• Welcome to Valhalla Legends Archive.
 

BNLS needs a method to stop idiots..

Started by Skeptical, January 11, 2007, 12:21 PM

Previous topic - Next topic
|

Newby

Quote from: UserLoser on January 12, 2007, 10:36 PM
Testing to see if the client is a proxy or not isn't practical.  With the amount of connections that BNLS recieves per minute, it'd be just stupid to attempt a connection to each one on X port to see if it's a proxy.  The BNLS server might as well just DDoS itself.

How would it DDoS itself? I think you mean DoS.
- Newby

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote<TehUser> Man, I can't get Xorg to work properly.  This sucks.
<torque> you should probably kill yourself
<TehUser> I think I will.  Thanks, torque.

Denial

This problem has been been around since bots came out except back then it was a bit harder to massload. That is until nbbot came out. I remember massloading with ultimate bots back in the day. That was the fun days when we would load battlechat. The only problem with days now is every program is open source. Most bots that are massloading / flooding have been released to the public.

Proxies are not just on port 1080 but it is harder to test them on battle.net since telnet was taken away. I remember loading like 700 proxies and spamming people using the friendlist command which would read a channel and spam every user.

Ever since cuphead released cleanslate many bots came out. I remember stealthbot started from cleanslate then evolved into it's own bot.

I even see people massing on war3. Keys are not a problem anymore. Proxies arnt a problem.

I don't really have a problem with people massloading my channel it takes like 2 seconds to send an email to several people who can ban the account and proxy from battle.net

Like most of us that have been on for so long we could care less we have made filters so we don't even see massloads or flooding anymore.

Although gamers on actual broodwar do have a problem since they can only turn off notifications. All these massloaders / flooders do use bnls or that other server. There is an easy solution. Alot of flooders massload with a single name IE: Masstest and what follows are Masstest#, masstest#453. A simple solution is to ipban/cdkey ban everything on that account. For anything over #6.

Most Bots have a version thing they send like for example when it says your cdkey is inuse by Skywing. You could run a check for something along them lines. Like if the check said it was a massloader by bobdole. Ban all the strings by that.

There are alot of methods the easiest is using the auth system again. I remember having a cdkey tester which used the auth system back a year or two ago.

Bnls is just like battle.net nothing will be done unless it starts effecting the server itself. Also if enough people complain about it that usually helps as well.


You could also make people pay to use bnls. I'm not speaking of everyone just people that cause the problems. ban them from bnls then if they wish to come back. 20 dollars should be fine. that way you could make a little money and they might learn or keep paying money.
Actus non facit reum nisi mens sit rea

Hdx

http://hdx.jbls.org/01-13-07-nersucks4.txt
The stupidity of massers today just annoys me.
I expecially like this line:
Quote[11:00:55 AM] <nersucks4> I AM ELITE
[11:01:00 AM] <nersucks4> im not good, i am ELITE
its funny because he did a better job spamming himself then he did us ;)
Eah I still think the best idea is to re-enable the auth system. (BotIDs/PWs)
Start with a completly new database and only current developers can get there names authed.
Writing a simple usage monitor shouldn't be to hard.
But what ever you do, I'd like to see it happen.
~-~(HDX)~-~

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

Newby

If he re-enables the auth system, how do you plan to handle that, Hdx, with your JBLS project?

I didn't read the whole thread by the way.
- Newby

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote<TehUser> Man, I can't get Xorg to work properly.  This sucks.
<torque> you should probably kill yourself
<TehUser> I think I will.  Thanks, torque.

Hdx

Quote from: Newby on January 13, 2007, 08:58 PMIf he re-enables the auth system, how do you plan to handle that, Hdx, with your JBLS project?

I didn't read the whole thread by the way.
JBLS already has suport for the auth system.
And I am personal friends with most of the people who wrote the bots that use my servers.
I also have a method of distributing the Bot Accounts in a secure method. So ya...
~-~(HDX)~-~

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

Newby

Quote from: Hdx on January 13, 2007, 09:52 PM
JBLS already has suport for the auth system.
And I am personal friends with most of the people who wrote the bots that use my servers.
I also have a method of distributing the Bot Accounts in a secure method. So ya...
~-~(HDX)~-~

So if a bot is configured for BNLS (with an account on it) and they switch to JBLS, they'll have to request the same account on JBLS?

I don't think people will trust you enough to do that.
- Newby

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote<TehUser> Man, I can't get Xorg to work properly.  This sucks.
<torque> you should probably kill yourself
<TehUser> I think I will.  Thanks, torque.

Hdx

Quote from: Newby on January 13, 2007, 10:42 PMSo if a bot is configured for BNLS (with an account on it) and they switch to JBLS, they'll have to request the same account on JBLS?

I don't think people will trust you enough to do that.
If they don't then sucks for them.
Worst comes to worst, i have a few ways of obtaining the passwords to BNLS accounts.
Newby, you know me, I'm trustworthy, so meh.
~-~(HDX)~-~

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

Newby

Quote from: Hdx on January 13, 2007, 10:51 PM
Newby, you know me, I'm trustworthy, so meh.

I may know you, but botmaker A who hears about JBLS may not.
- Newby

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote<TehUser> Man, I can't get Xorg to work properly.  This sucks.
<torque> you should probably kill yourself
<TehUser> I think I will.  Thanks, torque.

Ersan

#38
Doesn't really matter, JBLS doesn't work with the new checkrevision.

QuoteThe easiest way to go about adding a "restriction" would be an algorithm calculating the amount of logon queries/cdkey encryption/connection attempts per bot id in Y amount of time resulting in a value determining or not if it's abusive.
This is also ineffective, these things are using proxies in the first place, and there's no way to discern which 'bot' is using BNLS as it is anonymous, the only solution to the problem is to reimplement user accounts and revoke those that are abusive.

Not that anyone still uses battle.net, or really cares...

Warrior

Quote from: dlStevens on January 13, 2007, 11:54 AM
I'm not positive, but I'm almost sure that they aren't sent in plain text.

They're probably sent encrypted, or what not.

But still, you can monitor it...

They are sent in plaintext. Besides, it wouldn't matter. You just packetlog the Client and send the exact values it sends to BNLS.

This is why that idea didn't work/won't work.
Quote from: effect on March 09, 2006, 11:52 PM
Islam is a steaming pile of fucking dog shit. Everything about it is flawed, anybody who believes in it is a terrorist, if you disagree with me, then im sorry your wrong.

Quote from: Rule on May 07, 2006, 01:30 PM
Why don't you stop being American and start acting like a decent human?

Hdx

Quote from: Warrior on January 14, 2007, 12:54 PM
Quote from: dlStevens on January 13, 2007, 11:54 AM
I'm not positive, but I'm almost sure that they aren't sent in plain text.

They're probably sent encrypted, or what not.

But still, you can monitor it...

They are sent in plaintext. Besides, it wouldn't matter. You just packetlog the Client and send the exact values it sends to BNLS.

This is why that idea didn't work/won't work.
http://bnetdocs.valhallalegends.com/content.php?Section=d&id=7
Not really... the passwords are also hashed with the server token which changes every login.
~-~(HDX)~-~

Proud host of the JBLS server www.JBLS.org.
JBLS.org Status:
JBLS/BNLS Server Status

Warrior

http://bnetdocs.valhallalegends.com/content.php?Section=m&Code=150

Also @ the Checksum: That won't do much, you can always set a bp when the Checksum is called and find out what exactly is being passed to it. In reality there is no effective client side solution for this.
Quote from: effect on March 09, 2006, 11:52 PM
Islam is a steaming pile of fucking dog shit. Everything about it is flawed, anybody who believes in it is a terrorist, if you disagree with me, then im sorry your wrong.

Quote from: Rule on May 07, 2006, 01:30 PM
Why don't you stop being American and start acting like a decent human?

Dale

Yes, Like I said, the either the password or username is hashed. It'd be plain stupidity to send a password, or cdkey plain text...So easy to packet log...

Quote from: Denial on January 13, 2007, 08:25 PM

Although gamers on actual broodwar do have a problem since they can only turn off notifications. All these massloaders / flooders do use bnls or that other server. There is an easy solution. Alot of flooders massload with a single name IE: Masstest and what follows are Masstest#, masstest#453. A simple solution is to ipban/cdkey ban everything on that account. For anything over #6.


You can't just ban someone that has over #6 or whatever... That doesn't make sense? What about back in the day with like uh whatever bot flood/massload bot Fleet- made... It changes the names randomly, Then you wouldn't have any #'s...Also what if people decide to have a #20 in their name? they'd get banned for no reason?

Your statement wouldn't work.

vuther.de

People could get around the name# idea pretty easily.

Dale


|