NonovUrbizniz (DayZ) 137 Posted January 25, 2013 Here it goes. I think that the community NEEDS to take this over and it NEEDS to be done soon.Security is for shit, BE is, as far as I can see, doing jack to keep the mod safe, and doing even less to help administrators have ANY kind of power or tools to stop/prevent/detect hacking... It is a total joke at this point...The public hive is not removing hacked in stuff or duplicated tents and there are NO TOOLS for admins to get rid of anything that is CLEARLY not belonging.The are no more support ticket submissions or support ticket replies from hive support.... This NEEDS to be moved to the community.I would absolutely be willing to be a part of it but am currently part of a major project that is eating a lot of my time. I also don't have the expertise needed in all areas...We need to get a community group together, organized, and approved by the Dev Team to take over the mod public hive maintenance and MOST IMPORTANTLY security....I think there needs to be an approved group of Public Hive admins that IF caught cheating in game against legit players or advising team mates (not using "hacks" to administrate their OWN servers) they are immediately banned from play on public hives and their public hive server admin duties are handed to another more responsible admin.I think the original mod NEEDS to stay alive for as long as possible and the ONLY way to maintain order in the public hive is to have a cohesive effort by ALL the admins... Right now I know for a fact there are admins not only who cheat or assist their teammates on public hive servers, but will allow (for a fee) hackers to come on their public server in order to dupe or spawn equipment that they can then sell for use in the public hive...THIS SHIT NEEDS TO STOP.Public Hive NEEDS to be under community scrutiny... Let the Dev team focus on DEVELOPING... Let responsible mods take over the public hive PLEASE!!!! 1 Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted January 25, 2013 If they are not willing to do that than I say offer admins who opt in to IP/GUID ban themselves from playing on their server but gives them more tools to monitor and remove hacked in stuff.I had a thunderdome on my map for over a month, I had hacker ammo boxes ALL OVER my map for weeks, I'd guess there are over 200 glitched/hacked/broken tents (OH BTW WTF is up with sliding tents can we get that fixed? they slide down hill every restart until they hit something and then break)...Now to top of all the insanity I have 2 of EVERY legit vehicle on my map... EVERY spawn point has 2 vehicles, depending on their respawn rates after destruction there can be one there one day (fix and move it) then another one the next, OR they can spawn on the same day and are glitched into eachother...With even the most basic tools I could have seen this happening AS IT HAPPENED... or worst case REMOVED THEM MYSELF... but no, I can't be trusted according to BE or Arma or the Dev team or whoever...The mod is falling apart thanks to hackers, and the public hive is the MOST exposed... at least private hives can use some tools provided by the hosting companies... but even then If you try to develop your own modding tools that might actually be effective you can end up Global Banned by BE... For trying to keep your server safe for the people playing on it.Me and my friends have been paying for this server for 5 months, and haven't ever asked for a donation, we LOVE this game, but at this point we can't even play on our own server because if we get hacked... we're fucked....I have squads playing legit on my server spending HOURS fixing helicopters... they log off... and withing an hour some dick hacker can come on spawn all the vehicles to him and blow them up, or TP to them and blow them up, or crash them all, or whatever... I'm LUCKY if there are actual records of half of what happened... I can say this... from regularly reviewing my logs and having a few friends try things to see what gets caught and what doesn't I can say with 100pct certainty that ANYONE can hack on ANY public server and if done with even a touch of intelligence the admin will have NO WAY WHATSOEVER of proving you hacked.. Share this post Link to post Share on other sites
Guest Dwarden Posted January 26, 2013 (edited) BE bans thousands cheaters / dayBE filters offers ya quite powerful weapon against most of script exploit abusehttp://dayzmod.com/forum/index.php?/topic/119953-battleye-server-side-filters-update/BE filter logging allows you discover even more cheats and use e.g. perl script with regex to handle them via parsingplus you can always improve your server side scripting Edited January 26, 2013 by Dwarden 2 Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted January 26, 2013 I can't even begin to explain how honored and thankful I am for your reply Dwarden.I would also like to thank you for your undying dedication to keeping it clean.I am going to go through the link you've posted and lock down my Server as much as I can.My complaint however would be that everything in the DayZ/BE community seems to be maze,.. and a lot of it is documented from an experienced programmers perspective IMO. I can get through SOME of it, but I have a lot more experience than most, but FAR FAR less than is required.I wish there was someone with the knowledge and experience who could document what options are there and how to go about setting them up. Share this post Link to post Share on other sites
domistyle 221 Posted January 26, 2013 I am quite happy with BattlEye, only problem is that the cd keys are so cheap. ;)Anyway, I agree that whoever is responsible for the public Hive should get some help.I am waiting for my new instance ID for a week now and I guess it will still take another 2 weeks.Beside that it's really annoying that the Hive isn't even able to see which cars/tents/buildings are legit and just saves all of them.So you always have to remove them manually if you want to clean up the world.I know that the devs want to switch to private Hives but I still believe in public Hive and I still think it's a pretty awesome idea and I will keep hosting a public Hive server till the public Hive is gone. Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted January 26, 2013 Maybe public hive hosts can all move to one outside hosting service that offers public hives on their common map servers?Best of both worlds then I guess... I know dayz.st has public hive option which makes player states transferable between other dayz.st servers with the same map...At the very least I wish there was more information on the plan moving forward or support in general.I think they are NOT providing new service tickets period. No New ones and existing server hosts registered don't get their tickets answered... as far as I understand it the only people in the dayzdevteam that are left working on the mod are focused ONLY on the community update builds. No support for what exists only focus on improving the next version... I may be wrong though... As I stated above I find this community to be very unorganized and hard to find. Share this post Link to post Share on other sites
FiX (DayZ) 17 Posted January 27, 2013 Maybe public hive hosts can all move to one outside hosting service that offers public hives on their common map servers?Best of both worlds then I guess... I know dayz.st has public hive option which makes player states transferable between other dayz.st servers with the same map...At the very least I wish there was more information on the plan moving forward or support in general.I think they are NOT providing new service tickets period. No New ones and existing server hosts registered don't get their tickets answered... as far as I understand it the only people in the dayzdevteam that are left working on the mod are focused ONLY on the community update builds. No support for what exists only focus on improving the next version... I may be wrong though...As I stated above I find this community to be very unorganized and hard to find.A lot of hosts have their own 'public hive' that link clients servers together. What would be great is to get a unified 'public hive' that everyone would be able to use, most likely using Bliss Hive. 1 Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted January 27, 2013 I like the unified idea but making everyone use Bliss is silly IMO. I'm only just getting into the backend of things but as far as I can see Bliss isn't by any means the best possible or maybe even available. I don't really know enough to judge at this point though.I think it is important to have all the server host "public" hives unified so they are actually public hives for each map. Maybe the map creators can set up a public hive schematic that ALL the hosts can then integrate... However I think the problem is some hosts use different Hives enable installs on their servers...I'm working with someone on porting a map now, we're almost done with the map, loot, zombie, and vehicle spawns, have the extra building drops mapped out just have to line them up... Next step will be to start working on supporting the various hives ourselves...One HUGE problem we're running into is that with all the different client side install options it's pretty hard to make a unified install package...Steam, Disk, DL, Demo Arma2OADirect Install, Six Updater, Play with Six, DayZCommander...due to all those different install options there are literally 20 different ways you have to install the client side... it's REALLY stupid IMO... It also ruins the quick key switching for those of us that have dl'd PMC and BAF... Paid 20 bucks to lose the ability to hot switch characters... AWESOME... Share this post Link to post Share on other sites
FiX (DayZ) 17 Posted January 27, 2013 Most providers use Bliss already as their choice of private hive software. From what I've seen, it is the most feature-rich and compatible solution.Ayan4m1 had a special site set up already (BlissRepo) for developers to upload their packages, which can then be compiled into the server by using the package manager to install the package.The unified public hive would have one database per map, and probably a global ID system (like the one that already exists with the current public hive). Bliss has built in support to allow more than one server per database and share inventories across them, like the current public hive.In my opinion, Bliss would be the best choice because of the extensive testing, mass of features and compatibility that has gone into it.DayZ.ST, Survival Servers and Vert Hosting definitely use Bliss. ViLayer uses a modified version of Bliss as well. Share this post Link to post Share on other sites
theirongiant 200 Posted January 28, 2013 (edited) I've just rented a dayz.st private hive server and looking at the db I can't see any reason why it wouldn't be possible to query for details of player, vehicle and deployables every minute and store them so the admin have a replayable record of all in game actions. With a bit of effort you could alert for anything that seems to indicate unusual activity. Players moving over 2km/min with no vehicle within 10m, high numbers of rare items being picked up, players bee-lining towards tents they don't own or towards players they shouldn't be able to see, unexplained blood recovery. It wouldn't be perfect and it wouldn't catch everything but it could be a useful tool to have. Edited January 28, 2013 by theirongiant74 Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted January 28, 2013 Yeah all that already exists for private hive admins... You can make it so literally if ANYONE on the server who even trys to run ANY hack dies immediately and is banned... Private hive security is only a problem if no one puts the effort into hashing out all the tools and options available... With some of the tools out there someone with some serious logic coding experience could make an "auto admin" program that would make VERY few errors...there are already ones out there that spoon feed admins with a constant read/interpretation of the DB LIVE... The built in tools for admins on most servers are OK.. but if you DB access there are 3rd party tools out there that give you TOTAL control and reduce the workload tons...When I finish the first phase of our current project I will start going through all the options available and do a LONG post about the merrits and faults of each one... If I can get my head around everything and my friend will get involved in the project I think we could make one that would basically AI admin.. and it shouldn't be that hard... Cheaters are not very smart and their behaviors don't vary very much.MORE ON TOPIC...I think I have a viable idea for a true public hive moving forward if the DayZ Team decides to drop the public hive...I'm not going to get too into details about the idea, but if anyone is interested in helping out (it will be a decently big project) and wants to hear a LITTLE more PM me.I think this could be the solution not only to public hive but to a LOT of problems that are tied to the different DB structures and Map ports in general... It will make customizing every level of the server/DB/map/spawns VERY easy and allow for drastically different takes on every map depending on what the individual server admin wants... It should also DRASTICALLY reduce the time for all the DB structures to support addition of new map ports, and client installs.... Share this post Link to post Share on other sites
FiX (DayZ) 17 Posted January 29, 2013 NonovUrbizniz, you've got a PM :)I'd just like to mention that Bliss has a rigid DB structure - it doesn't change no matter what mods and worlds are running on it, even if extra systems (like DayZ+'s building system) are added. Share this post Link to post Share on other sites
VRocker 6 Posted January 29, 2013 The public hive server really needs redoing, the current implementation sucks for several reasons.Firstly, like you have said, there is no control over the objects database. The reason for this is down to how its implemented on the server. All of the objects for every server is stored in a single table with a field for the instance ID of your server, so giving people something like phpMyAdmin to the objects db is totally out of the question. It could probably be done with a fancy web panel which runs sql queries based on your instance ID to give the ability to add/remove/modify objects but its a lot of work and could probably be exploited.Secondly, the security of the public hive is REALLY bad. Like i said, all objects for all servers are stored in a single table. Because of this, every server has full read/write access to that table (and entire DB infact) so anybody who feels a bit malicious and has half a brain can actually destroy all the objects and even all the player info in the hive. 1 simple SQL query given to the hive server can cripple every public hive server until backups are restored (if backups are even taken). By cripple i mean every player would become a 'new' player and no server would have objects on.The only security DayZ has against this is the IP whitelisting for servers, this stops the average nab at home from connecting and hacking the database but not people who have dedicated servers and have applied for whitelisting. This is pretty bad when you consider the MySQL login details are stored in the client (they are obfuscated but doesn't take more than 5 minutes to get as plain text).Ideally every server should have their own Objects table where the owner can have access to to modify and remove bad/hacked objects. This wouldn't stop someone deleting everybody character info but it would keep objects intact and it would give server admins better control.Yes, i know the next version of DayZ has protection in against writing 'bad' objects to the database (i have applied these fixes to my own server) but it doesn't stop hackers teleporting them off the map where they will never be seen again.Also, the DayZ community banlist did stop a few hackers for a while but these days seems to be flawed seeing as cheaters can inject cheats into other peoples clients to mask their own malicious activity. Server admins then report legit clients using cheats when they are not and they get banned for it. Lovely. The filter scripts do help to keep a few script kiddies at bay though.I do agree with you that there do need to be some 'Hive Admins' who can deal with the current problems though. I'd be willing to volunteer as i currently run 3 private servers based on the official HiveEXT.dll so my databases are identical to the official hive. Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted January 29, 2013 NonovUrbizniz, you've got a PM :)I'd just like to mention that Bliss has a rigid DB structure - it doesn't change no matter what mods and worlds are running on it, even if extra systems (like DayZ+'s building system) are added.Recvd and I'm really excited to have a chat with you... I'll pm you our new TS details in the next day or two, we have to get this current project done.I'm not the DB expert but I've floated my ideas to the guys I'm working with who are a little more familiar with bliss and DB's in general and they understand my concept and think it will work... although to be honest if bliss doesn't work well with my idea I have a feeling it will go bye bye and take it's problems with it... My idea will make server and client side installs/mods/ and some other stuff MUCH more streamlined which generally means it will be adopted... it's not a replacement or a competitor to them or what you've got going with the universal public hive though.... I can't be sure again, the guys who know enough to really think out my idea and myself are all focused on our current project.Only reason I'm being evasive about details is that it is something that could be monetized without stepping on anyone's toes and I think once the concept is out someone smarter than me could do it EASILY... This is something that ANYONE reading who is moving forward with their own projects (whether it's open source project or retail license) for:BanlistsAdministrator toolsDatabase StructuresMap PortingExisting Map Customization Should PM me and next week (hopefully pending completion/release of our project) I will give out some TS details where we can discuss some things.... I might be done with my portion earlier but we have to do testing to so it depends on the turn around for that to be possible. Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted January 29, 2013 The public hive server really needs redoing, the current implementation sucks for several reasons.Firstly, like you have said, there is no control over the objects database. The reason for this is down to how its implemented on the server. All of the objects for every server is stored in a single table with a field for the instance ID of your server, so giving people something like phpMyAdmin to the objects db is totally out of the question. It could probably be done with a fancy web panel which runs sql queries based on your instance ID to give the ability to add/remove/modify objects but its a lot of work and could probably be exploited.Secondly, the security of the public hive is REALLY bad. Like i said, all objects for all servers are stored in a single table. Because of this, every server has full read/write access to that table (and entire DB infact) so anybody who feels a bit malicious and has half a brain can actually destroy all the objects and even all the player info in the hive. 1 simple SQL query given to the hive server can cripple every public hive server until backups are restored (if backups are even taken). By cripple i mean every player would become a 'new' player and no server would have objects on.The only security DayZ has against this is the IP whitelisting for servers, this stops the average nab at home from connecting and hacking the database but not people who have dedicated servers and have applied for whitelisting. This is pretty bad when you consider the MySQL login details are stored in the client (they are obfuscated but doesn't take more than 5 minutes to get as plain text).Ideally every server should have their own Objects table where the owner can have access to to modify and remove bad/hacked objects. This wouldn't stop someone deleting everybody character info but it would keep objects intact and it would give server admins better control.Yes, i know the next version of DayZ has protection in against writing 'bad' objects to the database (i have applied these fixes to my own server) but it doesn't stop hackers teleporting them off the map where they will never be seen again.Also, the DayZ community banlist did stop a few hackers for a while but these days seems to be flawed seeing as cheaters can inject cheats into other peoples clients to mask their own malicious activity. Server admins then report legit clients using cheats when they are not and they get banned for it. Lovely. The filter scripts do help to keep a few script kiddies at bay though.I do agree with you that there do need to be some 'Hive Admins' who can deal with the current problems though. I'd be willing to volunteer as i currently run 3 private servers based on the official HiveEXT.dll so my databases are identical to the official hive.I don't have the time to through all of this but some of the statements you make are flawed. The vehicle ID position and contents are all stored server side, the hive only checks to see if the allowed number of vehicles are there which it screws up on a lot and they have to go through and run a script to remove duped stuff and illegal set pieces (cargo crates, ships, thunderdomes etc)... SOMETIMES you can get away with shutting the server down for a couple minutes and restarting it and upon reconnecting with the hive it detects banned items and removes them but it does not clean out the duped tents or the duped unbanned vehicles....Public hive vehicles are server side, for example the UH1 has 5 or however many possible locations on a public hive server in chernarus, but on each server they spawn in the same spot EVERY time they get destroyed...Originally due to the spawn chance percentage you weren't guaranteed to EVER have one spawn, and if it did and no one accessed it that day it did not become get stored as existing on your server... someone had to save the vehicle... so it would be gone after the next restart and it would be a throw of the dice every restart after that as to whether or not it would spawn again....Only when it's been accessed and manually saved by a player did it save as a persistant vehicle. Then again it's location is stored on the server... that's why only gear transfers from server to server in the public hive not vehicles and tents.... ONLY player location and equipment and health are stored in the Public Hive... The rest of it just checks to ensure that the server's DB isn't corrupted with banned items.Banlist is spotty, BUT I have a good feeling that "Doc" is going to keep Banzlist going and keep it improving... so there are two resources and one that is VERY active.... MUST GET BACK TO WORK.... 1 Share this post Link to post Share on other sites
VRocker 6 Posted February 5, 2013 I don't have the time to through all of this but some of the statements you make are flawed. The vehicle ID position and contents are all stored server side, the hive only checks to see if the allowed number of vehicles are there which it screws up on a lot and they have to go through and run a script to remove duped stuff and illegal set pieces (cargo crates, ships, thunderdomes etc)... SOMETIMES you can get away with shutting the server down for a couple minutes and restarting it and upon reconnecting with the hive it detects banned items and removes them but it does not clean out the duped tents or the duped unbanned vehicles....Public hive vehicles are server side, for example the UH1 has 5 or however many possible locations on a public hive server in chernarus, but on each server they spawn in the same spot EVERY time they get destroyed...Originally due to the spawn chance percentage you weren't guaranteed to EVER have one spawn, and if it did and no one accessed it that day it did not become get stored as existing on your server... someone had to save the vehicle... so it would be gone after the next restart and it would be a throw of the dice every restart after that as to whether or not it would spawn again....Only when it's been accessed and manually saved by a player did it save as a persistant vehicle. Then again it's location is stored on the server... that's why only gear transfers from server to server in the public hive not vehicles and tents.... ONLY player location and equipment and health are stored in the Public Hive... The rest of it just checks to ensure that the server's DB isn't corrupted with banned items.Banlist is spotty, BUT I have a good feeling that "Doc" is going to keep Banzlist going and keep it improving... so there are two resources and one that is VERY active....MUST GET BACK TO WORK....Vehicles are stored on the public hive actually, they get grabbed from the hive and cached on the server on server start. When you apply for a hive server they simply run a script which adds the vehicles to the Object_DATA table on the hive with your instance ID. The reason vehicles don't travel between servers is because the object is mapped to its instance ID. If you look at the hive calls the HiveEXT.dll does on connect you will see that it sends the following query:'SELECT `ObjectID`, `Classname`, `CharacterID`, `Worldspace`, `Inventory`, `Hitpoints`, `Fuel`, `Damage` FROM `object_DATA` WHERE `Instance`=<yourid> AND `Classname` IS NOT NULL'This grab all the objects, both vehicles and tents, from the object database. The server then caches these so it can stream them in and out without raping the hive. Here is a screeny of phpMyAdmin for my hive (which is set up identical to the public hive) http://imgur.com/6JxsCz4 On the public hive those ObjectIDs are in the millions (which caused the vehicles not working on some servers a few months ago).It would be good if vehicles were stored server-side and read from their own DB on launch to reduce the load on the hive server. Afterall, the hive is 1 huge MySQL database, last i looked the player_DATA table was 22GB in size so anything that reduces load on it would be a good idea.The spawn chance doesn't seen to work these days. I cant see any code to handle that so my guess is the 'chance' is a script on the hive-maintainers side which gradually adds vehicles to the db using your instance ID. That's how some private hives do it too so it seems likely the public hive would do it too.Now 1.7.5.1 is out this should help with some 'illegal' objects being published to the public hive anyway since it has a small chunk of script which verifies the object is valid before it will pass it off to the hiveext to do an INSERT query. so no more thunderdomes being saved to the hive! (think they can still spawn but not be persistent) Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted February 5, 2013 Wow lots of good info and points. I still see a few flaws though. I'm frankly not versed enough to ramble it off, and don't have the time to look at it properly.On 1.7.4 thunderdomes and ammo crates could get removed pretty easily. you stop the server and on reconnect to the hive it wipes them. I have an odd problem of double legit vehicles... so i'm imagining (don't have sql access) that there is something tricking the hive into not removing duplicate instance ID's...Also where you talk about spawn chance... spawn chance isn't really random on the public hive. when you chernarus.pbo is generated you get a random number of spawn points for the approved vehicles... From there on unless you do a server wipe those vehicles wil respawn in that same location EVERY time they are destroyed... If you have the Myshinko Hilux and it gets blown up it will get respawned there after a predetermened space of time (judged at restart)...In the BEGINNING the random vehicle spawn made it so that LOTS of maps didn't EVER get a helicopter because the spawn point wasn't ever put there on the creation of the map.pbo... they then did an update later so that EVERY server was guaranteed to have 1 UH1 (this is back when that was the only heli).Either way... My main points are these:1. At some point the official public hive WILL be dropped by Rocket/DayZ2. Security and admin abilities BLOW HARD on the public hiveI've been talking to vert on our TS3 server and I welcome anyone else to join the fray... right now we are mostly focused on updating our recent Map Beta Release to the next version... so focus on public/private hive security/future is on the back burner for us... Private hive security is solved if you know what you're doing (I don't so don't PM lol)... BUT the server host public hives should be unified somehow so there is a "private" public hive for chernarus ready to go when the official one drops out...TS3 details for anyone who want's to hop on... We are in the middle of developing a map port and configuring multiple servers so we are on and off a lot... cifordayzserver.guildshout.com:9995For access to the admin/development channel please PM or email or poke "NonovUrbizniz" if I'm on the ts3 server. Share this post Link to post Share on other sites
NonovUrbizniz (DayZ) 137 Posted February 8, 2013 lol... so seriously... what are we going to do?I updated to 1.7.5 with the script updates and got teleported and killed by the ONLY other player on the server and when I joined back in it was daylight....Even the most basic of monitoring tools could stop ALL of this from happening, much less admins with actual powers... GIVE ADMINS TOOLS.... LET USERS REPORT ADMIN ABUSE ON PUBLIC HIVES.STOP TRYING TO JAM YOUR FINGERS IN THE BUSTED UP DAMN HOLDING BACK THE OCEAN OF HACKERS. GIVE US SOME FREAKING TOOLS!!!!!!!!!!!I've made a promise to keep the public hive server I run up until the public hive is shut down.... but at this point it's literally an exercise in futility... anyone who is a legit player and cares just gets boned by hackers and there is nothing I can do about it... It seems to me that we're just being taken advantage of to test anti-cheat software for the standalone... I might be paranoid but why else is there NO effort to quell hacking on the public hive? 1 Share this post Link to post Share on other sites