Zusätzliche server sicherhait

Well.. I found these days a nice description about how to get rid of most bots quite easily. It really works, I tested it on one of our servers (212.65.0.171). I could not connect with several Bots and the way is quite simple. I found this description on a webside somewhere - can't remeber where, so I repost it here. But.. and this is a big "but"... not only the Aimbot-Users can't connect any more, all the Macintosh-Users too..  For we got some of them in our clan and we run 4 FFA-servers, I removed the protection again and now search for a way to enable the Mac-users again without removing the bot-protection.. :/
Here's the description:

--------
Security Takes a Step Forward
November 26, 2001 @ 16:13 Warren


Here is a small contribution to the ###### ########## community to help deal with some of the security issues that can be detrimental to gameplay. Though most of this will be geared towards server admins, part of the community's responsibility will be to put pressure on those admins to make the necessary changes so their servers can remain as cheat-free as possible.

Removal of the 'ServerSideOnly' backdoor within ###### ##########

Disclaimer:
We do not contend that performing the steps listed below will protect your server 100% against any kind of client-hack, AimBot, or cheat currently available, or those that will be available in the future. Nor do we believe that cheats and hacks are something evil that have to be fought against. This explanation merely describes one solution for "fixing" the most common security holes used by cheats at the moment. Cheats and helpers are welcomed by a wide range of the community. However, the usage of cheats online on open servers or even in clan matches can destroy the whole gaming experience for most players out there.

This information will provide server admins with an opportunity to close one of the largest security holes that ###### ########## currently has, and will give mod authors the chance to close another one using some simple script changes.

This fix will work with any standard ###### ########## server and every mod, such as Infiltration, Tactical Ops or Strike Force, just to name a few.

Here are two common ways that are used for getting an AimBot and other cheats working online:

a) Using one's own console and editing their INI file to use it instead of the original ###### ########## or another mod's console.
b) Using a changed version of an original ###### ########## .U package file that is flagged as 'ServerSideOnly'

Point a) is typically not a problem because the console can be checked directly within the code that functions on the server. Standard ###### ########## and mods that allow the use of the Client Side Hack Protection (CSHP) modification are normally all you need. Modifications that cannot use CSHP due to various other reasons or incapability normally use their own console class that is then checked within their own packages. Combining the use of a project's console class within their package and including this package in the server's ServerPackages= section listed in the server's INI file would normally fill this security hole. If a mod team needs help in integrating these checks, than feel free to contact us.

Point b) is even easier to fix. Server admins should read the following instructions carefully, because it takes only about 5 minutes to change. Common AimBots are using a changed version of the UTMenu.u file. This package is already listed in the ServerPackages= list, however it is flagged as 'ServerSideOnly' due to backwards compatibility issues of former versions of ###### ##########. Well, today all servers and clients out there have version 436 installed, and so the need of backwards compatibility is no longer an issue. The 'ServerSideOnly' flag is responsible for not allowing the check between client and server that normally takes place for all packages within the ServerPackages= list. So, different versions of these files slip between the cracks, and AimBots and other cheats can be used without anyone knowing any better. Removing the 'ServerSideOnly' flag is very easy to achieve and thankfully, the package integrity remains the same. This means that the package is still the "same" for the ###### ########## engine and a client-server check will not result in a "file mismatch" warning as some might come to expect. So servers can use files with the 'ServerSideOnly' flag removed and clients do not need to download a changed package or do anything else for that matter.

The following describes one possible way to change this flag. It basically describes the correct usage of the ucc.exe file for removing the flag, and how to setup the server's INI file correctly so that the new file(s) are checked. It should be said that the UTMenu.u file is not the only one that can be modified for cheating, so the procedure should be performed on a group of files that are listed below.

How to remove the ServerSideOnly flag from the UTMenu.u package:

open a command.com or cmd.exe (also known as DOS box or window)
change the path to your UnrealTournament\System folder
type in the following and hit enter (case sensitive if needed
ucc packageflag UTMenu.u UTMenu2.u -ServerSideOnly
wait until ucc has saved the new UTMenu2.u file
make a new folder .... i.e. UnrealTournament\ServerFiles
copy the new UTMenu2.u file into this folder
rename it back to UTMenu.u
open the server's ini file (ie. UnrealTournament.ini or the one from the mod you are hosting)
search for [Core.System]
below you will see the Paths= list entries, such as Paths=../System/*.u
add the folder you just created at the top of the list like this:
Paths=../ServerFiles/*.u
... then the original ones should follow

search for [Engine.GameEngine]
below you will see the ServerPackages= list entries, such as ServerPackages=Botpack
make sure that ServerPackages=UTMenu is listed there as well. If not, simply add it
That's it! Now clients using a modified version of the UTMenu.u file will automatically be rejected by your server.

Here's a list of common packages that are using the ServerSideOnly flag and can be abused:

UBrowser.u
UTBrowser.u
UWindow.u
UMenu.u
UTMenu.u (like described above)
Remove the ServerSideOnly flag for these packages as well, copy them to your new "ServerFiles" folder, and add them to your ServerPackages= list, if not already included.

Feel free to let us know if you have additional questions or comments.

Special thanks to Beppo for doing all the investigative work.
-------


As I said, it really works fine. But the Mac-users also get a version-mismatch now.. :/
Anyone see a chance to let them in?
You may find me on quakenet #rhd or reply here.. thx..

Nun ich habe nach Anleitung das alles so gemacht, ich hoffe jetzt kann ich wieder beruhig UT spielen

Noch was ich hoffe wir haben A. keine MAC User und B. wenn jemand ab jetzt Probs mitten connecten hat bitte sofort bei mir oder Andreas melden, wir schauen dann ins Log.

ähhh,
noch mal kurz um was es eigentlich geht in deutsch?

Das heißt das durch die Änderung der Serverflags, Cheats nicht mehr laufen, die bestimmte Dateien modifizieren z.b
Umenu.u (macht jeder Aimbot,Radar usw. sogar der Triggerbot)  Der Cheater bekommt dann einen Versionsmismatch wenn er versucht unseren Server zu joinen. Nachteil ist das MAC User unseren Server dadurch nicht mehr joinen können.

Ihr habt VIER FFA-Server?! Nich wahr oda!?

Wie kommst du denn darauf?? Schön wärs *g*

Zitat (Tekbaron @ 19 Juni. 2002,18:12)

Well.. I found these days a nice description about how to get rid of most bots quite easily. It really works, I tested it on one of our servers (212.65.0.171). I could not connect with several Bots and the way is quite simple. I found this description on a webside somewhere - can't remeber where, so I repost it here. But.. and this is a big "but"... not only the Aimbot-Users can't connect any more, all the Macintosh-Users too..  For we got some of them in our clan and we run 4 FFA-servers, I removed the protection again and now search for a way to enable the Mac-users again without removing the bot-protection.. :/

Kann ich auf einmal kein Englisch mehr, oda waeh?! Da steht doch: 4 FFA-Servers oda nich?

Ja schon, aber dieser Text stammt nicht von uns.

4 ffa   heisst zu deutsch for free for all,  die 4 soll die abkürzung für die englische 4 sein, also four!

cya Mcpappe

Zitat (Tekbaron @ 19 Juni. 2002,18:12)

For we got some of them in our clan and we run 4 FFA-servers

Jo, hab ich ja zuerst auch uebalegt, da ich es in meinem Style ja auch so schreib. Abar, da eben dieses Wort davor auch ausgeschrieben war,
hab ich diese Moeglichkeit instinktiv schon ausgeschlossen