the most common hacks/cheats you all are seeing and see what measures we can take on game servers to help. No guarantees about when this will happen, but it would be great to get your feedback so we can chip away at it at least. -Jon ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
I should also note that most of our hacker bans in the last months have been free accounts with no friends, seemingly created just to go troll people. It would be rather sweet justice if some sort of hardware fingerprinting were to find and VAC their real accounts. That would be one hell of a deterrent. Steam already performs a little bit of hardware fingerprinting. The question I have is if it's being used at all, but I don't have any solid numbers on how many brand new accounts are joining my servers. I assume *someone, somewhere* is keeping track of these kinds of players and is dealing with them. On Wed, Aug 31, 2011 at 7:07 PM, John Schoenick nephy...@doublezen.net wrote: Aimbotters and speedhackers are by far the most common, in that order. Aimbotters are rarely trying to hide what they're doing - they're often getting headshots as fast as they can fire while taunting people in chat. Speedhackers are very common too - a lot of these get detected by our anti-hack script, which has been averaging a ban per day since the F2P update. Wallhacks are hard, because there's no obvious giveaways if the player isn't being obvious, and most people who want to be obvious go the aimbot route. We get a few auto-detections of these per month from our anti-hack script, but the script is far from perfect, and I suspect there's a lot more of them than anyone realizes. I should also note that most of our hacker bans in the last months have been free accounts with no friends, seemingly created just to go troll people. It would be rather sweet justice if some sort of hardware fingerprinting were to find and VAC their real accounts. That would be one hell of a deterrent. - Neph On 08/31/2011 02:39 PM, Jon Lippincott wrote: I'd like to compile a list of the most common hacks/cheats you all are seeing and see what measures we can take on game servers to help. No guarantees about when this will happen, but it would be great to get your feedback so we can chip away at it at least. -Jon ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Another common problem is hackers who are repeatedly changing their name, making it quite difficult to determine their steamid. It would be nice to rate limit name changes if possible. For instance if someone changes their name more than 4 times in 1 minute, they are blocked from changing their name again for 10 minutes? On Wed, Aug 31, 2011 at 5:07 PM, John Schoenick nephy...@doublezen.netwrote: Aimbotters and speedhackers are by far the most common, in that order. Aimbotters are rarely trying to hide what they're doing - they're often getting headshots as fast as they can fire while taunting people in chat. Speedhackers are very common too - a lot of these get detected by our anti-hack script, which has been averaging a ban per day since the F2P update. Wallhacks are hard, because there's no obvious giveaways if the player isn't being obvious, and most people who want to be obvious go the aimbot route. We get a few auto-detections of these per month from our anti-hack script, but the script is far from perfect, and I suspect there's a lot more of them than anyone realizes. I should also note that most of our hacker bans in the last months have been free accounts with no friends, seemingly created just to go troll people. It would be rather sweet justice if some sort of hardware fingerprinting were to find and VAC their real accounts. That would be one hell of a deterrent. - Neph On 08/31/2011 02:39 PM, Jon Lippincott wrote: I'd like to compile a list of the most common hacks/cheats you all are seeing and see what measures we can take on game servers to help. No guarantees about when this will happen, but it would be great to get your feedback so we can chip away at it at least. -Jon __**_ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/**mailman/listinfo/hlds_linuxhttp://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Definitely speedhackers are the most frequent with a mix of aimbotters and wallhackers thrown in for good measure. The name changers are especially annoying. -Original Message- From: AJ Palkovic Sent: Wednesday, August 31, 2011 5:10 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Another common problem is hackers who are repeatedly changing their name, making it quite difficult to determine their steamid. It would be nice to rate limit name changes if possible. For instance if someone changes their name more than 4 times in 1 minute, they are blocked from changing their name again for 10 minutes? On Wed, Aug 31, 2011 at 5:07 PM, John Schoenick nephy...@doublezen.netwrote: Aimbotters and speedhackers are by far the most common, in that order. Aimbotters are rarely trying to hide what they're doing - they're often getting headshots as fast as they can fire while taunting people in chat. Speedhackers are very common too - a lot of these get detected by our anti-hack script, which has been averaging a ban per day since the F2P update. Wallhacks are hard, because there's no obvious giveaways if the player isn't being obvious, and most people who want to be obvious go the aimbot route. We get a few auto-detections of these per month from our anti-hack script, but the script is far from perfect, and I suspect there's a lot more of them than anyone realizes. I should also note that most of our hacker bans in the last months have been free accounts with no friends, seemingly created just to go troll people. It would be rather sweet justice if some sort of hardware fingerprinting were to find and VAC their real accounts. That would be one hell of a deterrent. - Neph On 08/31/2011 02:39 PM, Jon Lippincott wrote: I'd like to compile a list of the most common hacks/cheats you all are seeing and see what measures we can take on game servers to help. No guarantees about when this will happen, but it would be great to get your feedback so we can chip away at it at least. -Jon __**_ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/**mailman/listinfo/hlds_linuxhttp://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
On Wed, Aug 31, 2011 at 05:10:59PM -0700, AJ Palkovic wrote: Another common problem is hackers who are repeatedly changing their name, making it quite difficult to determine their steamid. It would be nice to rate limit name changes if possible. For instance if someone changes their name more than 4 times in 1 minute, they are blocked from changing their name again for 10 minutes? No thanks. There are already plugins that you can use to block them, and that will just cause issues for normal users. sv_pure being 2 by default would stop a lot of mathackers, but Valve will never do that (waah why can't I see my golden deagle skin?), including the fact that sv_pure is pretty annoying with the autoexec.cfg changed and such errors. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
+1 on Neph I wonder if a such hardware hashed ID could be send along with a steam ID, so servers could ban on those. Too much evasions lately with F2P via proxies, imo any form of blocking proxy/vpn usage would recieve my cheers. I understand that that might hinder ppl that run steam on their work etc. Another thing that might be an idea, is to limit empty accounts in a way (ie: no games bought on them). That they only can start playing the game after x time of creation, or at least have some game bought/regged on it (above a certain price, not for a 1 digit dollar/euro game). A vac ban on those accounts would hinder them more, cos they have something that is bought on it. Or let them do some time consuming requirements (ever rotating, otherwise they automate that) before they can play on regular servers. One other thing, why not having a automatic ban feedback from the servers to Valve, esp with F2P accounts that would be interesting I guess, for valve then having a monitoring tool for F2P accounts that are being banned over and over, and they have ultimate resources to see whom those are and who are linked to it. If they have also a requirement on steamguard enabled would be a nice one to combine bans + steamguard linked emails / the ID's they bind accounts to for steamguard etc. With the right query they can make a nice linkage of alt F2P accounts. Add a requirement of entering once every day (2?) the code on a F2P empty (no bought games) account will prevent them using trow-away email addresses. And F2P game being active after X time (2 days?) of creation of the account (+ being online over 4 hours or w/e, one needs to download the game, right?).. hmmz, that would help in the previous prevention of throw away mail addresses. Simply: make them work for it. They are already too lazy to aim themselves... work sound like a very good thing to get 'm at bay. As for namechangers, a simple SM plugin should be able to deal with those, just autoban for more then x name changes per x time. Say 3 changes per 5 minutes and a 30 min ban added. I rarely encounter anybody (legit) that wants to change his name anyway when on the server. Later with a complaint of hacking a perm can be made of it. Personally I would advertize its 3 name changes per 6 minutes, but in reality its per 4, to get those that want to try it out etc. For wallhacks, I always understood its 2 possible ways, one was via hacked skins(I tho mostly solved some time ago in a update?), which can be blocked by having walls etc adjusted, the other via entities in adjecent rooms being send, with anti-cheat blockers having downsides that they show the enemy a fraction after they are actually should be seen etc. Others might be better in getting a solution on that. I can see a load of problems with any solution for it, with distance differences to the corner (one being close, the other far, like 2fort balcony sniper vs sniper). One I encounter sometimes, that so far isn't mentioned, is a so called clickbot. It's clicking the button if its crosshair on the head. Sometimes quite obvious with impossible shots. Its incredibly hard to upheld such ban, even with long demo's and impossible shots etc. Shame I cannot find the video back that shows 'm. Final thing, if the VAC detection sees an old hack, I see no point in waiting several weeks. I understand the wait on new ones, so development on them is slowed down a lot, but old ones? letting 'm play for 2-3 weeks or w/e b4 banning 'm is only annoying and does imo nothing in slowing down development of new hacks. Maybe an x hours or w/e tops. also, it should taint the other accounts too on that machine. I'm well aware that not everything can be addressed, hackers will find new ways. I hope something above was helpful in the cause ;) From: David Schmieder dm_schmie...@hotmail.com To: Half-Life dedicated Linux server mailing list hlds_linux@list.valvesoftware.com Sent: Thursday, 1 September 2011, 2:24 Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Definitely speedhackers are the most frequent with a mix of aimbotters and wallhackers thrown in for good measure. The name changers are especially annoying. -Original Message- From: AJ Palkovic Sent: Wednesday, August 31, 2011 5:10 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Another common problem is hackers who are repeatedly changing their name, making it quite difficult to determine their steamid. It would be nice to rate limit name changes if possible. For instance if someone changes their name more than 4 times in 1 minute, they are blocked from changing their name again for 10 minutes? On Wed, Aug 31, 2011 at 5:07 PM, John Schoenick nephy...@doublezen.netwrote: Aimbotters and speedhackers are by far the most common, in that order. Aimbotters
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
For TF2: Always crits + aimbot (less than 10). Couple of speedhackers too. Cheating isn't that major issue in it in my part of the world CS Source: Aimbot+wallhack (About 1-3 per week), speedhack occasionally. I've even taken the liberty of using that steamcommunity report tool for each cheater we encounter, say the game name and which cheat he used. Ask Mike Blaszczak or J Burton about the reports more if you are unfamiliar. I still don't know if it makes any difference or do they go just for statistical purposes on how many of those cheaters are being caught by VAC or are they monitoring the reported players more closely somehow through Steam. -ics 1.9.2011 0:39, Jon Lippincott kirjoitti: I'd like to compile a list of the most common hacks/cheats you all are seeing and see what measures we can take on game servers to help. No guarantees about when this will happen, but it would be great to get your feedback so we can chip away at it at least. -Jon -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of AnAkIn . Sent: Friday, August 26, 2011 4:55 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? This is already done with DBlocker and multithreaded: http://dblocker.didrole.com/ The multithreading only works on Windows though, as Valve disabled the CPU detection code on Linux, so it's just like the servers always start with -threads 1. If you got a linux server you can add the -threads command and it will work though. 2011/8/26 Saint K.sai...@specialattack.net I can recall from the hlds times that we used to have an anti-wall hack extention or plugin which was quite low on load. What it did was it simply didn't send any information about clients that were not visible from your point of view. Can't figure out what the name was though, it was one of the high used tools (hlguard or so perhaps?) Saint K. From: hlds_linux-boun...@list.valvesoftware.com [ hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Daniel Nilsson [ daniel.joki...@gmail.com] Sent: 26 August 2011 13:36 To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Why does command like sv_cheats exist? Remove it //Daniel Eric Riemers skrev 2011-08-26 13:33: I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn .anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigentheki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J Minvaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavinec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
2011/8/26 px p...@i.kiev.ua: Hello, AnAkIn. I made a quick look on site and forum, but didn't find answer: if plugin blocks sending coordinates of non-visible players, how then their sounds transmitted to other players? Different plugins use different strategies. Some send the audio through different channels to confuse the hack, others mess with the audio itself in a way that (supposedly) doesn't change the way you hear it, but breaks position detection in hacks, etc. The sad truth is, most server-side plugins that try to do that end up breaking the experience for a lot of players. For example, the anti-wallhack plugins for HLDS are famous for making the enemy visible a fraction of a second after you actually are in line of sight, which breaks the gameplay completely. -- Reuben ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
I think the sv_cheats guy might be talking about removing debug stuff like r_drawothermodels completely, which is incredibly dumb nontheless. 2011/8/26 px p...@i.kiev.ua: Hello, AnAkIn. I made a quick look on site and forum, but didn't find answer: if plugin blocks sending coordinates of non-visible players, how then their sounds transmitted to other players? This is already done with DBlocker and multithreaded: http://dblocker.didrole.com/ The multithreading only works on Windows though, as Valve disabled the CPU detection code on Linux, so it's just like the servers always start with -threads 1. If you got a linux server you can add the -threads command and it will work though. 2011/8/26 Saint K. sai...@specialattack.net I can recall from the hlds times that we used to have an anti-wall hack extention or plugin which was quite low on load. What it did was it simply didn't send any information about clients that were not visible from your point of view. Can't figure out what the name was though, it was one of the high used tools (hlguard or so perhaps?) Saint K. From: hlds_linux-boun...@list.valvesoftware.com [ hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Daniel Nilsson [ daniel.joki...@gmail.com] Sent: 26 August 2011 13:36 To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Why does command like sv_cheats exist? Remove it //Daniel Eric Riemers skrev 2011-08-26 13:33: I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn .anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigentheki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J Minvaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavinec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
just banned a guy last nite for a hack that changes his name every second. Also had wallhack, aimbot, with speedhack. Wished i had relays running on that server at the time. On Sat, Aug 27, 2011 at 9:07 AM, Drogen Viech drogenvi...@googlemail.comwrote: I think the sv_cheats guy might be talking about removing debug stuff like r_drawothermodels completely, which is incredibly dumb nontheless. 2011/8/26 px p...@i.kiev.ua: Hello, AnAkIn. I made a quick look on site and forum, but didn't find answer: if plugin blocks sending coordinates of non-visible players, how then their sounds transmitted to other players? This is already done with DBlocker and multithreaded: http://dblocker.didrole.com/ The multithreading only works on Windows though, as Valve disabled the CPU detection code on Linux, so it's just like the servers always start with -threads 1. If you got a linux server you can add the -threads command and it will work though. 2011/8/26 Saint K. sai...@specialattack.net I can recall from the hlds times that we used to have an anti-wall hack extention or plugin which was quite low on load. What it did was it simply didn't send any information about clients that were not visible from your point of view. Can't figure out what the name was though, it was one of the high used tools (hlguard or so perhaps?) Saint K. From: hlds_linux-boun...@list.valvesoftware.com [ hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Daniel Nilsson [ daniel.joki...@gmail.com] Sent: 26 August 2011 13:36 To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Why does command like sv_cheats exist? Remove it //Daniel Eric Riemers skrev 2011-08-26 13:33: I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn .anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigentheki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J Minvaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavinec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigen theki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J M invaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavi nec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- Best regards, AnAkIn, - ESL EU TF2 Admin http://www.esl.eu/eu/tf2 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn . anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigen theki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J M invaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavi nec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Why does command like sv_cheats exist? Remove it //Daniel Eric Riemers skrev 2011-08-26 13:33: I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn .anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigentheki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J Minvaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavinec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
I can recall from the hlds times that we used to have an anti-wall hack extention or plugin which was quite low on load. What it did was it simply didn't send any information about clients that were not visible from your point of view. Can't figure out what the name was though, it was one of the high used tools (hlguard or so perhaps?) Saint K. From: hlds_linux-boun...@list.valvesoftware.com [hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Daniel Nilsson [daniel.joki...@gmail.com] Sent: 26 August 2011 13:36 To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Why does command like sv_cheats exist? Remove it //Daniel Eric Riemers skrev 2011-08-26 13:33: I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn .anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigentheki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J Minvaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavinec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
This is already done with DBlocker and multithreaded: http://dblocker.didrole.com/ The multithreading only works on Windows though, as Valve disabled the CPU detection code on Linux, so it's just like the servers always start with -threads 1. If you got a linux server you can add the -threads command and it will work though. 2011/8/26 Saint K. sai...@specialattack.net I can recall from the hlds times that we used to have an anti-wall hack extention or plugin which was quite low on load. What it did was it simply didn't send any information about clients that were not visible from your point of view. Can't figure out what the name was though, it was one of the high used tools (hlguard or so perhaps?) Saint K. From: hlds_linux-boun...@list.valvesoftware.com [ hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Daniel Nilsson [ daniel.joki...@gmail.com] Sent: 26 August 2011 13:36 To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Why does command like sv_cheats exist? Remove it //Daniel Eric Riemers skrev 2011-08-26 13:33: I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn .anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigentheki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J Minvaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavinec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Dear Valve: Whats the CS:GO server requirements? The cpu usage is like a tf2 server? Any news about the CS:GO dedicated server beta release date(i heard somewhere its in october)? The engine(the one in portal 2?) will still use only one core in a dedicated server? Best regards ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Sv_cheats is for godmode, noclip, etc. Cheat codes. And often useful for debugging. These are not the hacks being spoken of. Sent via BlackBerry by ATT -Original Message- From: Daniel Nilsson daniel.joki...@gmail.com Sender: hlds_linux-boun...@list.valvesoftware.com Date: Fri, 26 Aug 2011 13:36:48 To: hlds_linux@list.valvesoftware.com Reply-To: Half-Life dedicated Linux server mailing list hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Why does command like sv_cheats exist? Remove it //Daniel Eric Riemers skrev 2011-08-26 13:33: I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn .anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigentheki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J Minvaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavinec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
On Fri, Aug 26, 2011 at 7:36 AM, Daniel Nilsson daniel.joki...@gmail.comwrote: Why does command like sv_cheats exist? Remove it //Daniel Not sure if troll, or just incredibly dumb. Ether way, please go back to SPUF. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
I half thought that earlier poster was joking, yes Tyler is correct sv_cheats really has nothing to do with the hacks as far as I'm aware. On Fri, Aug 26, 2011 at 12:37 PM, tylerschw...@gmail.com wrote: Sv_cheats is for godmode, noclip, etc. Cheat codes. And often useful for debugging. These are not the hacks being spoken of. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Hello, AnAkIn. I made a quick look on site and forum, but didn't find answer: if plugin blocks sending coordinates of non-visible players, how then their sounds transmitted to other players? This is already done with DBlocker and multithreaded: http://dblocker.didrole.com/ The multithreading only works on Windows though, as Valve disabled the CPU detection code on Linux, so it's just like the servers always start with -threads 1. If you got a linux server you can add the -threads command and it will work though. 2011/8/26 Saint K. sai...@specialattack.net I can recall from the hlds times that we used to have an anti-wall hack extention or plugin which was quite low on load. What it did was it simply didn't send any information about clients that were not visible from your point of view. Can't figure out what the name was though, it was one of the high used tools (hlguard or so perhaps?) Saint K. From: hlds_linux-boun...@list.valvesoftware.com [ hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Daniel Nilsson [ daniel.joki...@gmail.com] Sent: 26 August 2011 13:36 To: hlds_linux@list.valvesoftware.com Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Why does command like sv_cheats exist? Remove it //Daniel Eric Riemers skrev 2011-08-26 13:33: I think they could do even more, but in the end the impact on servers on cpu (anti wallhack for instance) might be that high and since its still single threaded On Fri, 26 Aug 2011 12:32:29 +0200, AnAkIn .anakin...@gmail.com wrote: Valve could block wallhacks and speedhacks with some server side code if they wanted to. 2011/8/26 Kigentheki...@gmail.com There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J Minvaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavinec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view
[hlds_linux] Dealing with F2P ban evasion and status hack?
Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
No, they aren't. 2011/8/25 bottige...@gmail.com bottige...@gmail.com Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- Best regards, AnAkIn, - ESL EU TF2 Admin http://www.esl.eu/eu/tf2 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
The only thing i know is that they cant put multiple accounts (max 3 i think) on 1 creditcard... if you want more on 1 account, but hey for cheaters they don't care... -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of AnAkIn . Sent: donderdag 25 augustus 2011 22:40 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? No, they aren't. 2011/8/25 bottige...@gmail.com bottige...@gmail.com Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- Best regards, AnAkIn, - ESL EU TF2 Admin http://www.esl.eu/eu/tf2 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
I've never seen that, my credit card has been used on 5+ accounts without problems. I have 2 accounts and my roommates have 3 accounts between them both and we all use my 1 credit card since they only have cash. Michael On Thu, Aug 25, 2011 at 4:45 PM, Eric Riemers riem...@binkey.nl wrote: The only thing i know is that they cant put multiple accounts (max 3 i think) on 1 creditcard... if you want more on 1 account, but hey for cheaters they don't care... -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of AnAkIn . Sent: donderdag 25 augustus 2011 22:40 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? No, they aren't. 2011/8/25 bottige...@gmail.com bottige...@gmail.com Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- Best regards, AnAkIn, - ESL EU TF2 Admin http://www.esl.eu/eu/tf2 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
sourcemods plugins can block F2P 2011/8/25 Michael mich...@polishedgeek.com I've never seen that, my credit card has been used on 5+ accounts without problems. I have 2 accounts and my roommates have 3 accounts between them both and we all use my 1 credit card since they only have cash. Michael On Thu, Aug 25, 2011 at 4:45 PM, Eric Riemers riem...@binkey.nl wrote: The only thing i know is that they cant put multiple accounts (max 3 i think) on 1 creditcard... if you want more on 1 account, but hey for cheaters they don't care... -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of AnAkIn . Sent: donderdag 25 augustus 2011 22:40 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? No, they aren't. 2011/8/25 bottige...@gmail.com bottige...@gmail.com Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- Best regards, AnAkIn, - ESL EU TF2 Admin http://www.esl.eu/eu/tf2 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
blocking f2p would surely help fix that issue to a point. On that same note, maybe that is 1 reason why valve threw up so many servers ? On Thu, Aug 25, 2011 at 5:25 PM, Loïc PERY louloubi...@gmail.com wrote: sourcemods plugins can block F2P 2011/8/25 Michael mich...@polishedgeek.com I've never seen that, my credit card has been used on 5+ accounts without problems. I have 2 accounts and my roommates have 3 accounts between them both and we all use my 1 credit card since they only have cash. Michael On Thu, Aug 25, 2011 at 4:45 PM, Eric Riemers riem...@binkey.nl wrote: The only thing i know is that they cant put multiple accounts (max 3 i think) on 1 creditcard... if you want more on 1 account, but hey for cheaters they don't care... -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of AnAkIn . Sent: donderdag 25 augustus 2011 22:40 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? No, they aren't. 2011/8/25 bottige...@gmail.com bottige...@gmail.com Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux -- Best regards, AnAkIn, - ESL EU TF2 Admin http://www.esl.eu/eu/tf2 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Th On Thu, Aug 25, 2011 at 7:06 PM, hlds h...@gmx.com wrote: Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Blargs, that got cut off. Anyway, the client doesn't decide when a crit occurs. But as part of the prediction (for lag compensation) it does know when a crit will happen. Cheats just hook onto this and fire the weapon when a crit will occur. I built a simple tool that will prevent this but haven't released it yet. Mainly this is because I have to know where this leaves myself for the future. I'm all about free software, but making software free is very expensive to me. :( On Thu, Aug 25, 2011 at 7:28 PM, Kigen theki...@gmail.com wrote: Th On Thu, Aug 25, 2011 at 7:06 PM, hlds h...@gmx.com wrote: Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
On Thu, Aug 25, 2011 at 07:32:08PM -0500, Kigen wrote: Mainly this is because I have to know where this leaves myself for the future. I'm all about free software, but making software free is very expensive to me. :( No offense, but are there anyone who would pay for an anticheat plugin for such a trivial feature? I just can't see any common people buying such a thing, except hardcore gaming leagues (which would be watching the players closer anyways). ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
Re: [hlds_linux] Dealing with F2P ban evasion and status hack?
There isn't just that. But I mentioned it since it was what was being discussed. A lot of things get broken in cheats when you use this plugin. But it does cause some other issues (small, but noticeable). On Thu, Aug 25, 2011 at 9:05 PM, J M invaderam...@gmail.com wrote: The client doesn't decide it, but it knows when it's going to happen at the same time the server does. This is so that client side prediction can work effectively with crits. Whether an attack is a crit is decided by both the server and the client at the same time. They used to allow clients to decide it, and crit hacks used to be much more useful. Nowadays, crit hacks simply shoot every time there is going to be a crit, instead of forcing crits every time you shoot. On Thu, Aug 25, 2011 at 9:55 PM, Necavi nec...@0xf.org wrote: Out of curiosity, why should the client decide when a critical hit occurs? I can see some benefit to it, but mostly I see it as exploitable. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of hlds Sent: Thursday, August 25, 2011 17:07 To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Dealing with F2P ban evasion and status hack? Valve should first add some basic server side protection against some common hacks. For example should be easy to block 100% crits hacks like this one: http://www.youtube.com/watch?v=4hq_LZUPvqI. I understand why the client has to decide when a a critical hit occurs, but the server should validate the decision. Most speedhacks also should be detected by server. - Original Message - From: bottige...@gmail.com Sent: 08/25/11 11:36 PM To: Half-Life dedicated Linux server mailing list Subject: [hlds_linux] Dealing with F2P ban evasion and status hack? Is Valve really doing anything to catch people making F2P accounts to avoid cheat bans? Ever since we switched to IP bans, we've been able to catch many cheaters using F2P to avoid bans. Some of them have even made up to 4 accounts in a row. Unfortunately, I've started to see some of these people sprinkle our ban system with dynamic IPs which will inevitably ban innocent users. We've also recently dealt with another hacker here (Valve can confirm they use the same IP address). http://steamcommunity.com/profiles/76561198047123732 - primary cheating account http://steamcommunity.com/profiles/76561198038410008 What was unusual about this is that he was using a name copy program and the admin at that time was complaining he couldn't use the status command. Is it possible to have the status command blocked somehow? The cheater in question posted this youtube video on this hack forum. http://casualhacks.net/forum/showthread.php?t=69 ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux