Q2advance

[X'tyfe]

you cant hack it if its part of the servers can you? just use q2a for the server
and other clients should work with

[Corky]

Went to http://www.q2players.org/phpBB/ to check out the new q2a and it seems theres some trojan and a couple other viruses try to load every time i go there.  Anyone know what's up with those ?

[X'tyfe]

the cheaters strike back!!

[Art]

Went to http://www.q2players.org/phpBB/ to check out the new q2a and it seems theres some trojan and a couple other viruses try to load every time i go there.

[{TNP}Dukie]

Went to http://www.q2players.org/phpBB/ to check out the new q2a and it seems theres some trojan and a couple other viruses try to load every time i go there.

[console]

you cant hack it if its part of the servers can you? just use q2a for the server
and other clients should work with

Unfortunately, there's no known foolproof solution.  The problem is the server, when it comes down to it, has to believe the client, when the client says "I moved my mouse like so, then I pressed the fire button."

There's various authentication and anti-cheat measures that one can attempt to put in place to offer some protection... such as the "nocheat code" that is verified by the server... which works until the client gets hacked, or someone gets *really* crafty with a proxy.

For instance, it's technically possible to write a (kind of) proxy aim-bot that would bypass any of the anti-proxy measures in any cheat client and be, as far as I know, completely undetectable*.  (I won't say how on a public forum, but it's nothing magic.)

Anyway, as far as I know, the last line of defense remains the naked eye... recording demos and watching for nonhuman movement.

Again, there are no known foolproof software solutions for anti-cheat. 

Regards,



(*) Undetectable by software anti-proxy checks, I mean.

[X'tyfe]

seems like the cheaters have the upper hand then 

[[BTF]Defiant!]

seems like the cheaters have the upper hand then 

Yes, one can't create a 100% cheat protected game; but, that doesn't mean that cheat protection doesn't prevent most cheaters. 

It is important that there are people like evilpope moving the code base forward to discourage cheaters. If the codebase stays still the cheats and exploits will become more and more prevalent to the point where the community may colapse due to rampant cheating.

For example in Counter Strike, there was (is?) a cheat that sat between the user and the game where it would watch for colors rendered on the screen and aim for the player.  In other words, the cheat sat outside the client memory space and wasn't a proxy between the client and server.  Supposedly the group using the cheat was tricked by a team who had a wallspray that used the player colors.. and the cheater(s) would instantly aim and fire a headshot at the wallspray.

Security is like a wall.  There is always a way to get over it even if it is one mile high and it is only as effective as it's weakest point.

Def

[X'tyfe]

i didnt think people even cheated in quake2 anymore, its such an old game

[console]

It is important that there are people like evilpope moving the code base forward to discourage cheaters.

Agreed... We're fortunate talented coders are still improving the game.  My hat's off to r1ch as well: the number of exploits r1ch has fixed in the server and the client are astounding.

If the codebase stays still the cheats and exploits will become more and more prevalent to the point where the community may colapse due to rampant cheating.

I'm not sure I agree 100% here.  In the past, we've had q2ace and NoCheat - both of which were "hacked" after not too much time had passed.  As an admin, it was kind of an oxymoronic paradox.   Because players would connect, and their clients would say: NoCheat!!!!  And we'd start to be more suspicious of people running "NoCheat" and "q2ace" clients than regular clients.  You know; we'd be like: "Hmmmmm.... wait I think that guy might be using frkq2 and just emulating NoCheat."

And I don't mean to be too cynical, but I know that I personally could write an aimbot that no anti-cheat client could detect.  And if I can do it, then any competent systems programmer can.  I hope they don't but all it takes is one dipshit to do it. . . . My point is, I guess, two-fold:

  a) Because it's possible to write an aimbot that can't be detected by a no-cheat client, and also because of the NoCheat and q2ace hacks/spoofs we've already had to contend with, I question the long-term value of no-cheat clients.  That is not meant as a snub to the efforts of dedicated individuals like evilpope and others in the past who've taken their free time to develop anti-cheat clients.  But if someone asked me, have anti-cheat clients been helpful to you as an admin... I'm not sure I could answer Yes over the long-term.  And again, the way I look at it, becuase I can guarantee it's possible to write an aimbot that can't be detected by any anti-cheat client likely to ever exist, I have to look at other options to fight cheaters besides anti-cheat clients.

  b) I don't think the community will collapse due to rampant cheating, provided admins are vigilant and keep up the fight to monitor their servers and IP-ban the cheaters.  True, that leaves a certain number of persistent cheaters who have such dynamic IP's they can't be IP-banned; but that seems to be, knock-on-wood, a small portion of the cheaters out there.  Not enough, it seems to have been demonstrated so far, for the community to be overwhelmed by them.

Anyway, I'm not trying to be negative.  I'm just saying, personally, due to what I perceive as a virtual theoretical impossibility for any no-cheat client to actually detect and prevent all aimbots, I need to focus on tactics to keep cheaters off our servers without relying on no-cheat clients.

So unless something changes in the underlying theory, I'd have to state that it's unlikely our servers here would ever go as far as to require players to use a particular no-cheat client.  Based on both theory and history, my sense is anti-cheat client technology is too easily circumvented for me to rely on it.


Regards,

[[BTF]Defiant!]

Console, I see your point and agree.  A difference in my experience has been servers which didn't have an active admin or vote_kick functions.  If that server is the only server you get a decent ping on, you are then discouraged from playing.    (I have yet to have this problem on the TS servers.)

The undercurrent of my post is obviously my frustration at the underappreciative comments against the q2 port / anti-cheat developers who are working for the good of the community.

Also I should say that much more often than not cheating claims are unfounded -- often asserted by inexperienced players speaking from frustration.  But that perception, too, is based off the prevalence of cheats.

Last, the best anti-cheat and really the best gaming experience is... LAN!

Def

[evilpope]

yeah, someone exploited my phpbb, i just fixed it this morning

as for you writing an undetectable aimbot...q2a doesnt detect aimbots per say, it detects things like proxies.  the only type of aimbot you would be able to write for q2a without hacking the actual q2a client would be an opengl color aimbot, which q2a also has some checks for(not gonna go into detail, but im pretty sure that would get detected as well)

[console]

as for you writing an undetectable aimbot...q2a doesnt detect aimbots per say, it detects things like proxies.

Hi evilpope,

Right... I was referring to the ability to write an undetectable proxy. 


Regards,

[evilpope]

you wouldnt be able to write an undetecable proxy.  if you notice q2a prints what ip its connected to when it spits out your code.  I have taken steps to protect the memory for this, so again, it would basically require hacking the client itself.

[console]

you wouldnt be able to write an undetecable proxy.  if you notice q2a prints what ip its connected to when it spits out your code.  I have taken steps to protect the memory for this, so again, it would basically require hacking the client itself.

I'll describe how in a private message ...


Regards,