Urban Terror Forums: [4.2] The Auth System - Urban Terror Forums

Wasn't the biggest problem with hackers the fact that most servers had different banlists so hackers could just change server after getting banned from another and continue hacking? If all servers with auth enabled had the same banlist or something like that atleast imo it would be a pain in the ass to make new accounts all the time. Great work FS, looking forward to this.

New layout n design pleaaase this takes 1h to do

Todd, on 01 August 2012 - 06:58 AM, said:

I wasn't talking about the age of the player. I was talking about how long the account has existed.

There's two options for delaying account enabling:

1) The back-end delays it such that a player that just made an account can't play on any servers for some amount of time determined by FS.

2) Building the facility into the server build to query the back-end to not only validate a player's account, but also to query how long the account has existed. Then the server admin can determine how long a player has to wait after creating an account before that account can play on their server.

The argument that the auth system as-is will deter hackers from taking the extra two steps it takes to create another account and return after a ban is that it takes a bit longer. That's true, but in reality it adds what? 5 minutes? 10 minutes tops? I'm talking about being able to add hours to how long before that new hacker account can play.

Divinity, on 01 August 2012 - 11:56 AM, said:

Thats why I asked about hardware fingerprinting, so that you'd need to replace motherboard to make new account, if any others were banned. It would by by-passable probably, but the effort you'd need to put would be much higher.

Sorry in advance if these questions already have been answered in this thread, but for me 2 questions still remain.

The first thing is the question whether only server admins can see the account-name of a connecting player or everybody on the server.
The second question is the one concerning the notoriety level... If the notoriety is a global thing, how can you stop abuse (i.e. idling on a private server to increase your notoriety level)?

^^ I hope everyone can see the AUTHname, then you know who_is_who without any admin being around, so you can permban some ass on your own system. Also i hope servers cant take away the authname from the screen, if you wanna play Who_AM_I then play another game.

Hiding auth_name is useless, iirc you will be able to lookup any nickname and so the auth_name.

This post has been edited by Driller: 01 August 2012 - 01:27 PM

@Garreth: read from FrankieV's comment near the end onwards. http://www.urbanterr...s/page__st__110 FrankieV

I see the banlist of each clan seems to be public (unless I'm interpreting it wrong): http://www.urbanterr...lan_name>/bans/
My question is, would it be possible to do that in reverse; i.e. add a link to a profile listing all the banlists their auth exists on? This would make it incredibly easy to do a quick, rough check to see if a player suspected of wallhacking (but hiding it well) has been banned previously while refining his hacking technique on random overseas servers?

This post has been edited by Todd: 01 August 2012 - 01:27 PM