 |
 |
 |
 |
 |
Author |
Message |
Gromble
Joined: 08 Oct 2005 Posts: 23
|
Posted: Fri Nov 11, 2005 8:29 pm Post subject: Security |
|
|
I'm in the process of coding this up, and given that it's a ubiquitous requirement, was wondering if there are better ways than how I'm approaching it. I plan to have support for...
a) ban host(s) completely
b) lock host(s) so no new accounts can be created from them
c) freeze account so it can not be accessed
d) secure account so it can only be accessed from specified host(s)
Wildcarding of host address or name is supported, so for example, all AOL users could be affected could be affected by a or b (networking style permit/deny ACLs may be useful here). Doing c will probably lead to doing b if the user is persistent.
None of this is new, except maybe mechanism d. Are there additional mechanisms you've seen servers employ? I did see the snippet in the code vault for handling proxies. |
|
Back to top |
|
 |
|
 |
 |
 |
 |
 |
 |
 |
 |
Author |
Message |
Greggen
Joined: 16 May 2005 Posts: 36
|
Posted: Sat Nov 12, 2005 11:37 am Post subject: |
|
|
I presume you're talking about methods for dealing with griefers in game and not securing your box from hackers etc. I think if you ban griefers outright, they usually find ways around it until they get bored of annoying you. I find it helps to be a little creative.
Some methods I intend on using are:
- 'Ban' users without telling them immediately they have been banned. The more you waste their time, the quicker they get bored. I do this by cutting them off from in-game communication and not allowing them to interact with the world at all.
The creative bit is not letting them know I've done this. They get the same messages they would normally get e.g. typing 'say blah' would show 'you say blah', but other players would not see it.
- A 'contagious ban'. Logging in on a tainted IP taints the account you used and vice-versa. Annoys people using proxies until they figure it out.
- Misinformation. If a tainted account is used by a new IP, for example, I could tell the user 'Proxies are not allowed' when they try to log in. They may think the code is able to detect proxies and give up. If they haven't used a proxy they will probably just ignore it.
|
|
Back to top |
|
 |
|
 |
 |
 |
 |
 |
 |
 |
 |
Author |
Message |
ravuya
Joined: 09 Jan 2006 Posts: 1 Location: Canada
|
Posted: Mon Jan 09, 2006 3:48 am Post subject: |
|
|
I've found a lot of people using "dupe account" warnings, and I think the "contagious bans" idea is also a good one. Depending on your level of security, I've also seen some rather paranoid logging systems (allowing admins to "roll back" scammed users and discover who started a money train, for example).
It might also be prudent to add whois and reverse-lookup functionality so you can identify problem users by something more memorable than an IP address (this, of course, doesn't matter if you're around a decent *nix prompt all day). |
|
Back to top |
|
 |
|
 |
 |
 |
 |
 |
 |
 |
 |
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|
 |
 |
 |
 |
|
 |