UrT 4.2 will not have much of a detect system.
It will add a cvar with a pbid (*lol, a uniqueid as cvar lol*) and if it comes high, it will possibly check the cvars.
Apart from that, it's only a ban system, and the players need to get "Passports" and get trust levels (you can also buy it...).
So you can only play on an UrT 4.2 server if you have a valid passport, that is not banned.
If you're banned, you're banned from all servers...
Most of it is most-likely coded in python, and it doesn't check a checksum, nor the memory, nor the fov/speed, nor its own integrity, and the way they intend to stop automatic passport creating by bots is guess what - a reCAPTCHA *lol*
Never mind that such a system enables the server admin to cheat without problems ;-))
Nvm about the quoting of all my post to point the focus _ONLY_ on Urt 4.2 detect system or presumed detect system or whatever else ...
anyway , what u are describing seems not to be exactly in sync with what I've read : it's rather closer to the urtevolution ban system :
http://urtevolution.com/site/What I have learned so far:
There are about 1000 "UAA" game servers using 20 slots every 20 minutes...
this means:
=> at least 60 000 authentification requests every hour
=> at least 40 000 000 database entries by month
=> at least 500 000 000 database entries by year
They use a passport and ban system, which is stupid, because they will have to keep every information for every client.
So if they keep every information (at 10Kb per entry), they will have a monthly database of 400 Gb and a yearly database of 5 Tb !
Then they need to keep it in RAID to prevent data loss, so they need at least 10 terrabyte within a year.
At 100$ per terrabyte drive, this makes $ 1000, for a none senseload of superfluous data alone.
Assuming 60 000 hits per hour, which is 1000 hits per minute or 16 hits per second and a minimalistic traffic of 5 kb per hit, this makes 80 kb/s of minimally required data throughput.
If they transfer at least 10 kb, it's alread 160 kb/s.
Then, they have to communicate all the authorizations to the servers.
Making again at leas 160 kb/s, which means standard operating procedures alone require 320 kb/s.
Assuming a 5 terrabyte database, with standard hard-disk being cheap only if they can be bought as one terrabyte per drive,
and a standard computer being able to search a 1 TB database in an acceptable time, they will require about 5 computes and a distributed database.
This requries a load-balancing server.
Totaling 5 database servers, 1 load balancing server and one webserver, as well as a reserve of at least 1 computer for each of them as failsafe.
Makes 14 computers. 14 computers require 2 netgear standard routers and 16 cables, as well as 2 reserve cables.
Assuming a free Linux infrastructure, that makes about $ 14'000 in computers and some peanuts for routers and cables, additional to the 1000$ minimum for storage hardware.
Assuming 14 computers and no peanuts, at 80 Watts per second, or 80 wattshours per hour or 700'800 Watthours per year, this makes 14 times 700 kWh in energy bill. Assuming $ 0.13 per kWh, this makes 91$ *14 = 1274 $
And about 12* 50 $/month = 600 $ per year for an internet connection.
So we have 1000$ per year for storage, 1300$ for electricity, plus about 2 computers to replace per year, equal 2000$ and 600 for server bandwidth makes net operating cost of 5000 $ per year, and 15'000 $ for initial equipment
AND ALL THAT FOR A COMPUTER GAME... SICK ! SICK ! SICK ! Additionally, they cannot just ban every cheater, because they we will have to think about what to keep and for how long, and how they want to keep it (and where to get/put the hardware) ...
Their passport system:
(Click to see full sized image)
Their Python code:
#
# ioUrTuaa Parser for BigBrotherBot(B3) (www.bigbrotherbot.com)
# Copyright (C) 2008 Mark Weirath (xlr8or@xlr8or.com)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
#
# CHANGELOG
# v1.0.0 - 10/06/2009 - Courgette
# - fix loosing clients due new log format where client's port is not there anymore
# - kick command now uses the /rcon uaa-kick command (works with both 'classic' iourt and 'uaa' clients)
#
__author__ = 'Courgette'
__version__ = '1.0.0'
import b3.parsers.iourt41
import re, string, threading, time, os
import b3
import b3.events
#----------------------------------------------------------------------------------------------------------------------------------------------
class Iourt41UaaParser(b3.parsers.iourt41.Iourt41Parser):
gameName = 'iourt41uaa'
_commands = {}
_commands['broadcast'] = '%(prefix)s^7 %(message)s'
_commands['message'] = 'tell %(cid)s %(prefix)s ^3[pm]^7 %(message)s'
_commands['deadsay'] = 'tell %(cid)s %(prefix)s [DEAD]^7 %(message)s'
_commands['say'] = 'say %(prefix)s %(message)s'
_commands['set'] = 'set %(name)s "%(value)s"'
_commands['kick'] = 'uaa-kick %(cid)s "%(servermessage)s" "%(playermessage)s"'
_commands['ban'] = 'addip %(cid)s'
_commands['tempban'] = 'clientkick %(cid)s'
_commands['banByIp'] = 'addip %(ip)s'
_commands['unbanByIp'] = 'removeip %(ip)s'
# map: ut4_casa
# num score ping name lastmsg address qport rate
# --- ----- ---- --------------- ------- --------------------- ----- -----
# 2 0 19 ^1XLR^78^8^9or^7 0 145.99.135.227 41893 8000 # player with a live ping
# 4 0 CNCT Dz!k^7 450 83.175.191.27 50308 20000 # connecting player (or inbetween rounds)
# 9 0 ZMBI ^7 1900 81.178.80.68 10801 8000 # zombies (need to be disconnected!)
_regPlayer = re.compile(r'^(?P<slot>[0-9]+)\s+(?P<score>[0-9-]+)\s+(?P<ping>[0-9]+|CNCT|ZMBI)\s+(?P<name>.*?)\s+(?P<last>[0-9]+)\s+(?P<ip>[0-9.]+)\s+(?P<qport>[0-9]+)\s+(?P<rate>[0-9]+)$', re.I)
_rePlayerScore = re.compile(r'^(?P<slot>[0-9]+): (?P<name>.*) k:(?P<kill>[0-9]+) d:(?P<death>[0-9]+) (?P<ping>[0-9]+|CNCT|ZMBI) (?P<ip>[0-9.]+)$', re.I) # NOTE: this won't work properly if the server has private slots. see http://forums.urbanterror.net/index.php/topic,9356.0.html
def parseUserInfo(self, info):
#2 uaa_level\-1\ip\145.99.135.227:27960\challenge\-232198920\qport\2781\protocol\68\battleye\1\name\[SNT]^1XLR^78or\rate\8000\cg_predictitems\0\snaps\20\model\sarge\headmodel\sarge\team_model\james\team_headmodel\*james\color1\4\color2\5\handicap\100\sex\male\cl_anonymous\0\teamtask\0\cl_guid\58D4069246865BB5A85F20FB60ED6F65
playerID, info = string.split(info, ' ', 1)
if info[:1] != '\\':
info = '\\' + info
options = re.findall(r'\\([^\\]+)\\([^\\]+)', info)
data = {}
for o in options:
data[o[0]] = o[1]
data['cid'] = playerID
if data.has_key('n'):
data['name'] = data['n']
t = 0
if data.has_key('team'):
t = data['team']
elif data.has_key('t'):
t = data['t']
data['team'] = self.getTeam(t)
if data.has_key('cl_guid') and not data.has_key('pbid') and self.PunkBuster:
data['pbid'] = data['cl_guid']
return data
#----------------------------------------------------------------------------------
def kick(self, client, reason='', admin=None, silent=False, *kwargs):
if isinstance(client, str) and re.match('^[0-9]+$', client):
self.write(self.getCommand('kick', cid=client, servermessage=reason, playermessage=reason))
return
elif admin:
reason = self.getMessage('kicked_by', client.exactName, admin.exactName, reason)
else:
reason = self.getMessage('kicked', client.exactName, reason)
if self.PunkBuster:
self.PunkBuster.kick(client, 0.5, reason)
else:
if silent:
self.write(self.getCommand('kick', cid=client.cid, servermessage="", playermessage=reason))
else:
self.write(self.getCommand('kick', cid=client.cid, servermessage=reason, playermessage=reason))
self.queueEvent(b3.events.Event(b3.events.EVT_CLIENT_KICK, reason, client))
client.disconnect()
Their client Cvars:
UAA_client "1"
- 0 disabled
- 1 UAA Passport and functions enabled
UAA_rcon_in_say "1"
- 0 disabled
- 1 say message starting by / are used as rcon cmd
Client command
uaa-passport <passport>
Set the client passport and generate a new uaa-passport file.
Their Server cvars
UAA_verbosity "1"
- 0 no message
- 1 messages on top
- 2 messages on bottom
UAA_log "1"
- 0 no log
- 1 UAA info in game log
UAA_cheaters "1"
- 0 accept cheaters
- 1 refuse banned IPs and logins
UAA_nicknames "1"
- 0 accept all nicknames
- 1 refuse stolen nicknames
UAA_tags "1"
- 0 no tag checking
- 1 refuse stolen clan tags
UAA_notoriety "0"
- 0 accept everybody
- 1 require valid UAA Passport for every players
- 10,20,30 etc. limit to players with this notoriety
UAA_groups ""
- "" accept everybody
- "13 27.5" require to be registered in group 13 or to be admin in group 27.
UAA_rcon_groups ""
- "" password only rcon
- "11.4 37" require to be at least referee of group 11 or friend in group 37
UAA_cmd_anonymous "uaa"
rcon commands available for every users.
UAA_cmd_passport "uaa uaa-status"
rcon commands available for passport owner.
UAA_cmd_friend "uaa uaa-status uaa-whois uaa-kick restart nextmap"
rcon commands available for friends.
UAA_cmd_member "uaa uaa-status uaa-whois uaa-kick uaa-ban restart nextmap map"
rcon commands available for members.
UAA_cmd_referee "uaa uaa-status uaa-whois uaa-kick uaa-ban uaa-say restart nextmap map devmap exec bigtext"
rcon commands available for referees.
Their server rcon commands
uaa-getstatus
UAA public status. Can't be retrieve without rcon password.
uaa
UAA short state. Display in server public getstatus
uaa-status
Display UAA settings
uaa-whois <client number|name>
Display information about a client.
uaa-say <client number|name|all> <server|console> <text>
Say to server top, console or client.
uaa-kick <client number|name> "<server message>" "<client message>"
kick a client with human readable reason and message.
uaa-ban <client number|name> "<server message>" "<client message>" <delay> <min|h|d|m|y>
ban a client with human readable reason and message - works only with the first group set by UAA_rcon_groups and if the server is registered in this group on UAA website.
All these rcon command can be used with a full player name, his slot number or a simple extract of the player name : "uaa-whois klat" will work for "|KLA|Klatuu"
The UAA PASSPORT (Their Concept v. 0.9.0)
The UAA proposes that a system should be created for identifying and authenticating players in real-time. In a second stage of deployment, we are developing an anti-cheat that works with the system as an extra layer of protection.
It will help to :
- Protect servers against cheaters
- Protect nicknames against thefts
- Protect clans tags against thefts
- Give partial or full access to rcon
- Make clan only (or league only) servers
UAA has coded a special dedicated server ioUrTded[UAA] and a special game client ioUrbanTerror[UAA].
They work together with a central authentication server, which manages the authorizations for every registered servers, player, or group of players.
CLIENT SIDE
For example, the player "Klatuu" will register at "
http://passport.uaaportal.com/".
login: "klatuu"
password: "********"
e-mail: "
klatuu@gmail.com"
nicknames: "Mr.Klatuu" "_Klatuu_"
automatic: player_id reg_IP reg_date last_change
Assumptions and Constraints
- E-mail should be editable, with e-mail validation for each change.
- Protected nicknames should use more than 3 letters
- Each user can protect 3 nicknames.
Our player Klatuu will receive a private key called uaa-passport by e-mail :
Your UAA Passport details are as follows:-
- Passport login: klatuu
- Passport key: 03A2D CF4AC67E461A0273D4A9EF4C56B
You can manage you account here :
http://passport.uaaportal.com/en/profile/klatuu/WARNING: Do NOT share you Passport Key with ANYONE, no one will ever ask for it ! Not even staff !
You can use your new UAA Passport by typing in the game console :
/uaa-passport 03A2D CF4AC67E461A0273D4A9EF4C56B
Or by replacing your current "uaa-passport" file near the "qkey" file by this new one :
uaa-passport (0.2Kb)
CLAN SIDE
Clan or league admin will register on "
http://www.urtadmins.net/groups/"
group: "KLA"
password: "********"
full name: Killers Laggy & Astounding
type: "clan"/"league"/"server"
tag: |KLA|
website:
http://klaclan.comIRC: #klaclan
e-mail:
KLAleader@klaclan.commembers: "KLAleader","Klatuu","Guignol", etc. (logins)
admins: "KLAleader","Klatuu" (logins)
automatic: group_id reg_IP reg_date last_change
this will be used :
- to have clans tag protection.
- to have "members only" servers for clans or leagues.
- to protect rcon use.
GAME SERVER SIDE
Game server configuration
The server will use these cvars:
set UAA_cheaters_protection 1 // refuse banned IPs and logins
set UAA_nicknames_protection 1 // refuse stolen nicknames
set UAA_tags_protection 1 // refuse stolen clan tags
set UAA_groups_only "KLA,etc" // require to be member of one of these groups
set UAA_groups_admin_rcon "KLA" // require to be admin in groups to use rcon
set UAA_passports_level 1 // 0 not required - 1 registered - 2 active - 3 well known - 4 fully verified - 5 master
example 1: UAA_cheaters_protection set to 1 and all others set to 0 => the server is public, but cheaters (detected by IP and login) will be kicked
example 2: UAA_groups_only set "KLA" => only players registered in KLA group can play.
example 3: UAA_groups_admin_rcon set to "KLA" => clan has fired a member, and have delete his login of admin list in group at UAA : the fired player can't use the rcon.
example 4: UAA_passports_level set to 2 => Only "active" players can enter : they have played more than 30 days the last year on UAA servers...
We could have a public sv_vars giving automatically the server status. This status should be print in logs by server on round start, be in status request, and should be used in the game servers list.
sv_punkbuster => "3"
// "public server with UAA protections"
sv_punkbuster => "4"
// "pro server for UAA registered players only"
sv_punkbuster => "5"
// "private server reserved to a UAA group"
We will use sv_punkbuster cvars to propagate this values cause we will not have to change the q3 master server for that.
Whitelist
Why not add a whitelist to let a server admin protect their players : UAA_whitelist.txt :
// UAA_whitelist.txt
// these UAA passports s will be always admitted
toto
klatuu
alfred
// theses IPs will be always admitted
212.120.13.0
212.120.13.5
132.120.13.50
Blacklist
A blacklist to let a server admin ban the players : UAA_blacklist.txt :
// UAA_blacklist.txt
// these UAA passports s will be always kicked
kenny
lamerononline
// theses IPs will be always kicked
212.120.13.5
132.120.13.50
IN GAME AUTHENTIFICATION
On connection to game server :
- The UAA Passport client will send a request to the UAA auth server :
nickname + IP + game server IP:port + UAA_passport (Encoded, for security)
- The game server will send a request to the UAA auth server :
nickname + IP + game server IP:port + UAA_groups_only
- The server will received from UAA auth server the answer UAA_login + UAA_validation + UAA_message + UAA_user_message.
Note: The system must work even if the UAA server is down : so the player will enter, and be kicked (if needed) only when UAA auth server will answer to the game server.
So, if needed, the player will be reject or kick by the game server with this message (for example) :
Server UAA protected : your UAA login is banned
Note: Woekele speak about using ioq3 auth scheme :
ioq3 sources : client : cl_main.c > description of the basic auth system
AUTHORIZE_SERVER_NAME "authorize.quake3arena.com"
PORT_AUTHORIZE 27952
This is what I have made (Kalish).
The UAA_login, UAA_validation and UAA_message should be printed in the game logs to be used by servers bots or stats tools.
HOW WORK PROTECTION
1 - Anticheat Solution
We are building a real anticheat solution in the UAA PAssport Client. So people who want to enter on a UAA protected server with passport control will need to use it. If a hack is detected, the Passport account will be automatically banned.
So, to try o see if you are ready to escape, you will need to create an account, and it will be banned. So UAA will have information about IP and account captured dya by day... and will verify directly if the player IP is not well known...
2 - Players ranks
People will really want to have an identity using UAA Passport :
This identity level will be displayed in game after the name during connection process, and in logs (for bots), and in website too :-)
We will have an algorithm for each level, this will be like in forum : more you play, more you are well known, more you have a rated rank.
3 - Paypal
People who want to help us can make donation. This donation will give us also "real" information about them. So we will considered them as surer player than others, and give them verified rank. So to access to high-level rank, you will need to pay and to play. This like in the real community.
Note: TwentySeven : "when payment is received you should record some identifiable information about how they paid. So you can track one buyer buying multiple keys".
UAA DATABASE
Following cheaters
On each servers authentification requests, we will log in UAA database :
time (timestamp of request)
server_op (server IP:port)
player_name (client nickname in game)
player_ip (client IP)
player_id (if available)
