alientrap-forum-archives

[divVerent]

Then why do you put IP and port number on a public web page, if you want it private?

You see the danger of this feature - blocking the game for almost everyone except few people who stuck around for years? Because, you know, once a feature is there, people start using it.

The only way I'd accept this feature into Nexuiz is with an unhackable means to prevent passworded servers from appearing in the public server list - or at least a provision for that so such filtering can be added to dpmaster later without changing the engine.

Actually, I found an even better way.

On "getchallenge", passworded servers shall return a "pwchallenge", and not just a "challenge". The challenge string is then also used for hashing the password, which is then sent in the "connect" message.

A master server can then verify in a foolproof way whether a server is passworded: it just issues a "getchallenge" request on reply to heartbeats, and only add the server if a "challenge" came back, but not if a "pwchallenge" came.

Its main improvement will be that the password is never sent plain - and the same sequence could also be used for a more secure rcon (then, you'd use getchallenge, accept BOTH challenge and pwchallenge, and encrypt the rcon password using that).

[Dokujisan]

Then why do you put IP and port number on a public web page, if you want it private?

It's just an information page about the servers.

I'm using this....
http://planetnexuiz.de/qstat/popup.rb?serverIP:26001
to display the current status of each server within an iframe on the page.

Rather than use an external site, I could write my own code to do this without displaying the IP/port, but my programming knowledge is not at that level yet.

[tundramagi]

Personally, I have absolutely no interest in this feature, as it's really not a good idea to do this in an open source game.

I'll give you a real-world example of why this would be useful.

I run some private servers that are quite popular. I have had one particular individual connect to my server and act like an ass to everybody. I've banned him by IP address multiple times. He just gets a new one from his ISP. I've ended up banning mutliple IP ranges with iptables. This is not ideal to me, because I also run a public server on the same box and I don't know how many people might be affected by that banning.

So divverent, what would you have me do to keep this guy off my private servers? I could change the ports, but then I would not be able to have a webpage about the servers that shows the list of players because someone could discover the port # through that page.

It seems that the best option is to password protect the server. Sure, they could discover the password by someone accidentally leaking it to them, and then I would have to change the password and notify everyone again, but this is the only thing I can imagine that would work.

You know that you can block IP's per port and per protocol with IP tables right? You can just ban the internet from the port that you run your private server on and not the port that you run your public server on. You can make these bans UDP exclusive, you can also configure them to silently drop packets from whoever you hate. (I _ALWAYS_ use the silent drop option when I " 'table " some IP range rather than the friendly disconnect (the normal ban type) option: this is because I want their connection to hang rather than just immedatily know it's not wanted: I want to waste their time as they try again and again to connect to whatever service they are banned from and get NO response WHATSOEVER (:D ) from the server: as if it dropped off the internet.

You can also, by default, drop all traffic to that port, and then selectiively allow traffic from the people you would theoretically give the password to. You set the drop iptable first, then after that line set ones that allow traffic through per ip. See, no need for password! (Ettercap connection hijacking, if one knows who any of the people are who are allowed into your server, and gains access to any computer on their LAN or Cable Lan segment (or router), still works, so no matter what without encryption your sunk against anyone who has any knowlege that tools to do such exist.)

Remeber: ALWAYS use the DROP option so you waste the time of whatever huge section of the internet you are banning. You WANT to waste their time as they wonder WHY there is NO response from your computer to theirs ! Deny == polite == NO!

[Alien]

An idea for this would be doing the password check not in the "connect" request, but already in the "getchallenge" one. That command can be used at any time, and it does not fail if the server is full. The master server therefore could easily use it (e.g. after every heartbeat packet) to verify the server and to keep passworded servers out.

I do not demand that the master server be changed NOW for this. This can be done later once such abuse is there. But if the password protection is moved to the "getchallenge" stage, nobody would be able to easily hack his server so it successfully registers into the public server list once that dpmaster change would be made.

This would be annoying to enter the password only to get the information that the server is full. Why just simply not adding another filtering option and a lock icon to show which servers
are pp if show password protected servers is checked.

[tundramagi]

An idea for this would be doing the password check not in the "connect" request, but already in the "getchallenge" one. That command can be used at any time, and it does not fail if the server is full. The master server therefore could easily use it (e.g. after every heartbeat packet) to verify the server and to keep passworded servers out.

I do not demand that the master server be changed NOW for this. This can be done later once such abuse is there. But if the password protection is moved to the "getchallenge" stage, nobody would be able to easily hack his server so it successfully registers into the public server list once that dpmaster change would be made.

This would be annoying to enter the password only to get the information that the server is full. Why just simply not adding another filtering option and a lock icon to show which servers
are pp if show password protected servers is checked.

Because if password protected servers were allowed to be listed on the listservers then the majority of the servers would be configued to be password protected.

[[-z-]]

Because if password protected servers were allowed to be listed on the listservers then the majority of the servers would be configued to be password protected.

Yeah, I'm sure that with 80% of servers already having 0 players, the admins would jump on this to ensure no one ever joins.

[TVR]

Demonstrated in FOSS shooters such as AssaultCube and Tremulous, password protection is present on a minority of servers, less than the 20% extreme for Warsow's cyper-athletics.

Master servers are for listing active servers, it is much better rely on passwords rather than IP:PORT secrecy, an incorrect IP will lead to a connection attempt and ~10 timeout, or connection to another server instance on a different port; inputting a password into a master server listed guarantees intended connection if password in correct.

Remembering a hostname and password is also easier than an remembering an IP:PORT, furthermore, anyone willing to sniff packets has already exceeded the experience and determination threshold for finding unlisted IP:PORT addresses.

[tundramagi]

Demonstrated in FOSS shooters such as AssaultCube and Tremulous, password protection is present on a minority of servers, less than the 20% extreme for Warsow's cyper-athletics.

Master servers are for listing active servers, it is much better rely on passwords rather than IP:PORT secrecy, an incorrect IP will lead to a connection attempt and ~10 timeout, or connection to another server instance on a different port; inputting a password into a master server listed guarantees intended connection if password in correct.

Remembering a hostname and password is also easier than an remembering an IP:PORT, furthermore, anyone willing to sniff packets has already exceeded the experience and determination threshold for finding unlisted IP:PORT addresses.

Use your firewall to firewall all but the peeps you want playing, Done. No password needed. Please don't put that server on as public though either.

Oh and if you think sniffing exceeds anything... no experiance is required: ettercap and friends do everything. You do not need to know anything. The only thing that can ever save you is proper encryption of the datastream, sometimes. There is no point to passwording when someone can 'cap your unsecured wide open free and in the clear connection.

[ai]

The bottom line is this:
People are lazy, yes they are. If there was an option to either create a server with password, or mingle with the firewall, ports, forwarding etc. of course people would choose the password route.
Even hackers are lazy, they don't always wish to hack a passworded servers, they don't always care.
Also, if you have a server that doesn't necessarily mean you have access to the firewall. Your server might sit at some company or at some friend or even paying for a online server service. Passwords are a good thing, with or without encryption cause they always filter out some unwanted people.

Don't make it sound like passwords are a bad thing (even without encryption) cause that's not the case. Sure I know passwords and stuff can entice people to hack it, but this has yet to be tried before jumping to conclusions.
Don't rule something out before you've tested it.

[divVerent]

they are a bad thing, as UT shows.

Showing them in the server list - only if they're filtered out BY DEFAULT. If one click enables showing them, fine. But by default, they must be hidden to not turn this game into a passworded-servers-only game like UT99 has become.