mrenbarger87@hotmail.com 1 Posted October 14, 2012 Through trial and error I have been able to teach myself what to look for in my vilayer server log files and then ban hackers accordingly. I know that there is stil many more things I need to be looking for to get them all (even though you really cant ever get them all). Does anyone know of a list of things to watch for in certain log files to spot hackers? I have tried googling this subject to no luck. Does having 1.0000 in setdamage.txt log mean someone is hacking? Does appearing in the setpos.txt log mean someone is hacking? There are so many questions and zero answers out there for me to gain knowledge from. If any experienced admin can offer me some assistance you will certainly gain some beans.Thanks Share this post Link to post Share on other sites
Shaok 11 Posted October 14, 2012 The thing I'm doing is looking for the scripts that hackers generally use, and then copy paste portions of that particular script into the "find" box in the logs. That is my personal method right now because I dont really know a better way. I believe though that there are some scriptters that can make their scripts not appear in the logs completely based on the bypass they are using. 1 Share this post Link to post Share on other sites
Derpy_Hooves (DayZ) 4521 Posted October 14, 2012 The thing I'm doing is looking for the scripts that hackers generally use, and then copy paste portions of that particular script into the "find" box in the logs. That is my personal method right now because I dont really know a better way. I believe though that there are some scriptters that can make their scripts not appear in the logs completely based on the bypass they are using.Basically what i do aswell. Takes a little work but it sometimes pays off! Share this post Link to post Share on other sites
treshold82 28 Posted October 14, 2012 Through trial and error I have been able to teach myself what to look for in my vilayer server log files and then ban hackers accordingly. I know that there is stil many more things I need to be looking for to get them all (even though you really cant ever get them all). Does anyone know of a list of things to watch for in certain log files to spot hackers? I have tried googling this subject to no luck. Does having 1.0000 in setdamage.txt log mean someone is hacking? Does appearing in the setpos.txt log mean someone is hacking? There are so many questions and zero answers out there for me to gain knowledge from. If any experienced admin can offer me some assistance you will certainly gain some beans.ThanksSo far having 1.00000 on setdamage.log multiple times is a result of hacking - I have seen people getting insta-killed and players reported guy repairing vehicle without anything and driving it through the walls etc and seeing that value at the same time on the logs. So far banning those ending up spamming setdamage.log is been successful and no complaints yet :DI have noticed alos that if there are multiple lines like +10 on the setpos log about same guy then it's sure hacking. Sometimes moving with vehicles can trigger that log too. Share this post Link to post Share on other sites
mrenbarger87@hotmail.com 1 Posted October 14, 2012 (edited) The thing I'm doing is looking for the scripts that hackers generally use, and then copy paste portions of that particular script into the "find" box in the logs. That is my personal method right now because I dont really know a better way. I believe though that there are some scriptters that can make their scripts not appear in the logs completely based on the bypass they are using.Can you by chance post a website or something that I can reference from? I have tried looking up known script hacks but still no luck : / The only thing I currently have is watching my logs and my friends logs and then cross referencing that to the rest of the logs to see if anything is different and then making judgement calls. But making judgement calls isnt the best way to go about this.EDIT : I just came across this on my server while using gotcha anti-hack - 18:33:19 - RemoteExec Log: #1 Allden (af091c8549f07a6da1aff2b927fb298a) - #70 "this enableSimulation false;this allowDammage false;this disableAI 'FSM';this disableAI 'ANIM';this disableAI 'MOVE';"I kicked him. Should I ban for this? Edited October 14, 2012 by r33tm0nk3y Share this post Link to post Share on other sites
Shaok 11 Posted October 14, 2012 yup, thats a god mod, albiet a crappy one. Share this post Link to post Share on other sites
Frop 33 Posted October 15, 2012 I found that 99,9% of the entries in setdamage and setpos seem to be legit. Only once did I find someone with multiple entries in setpos.log which indicated he went all over the map in a matter of minutes. setdamage.log is heavily spammed by people in vehicles (it seems like every little bump in the road does 0 damage and still gets logged) and setpos.log has the occasional entry of people zombielogging and getting reset a few meters to their last synced position. Share this post Link to post Share on other sites
mrenbarger87@hotmail.com 1 Posted October 17, 2012 I stopped banning for the entry above. I am currently banning for anything to do with "1.0000000" in the set damage log, most entries in the setpos log, and allowing gotcha antihack to ban teleporters & weapon hackers. Its frustrating but necessary. I also enable the community bans so that other servers dont have to ban the same hackers as I do. I hope that with the 20+ hackers I ban daily that our server is doing its part for the community of dayz. Share this post Link to post Share on other sites
dmex 32 Posted October 17, 2012 EDIT : I just came across this on my server while using gotcha anti-hack -18:33:19 - RemoteExec Log: #1 Allden (af091c8549f07a6da1aff2b927fb298a) - #70 "this enableSimulation false;this allowDammage false;this disableAI 'FSM';this disableAI 'ANIM';this disableAI 'MOVE';"I kicked him. Should I ban for this?No, that specific text is executed by dayz on all players during the player initialization. Share this post Link to post Share on other sites
