AssaultCube Reloaded Forums

Full Version: Central Nickname/IP Authentication
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
I will implement this, where it will ask the master server for every connecting client. It will send the Nickname and IP and the masterserver will tell the server one of the following replies:
  • Nickname blacklisted
  • Nickname whitelisted (IP failure)
  • Nickname whitelisted (password requires check) - This will require deban passwords to be issued, likely unused
  • IP banned
  • Default/allowed
  • Nickname whitelisted (success)
All of the above can be overridden with a deban password.

This is similar to steam authentication, but of course we cannot use easily spoofable XUIDs or GUIDs. We probably cannot send anything other than nicknames and IPs.

This makes more sense than sending the server a big list of bans, but allows the banned user to connect for about one second, before he is denied access.

Any comments or concerns?
What about the possibility of ban trough Motherboards IDs, Hard Disk, CPU or some other hardware chipset where serial numbers cannot be changed?

It would be a great prevention method, as cheaters would have to directly buy new hardware in order to join the game again, and of course IP could still stay as a reference.

Like the idea? Tongue


PS: Ups, just read another threat where I purposed the same... well... hope we can have a larger discussion about this in this one Smile
Yes, but all of this stuff can be easily spoofed by the client. But you can't spoof an IP. If you did, the packets can't come back to you.
Indead, that's why I intend this to be an addition to the IP ban system.

On the other hand, would it be possible to create a register/login system in order to play the game? Maybe it can be a solution to better control 'users behaviour'.

I want this game to be free and open, where no annoying registration is required. It should be as simple as downloading, unzipping and changing a few settings (name/resolution/spawn weapon) and be easy to play/make maps. It should have no mandatory register/login system as it causes annoyances.

Only if it gets bad, I could implement a forum registration system.
Hmmm... the you could set it as optional, hence server owners can decide if they let play 'unregistered' users or they wish a 'centralized protection database'. It could even be used in order to create an XP/Skillz system for better 'skill balance' servers Smile

But somebody could always run a hacked server that ranks up very fast. The client AND the server are both untrustworthy.

If they don't want the central protection, use a different master server.
That's also true Smile Good point.