On 10/11/2013 20:00, hlds_linux-requ...@list.valvesoftware.com wrote:
Message: 2
Date: Sat, 9 Nov 2013 16:00:49 -0700
From: Kyle Sanderson<kyle.l...@gmail.com>
To: Half-Life dedicated Win32 server mailing list
<h...@list.valvesoftware.com>, Half-Life dedicated Linux server
mailing list<hlds_linux@list.valvesoftware.com>
Subject: Re: [hlds_linux] [hlds] Family Sharing Ban Bypass.
Message-ID:
<cacsavzjzjj8qcdv0oacf59y36q+wk2vvyhepc4dttqz+jrx...@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Great work, Do you know if this is working for tf2?
Hi Guys,
I've released a SourceMod extension that exposes the newly added SteamWorks
struct members to Pawn. The Extension is very simple, and in it's infancy,
but my intention is to support every game and more callbacks. There's no
Windows build, as I don't have MSVC. However, it should be fairly easy to
compile for other platforms.
Huge thanks to the SteamWorks guys for the release on Thursday.
https://forums.alliedmods.net/showthread.php?p=2058917
Thanks,
Kyle.
On Fri, Oct 25, 2013 at 10:58 PM, IBIS Customer Service <
ibis.serv...@gmail.com> wrote:
>Hopefully we get a way to pass the owner id in a way that allows for
>instant bans. Yesterday we had 20 bans in a few min from players doing
>this.
>
>According to the admins
>"
>*Problem: *
>Five guys in gg... banned by 4 different admins, over 20 times in total
>(see the screenshot, which spreads to the next page as well)...
>
>AND THEY KEEP COMING BACK...
>
>*Explanation*:
>
>That, my friends, would be the first occurrence of
>exploiters/grievers/hackers that own a Steam Family Sharing beta key,
>allowing them to create multiple temporary instances of their accounts to
>play on ... and when that account is banned, they just make a new one for
>free from the original. Rince and repeat."
>
>See the bans from the 24th:
>http://www.ibisgaming.com/sourcebans/index.php?p=banlist
>
>Hopefully, this is fixed in a future build :D
>
>
>On Thu, Oct 24, 2013 at 4:20 PM, Kyle Sanderson<kyle.l...@gmail.com>wrote:
>
>>In case anyone is following this, there's a WebAPI update planned for
>>next week which allows for getting the owner's account from a lender id.
>>
>>There's also a Steamworks update planned for between yesterday and (?),
>>which adds the owner's id to the ticket verification result
>>(ValidateAuthTicketResponse_t). However, this is too late for servers to
>>get the owner's id. SourceMod at the moment supports checking if they're
>>verified (by not handing out admin before IsClientFullyAuthenticated
>>happens). However, this happens far too late in the process (30 seconds
>>typically to a couple minutes, to never if Steam is down), subsequently
>>most servers (to my knowledge) have the feature disabled (or at least want
>>it disabled; from the threads I've seen).
>>
>>After the Steamworks update happens, I believe we need the owner's
>>accountid passed to the server at the same time as the actual rendered
>>SteamID (how it is at the moment, sent from the client at connection time).
>>This should allow for the same verification result as
>>IsClientFullyAuthenticated, and pre-usage that most of the engine does.
>>This should continue to allow for immediate usage, which is what is used
>>now.
>>
>>A public engine function would be appreciated to get the owner's account
>>id (or rendered SteamID, as to conform with everything else). Unless if I'm
>>neglecting something major, this should resolve the exploit for everyone as
>>clients are updated to support sending the supposed ownerid.
>>
>>Thanks,
>>Kyle.
>>
>>
>>On Tue, Oct 22, 2013 at 1:56 PM, Kyle Sanderson<kyle.l...@gmail.com>wrote:
>>
>>>The Steam Family Sharing Exploit is still a vivid problem CS:S, as it
>>>takes roughly 90 seconds to connect to a new VPN Server, create a new Steam
>>>account, and rejoin. I've re-banned the same griefer about 7 times now in
>>>the last 19 minutes; they're pretty persistent. Please help everyone using
>>>your products protect ourselves against this new `feature`.
>>>
>>>Thanks,
>>>Kyle.
>>>
>>>
>>>On Sat, Oct 19, 2013 at 5:23 PM, Kyle Sanderson<kyle.l...@gmail.com>wrote:
>>>
>>>>Today, we're seeing a ton of banned, griefing players using VPNs and
>>>>throw-away Steam accounts to bypass server bans. The problem already seems
>>>>to be pretty widespread in CS:S. Considering this is the first weekend
>>>>where the beta was opened up, it's only going to get worse. I'm sure this
>>>>isn't isolated to CS:S, or my servers. There are many others running
>>>>community servers, some probably not even using Source that are impacted by
>>>>this. The native Steam Exploit seems to be getting abused quite heavily.
>>>>
>>>>The theoretical is now the present,
>>>>Kyle.
>>>>
>>>>
>>>>On Fri, Oct 18, 2013 at 7:09 AM, Jesse Oak<wazanato...@gmail.com>wrote:
>>>>
>>>>>Every game copy should have an ID associated with it, this way an
>>>>>admin can ban per copy of the game rather then player ID. It's bad enough
>>>>>right now in TF2 and some of the Source mod games where a griefer can just
>>>>>quickly make a new account and reset their IP address having this start to
>>>>>happen in games like CSGO is going to be a major pain for admins.
>>>>>
>>>>>
>>>>>On Fri, Oct 18, 2013 at 1:29 AM, Valentin G.<nextra...@gmail.com>wrote:
>>>>>
>>>>>>Banning by IP is useless for many countries. And if cheaters abuse
>>>>>>the family sharing they will certainly go to the "lengths" of making a
>>>>>>quick new dial-in to grab that new IP.
>>>>>>
>>>>>>I have already said this much on the Beta Forums, and fully agree
>>>>>>with Kyle. This brings the TF2 F2P dilemma to every title.
>>>>>>
>>>>>>
>>>>>>On Fri, Oct 18, 2013 at 6:58 AM, Dominik Friedrichs<d...@forlix.org>wrote:
>>>>>>
>>>>>>>On 2013/10/18 03:38, N-Gon wrote:
>>>>>>>
>>>>>>>>I agree with Dog.
>>>>>>>>However, I would also like to note that with SourceMod you could
>>>>>>>>ban the
>>>>>>>>users by IP. Sure they can change it, but most of the trolls are
>>>>>>>>either
>>>>>>>>too stupid to figure out how or too stupid to figure out how to do
>>>>>>>>it
>>>>>>>>quickly. Meaning you'd see the "repeat offender" now and then, but
>>>>>>>>not
>>>>>>>>enough to be too much of a nuisance.
>>>>>>>>
>>>>>>>
>>>>>>>I'd like to note that for broadband providers in my area it is quite
>>>>>>>common to hand out a different IP on every dial in, while a connection
with
>>>>>>>that same IP can be kept alive for 24 hours at maximum. Hence I would
never
>>>>>>>bother to ban by IP if the ban is supposed to be longer than a few hours.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>_______________________________________________
>>>>>>>To unsubscribe, edit your list preferences, or view the list
>>>>>>>archives, please visit:
>>>>>>>https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
>>>>>>>
>>>>>>
>>>>>>
>>>>>>_______________________________________________
>>>>>>To unsubscribe, edit your list preferences, or view the list
>>>>>>archives, please visit:
>>>>>>https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
>>>>>>
>>>>>>
>>>>>
>>>>>_______________________________________________
>>>>>To unsubscribe, edit your list preferences, or view the list archives,
>>>>>please visit:
>>>>>https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
>>>>>
>>>>>
>>>>
>>>
>>
>>_______________________________________________
>>To unsubscribe, edit your list preferences, or view the list archives,
>>please visit:
>>https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
>>
>>
>
>_______________________________________________
>To unsubscribe, edit your list preferences, or view the list archives,
>please visit:
>https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
>
>
------------------------------
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
End of hlds_linux Digest, Vol 68, Issue 39
******************************************
_______________________________________________
To unsubscribe, edit your list preferences, or view the list archives, please
visit:
https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds_linux
