BNLS needs a method to stop idiots..

Newby · January 13, 2007, 12:20 PM

Quote from: UserLoser on January 12, 2007, 10:36 PM
Testing to see if the client is a proxy or not isn't practical. With the amount of connections that BNLS recieves per minute, it'd be just stupid to attempt a connection to each one on X port to see if it's a proxy. The BNLS server might as well just DDoS itself.

How would it DDoS itself? I think you mean DoS.

Denial · January 13, 2007, 08:25 PM

This problem has been been around since bots came out except back then it was a bit harder to massload. That is until nbbot came out. I remember massloading with ultimate bots back in the day. That was the fun days when we would load battlechat. The only problem with days now is every program is open source. Most bots that are massloading / flooding have been released to the public.

Proxies are not just on port 1080 but it is harder to test them on battle.net since telnet was taken away. I remember loading like 700 proxies and spamming people using the friendlist command which would read a channel and spam every user.

Ever since cuphead released cleanslate many bots came out. I remember stealthbot started from cleanslate then evolved into it's own bot.

I even see people massing on war3. Keys are not a problem anymore. Proxies arnt a problem.

I don't really have a problem with people massloading my channel it takes like 2 seconds to send an email to several people who can ban the account and proxy from battle.net

Like most of us that have been on for so long we could care less we have made filters so we don't even see massloads or flooding anymore.

Although gamers on actual broodwar do have a problem since they can only turn off notifications. All these massloaders / flooders do use bnls or that other server. There is an easy solution. Alot of flooders massload with a single name IE: Masstest and what follows are Masstest#, masstest#453. A simple solution is to ipban/cdkey ban everything on that account. For anything over #6.

Most Bots have a version thing they send like for example when it says your cdkey is inuse by Skywing. You could run a check for something along them lines. Like if the check said it was a massloader by bobdole. Ban all the strings by that.

There are alot of methods the easiest is using the auth system again. I remember having a cdkey tester which used the auth system back a year or two ago.

Bnls is just like battle.net nothing will be done unless it starts effecting the server itself. Also if enough people complain about it that usually helps as well.

You could also make people pay to use bnls. I'm not speaking of everyone just people that cause the problems. ban them from bnls then if they wish to come back. 20 dollars should be fine. that way you could make a little money and they might learn or keep paying money.

Hdx · January 13, 2007, 08:33 PM

http://hdx.jbls.org/01-13-07-nersucks4.txt
The stupidity of massers today just annoys me.
I expecially like this line:

Quote[11:00:55 AM] <nersucks4> I AM ELITE
[11:01:00 AM] <nersucks4> im not good, i am ELITE

its funny because he did a better job spamming himself then he did us

Eah I still think the best idea is to re-enable the auth system. (BotIDs/PWs)
Start with a completly new database and only current developers can get there names authed.
Writing a simple usage monitor shouldn't be to hard.
But what ever you do, I'd like to see it happen.
~-~(HDX)~-~

Newby · January 13, 2007, 08:58 PM

If he re-enables the auth system, how do you plan to handle that, Hdx, with your JBLS project?

I didn't read the whole thread by the way.

Hdx · January 13, 2007, 09:52 PM

Quote from: Newby on January 13, 2007, 08:58 PMIf he re-enables the auth system, how do you plan to handle that, Hdx, with your JBLS project?

I didn't read the whole thread by the way.

JBLS already has suport for the auth system.
And I am personal friends with most of the people who wrote the bots that use my servers.
I also have a method of distributing the Bot Accounts in a secure method. So ya...
~-~(HDX)~-~

Newby · January 13, 2007, 10:42 PM

Quote from: Hdx on January 13, 2007, 09:52 PM
JBLS already has suport for the auth system.
And I am personal friends with most of the people who wrote the bots that use my servers.
I also have a method of distributing the Bot Accounts in a secure method. So ya...
~-~(HDX)~-~

So if a bot is configured for BNLS (with an account on it) and they switch to JBLS, they'll have to request the same account on JBLS?

I don't think people will trust you enough to do that.

Hdx · January 13, 2007, 10:51 PM

Quote from: Newby on January 13, 2007, 10:42 PMSo if a bot is configured for BNLS (with an account on it) and they switch to JBLS, they'll have to request the same account on JBLS?

I don't think people will trust you enough to do that.

If they don't then sucks for them.
Worst comes to worst, i have a few ways of obtaining the passwords to BNLS accounts.
Newby, you know me, I'm trustworthy, so meh.
~-~(HDX)~-~

Newby · January 14, 2007, 12:32 AM

Quote from: Hdx on January 13, 2007, 10:51 PM
Newby, you know me, I'm trustworthy, so meh.

I may know you, but botmaker A who hears about JBLS may not.

Ersan · January 14, 2007, 05:30 AM

Doesn't really matter, JBLS doesn't work with the new checkrevision.

QuoteThe easiest way to go about adding a "restriction" would be an algorithm calculating the amount of logon queries/cdkey encryption/connection attempts per bot id in Y amount of time resulting in a value determining or not if it's abusive.

This is also ineffective, these things are using proxies in the first place, and there's no way to discern which 'bot' is using BNLS as it is anonymous, the only solution to the problem is to reimplement user accounts and revoke those that are abusive.

Not that anyone still uses battle.net, or really cares...

Warrior · January 14, 2007, 12:54 PM

Quote from: dlStevens on January 13, 2007, 11:54 AM
I'm not positive, but I'm almost sure that they aren't sent in plain text.

They're probably sent encrypted, or what not.

But still, you can monitor it...

They are sent in plaintext. Besides, it wouldn't matter. You just packetlog the Client and send the exact values it sends to BNLS.

This is why that idea didn't work/won't work.

Hdx · January 14, 2007, 01:13 PM

Quote from: Warrior on January 14, 2007, 12:54 PM
Quote from: dlStevens on January 13, 2007, 11:54 AM
I'm not positive, but I'm almost sure that they aren't sent in plain text.

They're probably sent encrypted, or what not.

But still, you can monitor it...

They are sent in plaintext. Besides, it wouldn't matter. You just packetlog the Client and send the exact values it sends to BNLS.

This is why that idea didn't work/won't work.

http://bnetdocs.valhallalegends.com/content.php?Section=d&id=7
Not really... the passwords are also hashed with the server token which changes every login.
~-~(HDX)~-~

Warrior · January 14, 2007, 02:55 PM

http://bnetdocs.valhallalegends.com/content.php?Section=m&Code=150

Also @ the Checksum: That won't do much, you can always set a bp when the Checksum is called and find out what exactly is being passed to it. In reality there is no effective client side solution for this.

Dale · January 14, 2007, 04:34 PM

Yes, Like I said, the either the password or username is hashed. It'd be plain stupidity to send a password, or cdkey plain text...So easy to packet log...

Quote from: Denial on January 13, 2007, 08:25 PM

Although gamers on actual broodwar do have a problem since they can only turn off notifications. All these massloaders / flooders do use bnls or that other server. There is an easy solution. Alot of flooders massload with a single name IE: Masstest and what follows are Masstest#, masstest#453. A simple solution is to ipban/cdkey ban everything on that account. For anything over #6.

You can't just ban someone that has over #6 or whatever... That doesn't make sense? What about back in the day with like uh whatever bot flood/massload bot Fleet- made... It changes the names randomly, Then you wouldn't have any #'s...Also what if people decide to have a #20 in their name? they'd get banned for no reason?

Your statement wouldn't work.

vuther.de · January 14, 2007, 05:26 PM

People could get around the name# idea pretty easily.

Dale · January 14, 2007, 05:41 PM

Yes, My point exactly.