I've put a patch for darkplaces in the tracker that adds the ability to have password protected servers:

http://sourceforge.net/tracker/index.php?func=detail&aid=2680922&group_id=81584&atid=563409

I haven't spent much time on this, so it's probably a bit rough around the edges, but the patch should give you the general idea, which is to have something along the lines of rcon_password. I have some QC code for the GUI, but it is not compatible with the join dialog in SVN. With the darkplaces modifications above, it should be possible to have a dialog box prompting for a password pop up when one is set on the server.

Are the net code modifications appropriate? Is there any interest in this feature?

Personally, I have absolutely no interest in this feature, as it's really not a good idea to do this in an open source game.

But as sv_public is forced 0, its harm should be limited.

I told you to fix the sv_public handling a bit, and I'll ask LordHavoc if he wants that feature in the engine.

Some other thing to consider: join_password is a cvar. This should rather be a second argument to the "connect" command, and only be used once. Also, the engine should catch the error message when trying to join a password protected server without password, and issue some fixed console command (so menu QC can, for example, catch it and show a password dialog). If it stays the current way, a server can easily be modified to catch the password of everyone that joins, if they forgot to unset it after joining a private server.

This would easily be fixed by using the join_password cvar only for the server (to check if someone is allowed to join), and by using an extra char joinpassword[SOMELENGTH] in the client static structure "cls". The "connect" command would copy its second argument into this, so connecting can use it. You'll need special care for the listen server then (e.g. you could always allow connections from the LOOPBACK netconnection, which should be easier to do than to make sure to send the right password over loopback).

But, apart from this issue you're going the right approach to implement this.

What is the point without full end-to-end encryption? Someone like me would gain access to a router near the last hop, and use ettercap with a gre tunnel to sniff the passwords off the line. Another thing a person like me might do would be to gain access to an unsecured computer on the same segment as the server and run an instance of ettercap on that computer to MitM "attack" the server and have it send all the data through the poisoning host (thus getting the passwords).

Now, if there was mere password-encryption a person like me's attack would be slightly more combersom: ettercap would be used to hijack an existing login.

After that surely a person like me would spam copy-pasta on the server, or just come on and REALLY piss you off by PLAYING A GAME!

What's your opinion of telnet btw?

tundramagi wrote:What is the point without full end-to-end encryption? Someone like me would gain access to a router near the last hop, and use ettercap with a gre tunnel to sniff the passwords off the line. Another thing a person like me might do would be to gain access to an unsecured computer on the same segment as the server and run an instance of ettercap on that computer to MitM "attack" the server and have it send all the data through the poisoning host (thus getting the passwords).

Now, if there was mere password-encryption a person like me's attack would be slightly more combersom: ettercap would be used to hijack an existing login.

After that surely a person like me would spam copy-pasta on the server, or just come on and REALLY piss you off by PLAYING A GAME!

What's your opinion of telnet btw?

I see, you watched Hackers 1, 2 and 3 last night ?

tundramagi wrote:
What's your opinion of telnet btw?

We only need Darkplaces be able to make ascii output (like aalib) then we should be able to play Nexuiz over telnet, sshd or whenever people LIKE YOU get a remote shell

I suggest that we make Nexuiz round-based then for better gameplay experience

GreEn`mArine wrote:I see, you watched Hackers 1, 2 and 3 last night ?

Hehheh, no I've just used ettercap a couple of times for... stuff.

Firstly, how would you gain access to router/server? Break into ISP building/anyones house? I doubt so.
Sniff wireless or tape wires, maybe. But you would need this person location then.

This is just a game server account.

I'm up for implementing passwords. Having an ability does not mean everyone should/would use it. The most important thing is that would allow for better players stats tracking.

They're per-server passwords, not user passwords, and I think tundramagi was kidding. Any shared password can be leaked out, as can the IP address of your 'private' server. That's why I think this has benefits over just setting sv_public to less than one. This has sunk to the bottom of my list of priorities for the moment, since I'm not certain there are enough people to support widespread use of it.

Alien wrote:Firstly, how would you gain access to router/server? Break into ISP building/anyones house? I doubt so.
Sniff wireless or tape wires, maybe. But you would need this person location then.

This is just a game server account.

I'm up for implementing passwords. Having an ability does not mean everyone should/would use it. The most important thing is that would allow for better players stats tracking.

Default passwords, exploit scripts etc. You allready know what router the person's traffic goes through with a traceroute (also: you only need a computer on the same subnet as them, you don't need to have gained access to the router itself if one of the 100 or 200 (or more) of the other computers is an easier target). Go play with ettercap.sf.net (it's opensource) on your local subnet (or apt-get install ettercap). It's been around for a long time. You will discover that you don't need to break into someone's house to watch their traffic.

So, yea, passwords with out full encryption...

tundramagi wrote:Default passwords, exploit scripts etc. You allready know what router the person's traffic goes through with a traceroute (also: you only need a computer on the same subnet as them, you don't need to have gained access to the router itself if one of the 100 or 200 (or more) of the other computers is an easier target). Go play with ettercap.sf.net (it's opensource) on your local subnet (or apt-get install ettercap). It's been around for a long time. You will discover that you don't need to break into someone's house to watch their traffic.

So, yea, passwords with out full encryption...

What? How are default passwords connected with encryped traffic? And what are those exploit scripts? What do they exploit in raw connection?

Whether your computer actually receives the unicasted packet from the wire and decides to ignore or do not receive at all depends on the connection type.

This guy is trolling you IMO. Of course plaintext passwords are insecure, but they are more secure than no password, and rcon passwords go out in the clear already too. The server join passwords are shared anyway, so it's not like you'd use your regular e-mail password for it.

Don't believe me if you don't want to, but unencrypted passworded servers are worthless. Infact passworded servers themselves are worthless: if you don't want others to play with you why play the game at all?

mpo wrote:This guy is trolling you IMO. Of course plaintext passwords are insecure, but they are more secure than no password, and rcon passwords go out in the clear already too. The server join passwords are shared anyway, so it's not like you'd use your regular e-mail password for it.

+1

I pipe a vnc session over SSH and put commands in the nexuiz server console directly. I don't use rcon. A localhost script uses rcon, but that doesn't go over any network interface other than the loopback. Anyone using rcon over the net is begging to get hacked hacked hacked! I used an rcon password over the internet once (I pasted it somewhere ), got hacked by peace.

wtf, stupidly pasting a plaintext password (publishing your server.cfg) and sniffing a packet for a password are two different things. You're twisting it to make yourself look less dumb and peace look more evil.

But yes, it's smarter to do it through ssh, divVerent provides and rcon.pl script that allows server admins to rcon directly from the cmd line, it's very helpful and certainly less safe.


If someone is going to sniff packets for your SHARED server password, then they need a day job.

On the other side of the fence, having public passworded servers may come off as pretentious.

I did not publish my server.cfg. I published a script that randomly changes the gametype of the server (div helped me make the script: I don't know the rcon commands etc). I didn't strip out my password in that.

I never said that peace hacking my nexuiz server was bad. They didn't harm or delete anything, they just used some features. Later those features became usable without having to enable all cheats

Having a server up with a password would invite extra attepts. I know that I, for one, would try to gain access to any "you can't come in here without password hahhahahah" servers around, It would be great to anger such people who don't want to play the game with whoever they deem undesirables yet run a server everyone gets to see exists.

Yet you claim not to troll.

Not everyone are like you mike, believe it or not, but there actually are people who completely ignores passworded servers.
Add an option to filter out passworded servers then you won't see them.

ai wrote:Not everyone are like you mike, believe it or not, but there actually are people who completely ignores passworded servers.
Add an option to filter out passworded servers then you won't see them.

Both LordHavok and Div (aswell as others) are against passworded servers being allowed to be listed as public, so they won't be there to annoy us to begin, which is good.

There really is no point in attempting to have a "private" server w/o full encryption however (full encryption is good regardless), some people will still get in just to spite the owner's assholeness of only wanting "his people" on his/her server. Ever been to a server where they vkick anyone not in their clique? It's good to pack those servers with your own friends afterwards just to fight those people's exclucivity opinion.

Using a plaintext password is like putting up a picketfence and hoping that will protect you from a bomb being dropped from above. It is just not secure but will have the facade of security. Does nexuiz want to pile on facades of security like other technological projects we can think of? It's just not elegant and isn't the correct way to do these things.

OMG A BLUE CAR

It works like an irc key, where anyone who becomes trusted can enter. It simply helps to filter out spammers and team killers (one totally open server for all) and password
protected server for those, who prefer playing over annoying others. Still personal authentication system is way better without limiting access to anyone.

It works like an irc key, where anyone who becomes trusted can enter. It simply helps to filter out spammers and team killers (one totally open server for all) and password

You don't get it. You don't just filter out spammers and team killers. You filter out anyone you don't know.

Basically, you treat people as spammers and team killers just because you don't know them.

In UT, it often was impossible to join servers because of password protection. And the last thing I want to do when playing a game is noticing "darn, can't join any server", CLOSE THE GAME(!) and then hunt down IRC channels of clans one by one until someone finally grants me access. Which they won't, because they don't know me.

We've discussed this at least 3 times before and I don't want to bring back old arguments.

Free open (absolutely) server for everyone
Worthy ones are given passwords to password protected server

In that case, even if admin would be absent in the open server for some time, people still would be able to play in password protected one.

I notice lots of teamkillers, spammers and verbal abusers even in servers with good admins such as esteel. He can't be online every moment and respond to random person deciding
to kill respawning players (e.g. fw wall). Ffs, I even got kicked in one minstagib ctf server (was my first try of minsta ctf) because I laserjumped. (probabky for cheating)

Then you actually need more admins.

Alien wrote:We've discussed this at least 3 times before and I don't want to bring back old arguments.

Free open (absolutely) server for everyone
Worthy ones are given passwords to password protected server

In that case, even if admin would be absent in the open server for some time, people still would be able to play in password protected one.

I notice lots of teamkillers, spammers and verbal abusers even in servers with good admins such as esteel. He can't be online every moment and respond to random person deciding
to kill respawning players (e.g. fw wall). Ffs, I even got kicked in one minstagib ctf server (was my first try of minsta ctf) because I laserjumped. (probabky for cheating)

Blocking tons of people with a password will just make your server more hated and more of a target. I allready described one simple way of defeating the plain-text "security" scheme (though some think I'm BSing... even though in the past I've used the nice program and such for just those reasons... and you can go dl it at ettercap.sf.net and try it on your local network if you don't believe in it's capabilites (it is opensource btw)). It seems that you're begging for ire and hate to be rained down upon your server (I mean you neeeeeeed a worthless plaintext password and you neeeeeeed the asshole-exclusive server to be listed on the server list).

No one thinks you're BSing... you just don't seem to acknowledge that you're in a small percentage of people that would go through the trouble.

Having the option to password a server is like the option of wearing a seatbelt... yes, people still die while wearing them but overall they decrease the number of fatalities.


Yes, it's another level of exclusivity and yes, if someone wants to try hard enough, they can break into the server... but OVERALL, it decreases the number of unwanted players joining.

With that said, I don't think it would be a bad idea to encrypt it and from what I can tell it wouldn't be too hard by encrypting client-side before it's sent over the network and matching to a hash server-side. (cue divVerent bitching at me here). Though, once we agree on encrypting, you'll probably go on some rant about rainbow tables next.

[-z-] wrote:No one thinks you're BSing... you just don't seem to acknowledge that you're in a small percentage of people that would go through the trouble.

Having the option to password a server is like the option of wearing a seatbelt... yes, people still die while wearing them but overall they decrease the number of fatalities.


Yes, it's another level of exclusivity and yes, if someone wants to try hard enough, they can break into the server... but OVERALL, it decreases the number of unwanted players joining.

Most of the unwanted players know about the various tools they need. It's the desirable players that don't know about such things. The unwanted players will revel in the increased anger levels of the douch-server-admin as they (who know nothing of security: thus this idea for a plaintext passworded server) continually fail to keep the hordes out.

Also this is like wearing a seatbelt behind your back: it's mechanically working as it should... but it's not going to help you.

"I have my seatbelt enabled!"
"But I sit infront of it!"

I'm sure someone someone someone will create a school of the americas for learning about circumventing worthless-plaintext-password to assist the few unwanted players that are not fully aware of the capabilites of this space station.

tundramagi wrote:Most of the unwanted players know about the various tools they need.

Going to have to disagree here.

[-z-] wrote:

tundramagi wrote:Most of the unwanted players know about the various tools they need.

Going to have to disagree here.

Then they'll have to be taught.