Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Author
Message
Eddie Gordo
23
Years of Service
User Offline
Joined: 14th Jan 2003
Location: Ohio - USA
Posted: 9th Jun 2003 22:59
I'm making an MMORPG and i need some ideas so that the character files cannot be hacked. any ideas.
Artifact Basic-5%
Epic Crossings RPG-25%
Andy Igoe
23
Years of Service
User Offline
Joined: 6th Oct 2002
Location: United Kingdom
Posted: 9th Jun 2003 23:12
Pressumeably you are keeping your character files on the server side, handling item drops and inventory server side, and well - not putting anything on the client side, so all you need is a secure fairwall.

Technically there is no such thing, but tight secure is by most considered adequate, oh and the fear of deleting the character that meens so much to the players.

Still, even Everquest gets hacked and i'm sure Lineage too.

Pneumatic Dryll
Shadow Robert
23
Years of Service
User Offline
Joined: 22nd Sep 2002
Location: Hertfordshire, England
Posted: 10th Jun 2003 03:02
eddie place a form of encryption only your server and client games understand ... a fairly simple method used in one MMO game i know uses a binary blip, so the character information uses a blank sequence of binary 0's throughout the actual data package ... that sequence of blank 0's actually indicates a key + order number

so like you'd get a 4 digit key (valid only for that day), then the next dword of data would be the order in which the following data should be assembled.

this means that saved on the server or client machines it makes the files actually pretty safe - there are many other means to achieve things, the best protection is one that people wouldn't actually think of ... just look at Quake3 people can crack around the CD but now the Key Code, and all you have to do to make they keycode valid is put a 22 alternating alphanumeric value in a txt file within the baseq3 folder - no fancy hacking required lol, not that you'll see that on a "how to hack q3" site

Within the Epic battle of the fates the Shadow and the Angel will meet. With it will harbinger the very fight of good vs evil!
BoB Vila
23
Years of Service
User Offline
Joined: 27th Feb 2003
Location: United States
Posted: 10th Jun 2003 03:17
I would be less with the security of the transmission, because that can always be tweeked at any time.

As Pdryll already mentioned, keeping as many things server side is the only way of keeping your game secure.

For example, you don't want the client to send how much damage they are attacking for. Say Player Bob attacks player Fred. You don't want Bobs client software to generate the attack ammount and then pass it to the server. Rather you want the client to pass the info to the server saying Bob is attacking fred. At that point the server will calculate the damage based on the server's player info. If the client sends that type of data to the server, its possible to hack the client software to perhaps double the amount of damage that it relays to the server.

This goes for just about everything. The worst is being able to change the values for weapons and equipment, because once these tainted items are released in the game, it may become difficult to track them down.
indi
23
Years of Service
User Offline
Joined: 26th Aug 2002
Location: Earth, Brisbane, Australia
Posted: 10th Jun 2003 05:48
any security will hamper game speed.

theres always a payoff for speed of the networking the game and security.

imagine a million users and a new security patch introduces a new 3 millisecond lag every 6 cycles or something. It all adds up/.

ozak
23
Years of Service
User Offline
Joined: 22nd May 2003
Location: Denmark
Posted: 10th Jun 2003 10:39
Remember : The client is your enemy. Never trust ANYTHING the client says to you

But it depends on your game.

Dr OcCuLt
23
Years of Service
User Offline
Joined: 27th Nov 2002
Location: a Dark Deep Dark pit, it dark in here
Posted: 10th Jun 2003 14:19
you can keep the exp data on the server on when player log on it chack agest the player hes character files.so if he has a level 50 and own lee 100 exp poits.

--Dr 0--


You mean like a book?
Justin Timberlake N Sync.
On what he read this year that he most liked.
Rob K
Retired Moderator
23
Years of Service
User Offline
Joined: 10th Sep 2002
Location: Surrey, United Kingdom
Posted: 10th Jun 2003 15:45
@Eddie

Encryption is an obvious place to start, but you can do things to deter it. For example, if a hacked character file is detected, delete it. Check that the character does not exceed possible ability limits. You should request encrypted character data when the user logs on, otherwise they could send you something else.

Do you want Windows menus in your DBP apps? - Get my plugin: http://snow.prohosting.com/~clone99/downloads/tpc_menus_102.zip
Redostrike
23
Years of Service
User Offline
Joined: 9th Feb 2003
Location: Belgium
Posted: 10th Jun 2003 15:51
You could put a file on the server and the client. When the file on the client has changed you know tha that player is trying to cheat and you could ban him for some days. If the server gets hacked then that could be the same guy.

PS: This is just a propose (do you guys say it like this?)

Only heroes live forever.
[url=www.redostrike.tk][/url]
The StartStrike project is going good.
Rob K
Retired Moderator
23
Years of Service
User Offline
Joined: 10th Sep 2002
Location: Surrey, United Kingdom
Posted: 10th Jun 2003 18:42
@Redostrike

I think the word you are looking for is "suggestion". You could say "proposition", but suggestion is better.

Do you want Windows menus in your DBP apps? - Get my plugin: http://snow.prohosting.com/~clone99/downloads/tpc_menus_102.zip

Login to post a reply

Server time is: 2026-07-11 11:42:11
Your offset time is: 2026-07-11 11:42:11