BaseJKA Security Fix

Miscellaneous programs and scripts, opensource or not, and sometimes, random mathematical stuff.
User avatar
Gamall
Hic sunt dracones
Posts: 4146
Joined: Fri May 26, 2006 11:09 pm
Contact:

Re: BaseJKA Security Fix

Post by Gamall » Wed May 23, 2007 11:01 pm

Je th'ébergeais déjà quand c'est arrivé ?

Si c'est le cas, il doit y avoir une trace dans les logs. Essaye de te rappeller précisément un passage de dialogue, un nom ou quelque chose de ce genre qui est arrivé en même temps.

Puis fais

Code: Select all

more <fichier log> | grep "<le passage>"
Avec un peu de chance, tu pourras retrouver comme ça...
{<§ Gamall Wednesday Ida §>}
{ Mods and Programs - Mods TES-IV Oblivion }

User avatar
Tyleor
Posts: 15
Joined: Wed May 23, 2007 7:41 pm

Re: BaseJKA Security Fix

Post by Tyleor » Sun May 27, 2007 6:39 pm

non non ça devait être en 2004 ou 2005, et je pense que c'était sous japlus.
Je disais juste ça parce que c'était similaire

User avatar
Gamall
Hic sunt dracones
Posts: 4146
Joined: Fri May 26, 2006 11:09 pm
Contact:

Re: BaseJKA Security Fix

Post by Gamall » Sun May 27, 2007 6:49 pm

Ok, il y a peu de chances d'en retrouver les logs, alors :lol
{<§ Gamall Wednesday Ida §>}
{ Mods and Programs - Mods TES-IV Oblivion }

User avatar
cybermaniac
Posts: 30
Joined: Tue Apr 10, 2007 12:05 am

Re: BaseJKA Security Fix

Post by cybermaniac » Thu Jun 07, 2007 2:00 am

did you manage to sort out the banlist?


also you will find that majority of decent servers are actually running linux :/
Admin and Owner of Baskerville Server
87.117.202.147:29070
62.4.74.231:30400

User avatar
Gamall
Hic sunt dracones
Posts: 4146
Joined: Fri May 26, 2006 11:09 pm
Contact:

Re: BaseJKA Security Fix

Post by Gamall » Thu Jun 07, 2007 1:29 pm

cybermaniac wrote:did you manage to sort out the banlist?
No. This is extremely low on my priorities list, as this is not a serious bug if the banlist is kept clean (you can use vstr to clean it automatically at each map change/restart if you're lazy).

IP banning being extremely inefficient anyway (95% of people have dynamic ips) cleaning the banlist frequently is not an issue. It is even recommended. For the few with a static ip, use vstr (again) and forget them.

If someone tries to use that bug + the autoban of my mod by launching fake players then changing ip etc over and over again (as you suggested), just deactivate ip autoban [which is absolutely not necessary for the mod to block fake players] and forget about it.

So really, I don't see how it is much of an issue in itself. It is neither a security issue nor something easily fixed, and there are simple workarounds to avoid problems with it, so it is a bit out of the scope of this mod.
cybermaniac wrote:also you will find that majority of decent servers are actually running linux :/
I know. I host servers myself, and I use linux. The mod is both for Win and Linux, so what is your point here ? :?
{<§ Gamall Wednesday Ida §>}
{ Mods and Programs - Mods TES-IV Oblivion }

User avatar
cybermaniac
Posts: 30
Joined: Tue Apr 10, 2007 12:05 am

Re: BaseJKA Security Fix

Post by cybermaniac » Thu Jun 07, 2007 6:34 pm

Gamall wrote:
cybermaniac wrote:also you will find that majority of decent servers are actually running linux :/
I know. I host servers myself, and I use linux. The mod is both for Win and Linux, so what is your point here ? :?
i was inferring to the newest release :)
Admin and Owner of Baskerville Server
87.117.202.147:29070
62.4.74.231:30400

User avatar
Gamall
Hic sunt dracones
Posts: 4146
Joined: Fri May 26, 2006 11:09 pm
Contact:

Re: BaseJKA Security Fix

Post by Gamall » Thu Jun 07, 2007 6:38 pm

cybermaniac wrote:i was inferring to the newest release :)
Oh, right :)

I had forgotten about this one :lol

Well, there are only two very minor fixes between 1.0e and 1.0f, and since the guy who requested them was on Win, I got lazy :P

If you feel the need for these two fixes as well, I'll go and compile a linux version... :D
{<§ Gamall Wednesday Ida §>}
{ Mods and Programs - Mods TES-IV Oblivion }

User avatar
cybermaniac
Posts: 30
Joined: Tue Apr 10, 2007 12:05 am

Re: BaseJKA Security Fix

Post by cybermaniac » Fri Jun 08, 2007 9:51 pm

nah dont woz lol

its not exactly a big problem :)
Admin and Owner of Baskerville Server
87.117.202.147:29070
62.4.74.231:30400

User avatar
GUARD!AN
Posts: 1
Joined: Tue Jun 26, 2007 5:34 pm

Re: BaseJKA Security Fix

Post by GUARD!AN » Tue Jun 26, 2007 5:42 pm

Hello Gamall,

I am the owner of the Siege pug server Impulse, and I would like to first of all thank you for the great mod. There are 2 issues I would like to bring up however.

1. In basejka, the large turrets on the map mp/siege_hoth are supposed to fire only 2 shots at a time, I found out the hard way that for some reason every few seconds they would shoot 3. I have uploaded a demo of them shooting multiple shots.

http://www.freewebs.com/guardianx5/WTF%20TURRET.dm_26


2. The backflips are a little awkward, not quite the normal basejka ones, its kind of hard to describe, so if you need a demo of a basejka flip and one with your mod's flip, I can supply that as well.

Also, the admin mod looks very promising, I look forward to that so I don't have to give out rcon to my admins =/.

User avatar
Gamall
Hic sunt dracones
Posts: 4146
Joined: Fri May 26, 2006 11:09 pm
Contact:

Re:

Post by Gamall » Tue Jun 26, 2007 6:45 pm

Hello :)
GUARD!AN wrote:1. In basejka, the large turrets on the map mp/siege_hoth are supposed to fire only 2 shots at a time, I found out the hard way that for some reason every few seconds they would shoot 3. I have uploaded a demo of them shooting multiple shots. m http://www.freewebs.com/guardianx5/WTF%20TURRET.dm_26
Very extremely strange :huh: I am quite sure I didn't alter anything of that kind :? So
-> Either it is a basejka bug you just didn't notice before.
-> Either it is a bug in the SDK (I used a linux-ready version of the SDK, which might have introduced that bug although I find that altogether unlikely)
-> More likely, it is a bug due to the discrepancy between my version of GCC, my flavour of Linux, and yours. Linux/GCC are not an exact science 8|. (I take it yours is a Linux-based server ?) If you cannot reproduce this bug on a windows server, then this is it.

I will look into it when I get more time, though :?
GUARD!AN wrote:2. The backflips are a little awkward, not quite the normal basejka ones, its kind of hard to describe, so if you need a demo of a basejka flip and one with your mod's flip, I can supply that as well.
Yep, I'd like a demo. Once again I'm really taken aback, since I did not edit anything gameplay-related. Same hypotheses as for the other one.


GUARD!AN wrote:Also, the admin mod looks very promising, I look forward to that so I don't have to give out rcon to my admins =/.
Oh. I'm sorry to disappoint you but, as I mentioned more than a month ago
Gamall wrote:edit: Since I don't really play JKA anymore, and have many other projects, I won't be working on that.
Last edited by Gamall on 11 May 2007 12:16 pm, edited 1 time in total
And on top of that I have a really busy timetable this summer (which I hadn't anticipated one month ago).

So I won't build that admin mod on top of my security mod, sorry. There are a great many admin mods out there. Perhaps there is one to your liking...

Let's say that, as a compromise, if you find an open-source admin mod you like, but which doesn't protect against the \say overflow (any decent mod should do that) or the fake players attack, I'll implement these protections into your admin-mod. Ok ? :)
{<§ Gamall Wednesday Ida §>}
{ Mods and Programs - Mods TES-IV Oblivion }

User avatar
cybermaniac
Posts: 30
Joined: Tue Apr 10, 2007 12:05 am

Re: BaseJKA Security Fix

Post by cybermaniac » Tue Jul 24, 2007 3:37 am

would there be a way of modifying the logs, or adding a new command that makes another txt file that PURELY deals with saving connecting IP addresses and nicks?


basically, all that is needed, is that it takes this info:

2318:32Connect request from : \ip\86.71.233.xxx:-10529\challenge\714200483\qport\60372\protocol\26\name\jadenyoda\rate\4000\snaps\20\model\kyle/default\forcepowers\
7-1-032330000000001333\color1\4\color2\4\handicap\100\teamtask\0\sex\male\cg_predictItems\1\saber1\single_1\saber2\none\char_color_red\
255\char_color_green\255\char_color_blue\255\teamoverlay\1


no need to make it fancy and neat, just that info and a space for the next info

(if you WANT to make it fancy and neat) do:

IP: 86.71.233.xxx
name: jadenyoda

:P


but let me know if this IS possible


thx
Admin and Owner of Baskerville Server
87.117.202.147:29070
62.4.74.231:30400

User avatar
Gamall
Hic sunt dracones
Posts: 4146
Joined: Fri May 26, 2006 11:09 pm
Contact:

Re: BaseJKA Security Fix

Post by Gamall » Tue Jul 24, 2007 4:30 pm

Yes, that would be quite possible.

But you can already extract that kind of info from the logs by using some kind of regex :)

Or I could make a proggy to generate that kind of output from the raw log, if you don't want to spend time studying regex (which I wouldn't blame you for :P). That will be easy. But I am currently in vacation, with no programming system installed as of yet (and no JKA installed either, in fact.)

I'll get to it eventually though, because it is true that the raw logs aren't quite readable :? The reason why I chose to display so much "garbage" info is debunking fakes: the info is like a "fingerprint" which, combined with IP tracing, makes it easier to decide who is who. :D
{<§ Gamall Wednesday Ida §>}
{ Mods and Programs - Mods TES-IV Oblivion }

User avatar
cybermaniac
Posts: 30
Joined: Tue Apr 10, 2007 12:05 am

Re: BaseJKA Security Fix

Post by cybermaniac » Tue Jul 24, 2007 10:35 pm

dude, your logs are phenomenal, seriously.


the purpose of the extra piece is so we can build a list of IPs vs Nicks so we can catch fakers, hackers and whoever else we need.


and would it be possible so that the text file is actually created on the server (much like the games.log)?
Admin and Owner of Baskerville Server
87.117.202.147:29070
62.4.74.231:30400

User avatar
Gamall
Hic sunt dracones
Posts: 4146
Joined: Fri May 26, 2006 11:09 pm
Contact:

Re: BaseJKA Security Fix

Post by Gamall » Wed Jul 25, 2007 12:19 am

cybermaniac wrote:a list of IPs vs Nicks so we can ...
In my experience, such a list is utterly useless. Most people have dynamical IPs, and even tracing those is no good, since their local network generally serves thousands of houses, ergo you can derive no certainty even from matching traces.

This is why I bothered logging the complete, unaltered connection packet. They can make identification much more reliable than anything that can be achieved with the IP alone.
cybermaniac wrote:and would it be possible so that the text file is actually created on the server (much like the games.log)?
If you do not have SSH access to you server, then no. (unless I alter the mod itself, but, since I don't play JKA at all anymore, I won't do that).

You'll have to download the logs to build the database.

Which doesn't change the fact that the list would actually be useless, as per above ;)
cybermaniac wrote:dude,...
Just so you know, I'm not a dude :lol
{<§ Gamall Wednesday Ida §>}
{ Mods and Programs - Mods TES-IV Oblivion }

User avatar
cybermaniac
Posts: 30
Joined: Tue Apr 10, 2007 12:05 am

Re: BaseJKA Security Fix

Post by cybermaniac » Wed Jul 25, 2007 12:26 am

actually, a list of IPs is actually rather useful, especially if you cross reference with ping, location and ISP.


i know ur not a dude lol, just a common phrase i use ;)



on a seperate note, is it possible to get the server logs to log ping as well?
Admin and Owner of Baskerville Server
87.117.202.147:29070
62.4.74.231:30400

Post Reply

Who is online

Users browsing this forum: No registered users and 73 guests