How we run UK105, And why we don't have hackers.

[DatenThielt 11]

I have seen numerous posts on the forums from admins/players , Complaining about hackers. Now whilst I know that some people do not have access to their own server files, I would urge you to consider hosting it yourself, rather than paying a company to do it for you. I will a few pro's and cons to each.

Pro's of having it hosted elsewhere:

• Its 100% managed hosting
  
• It can SOMETIMES (will explain in a bit) be cheaper depending on your country.
  
• Usually the company have great support.
  

Con's

• You have no access to the server files
  
• You get updated when the hosting company gets around to it,
  
• Whilst it is 100% managed, You have about 5% control
  

UK105 hosts a consistent 40 Players. In the past month we have had 1 hacker, and that hole has been plugged. AND to top it off, We keep hackers at bay, By enabling a few simple scripts, having some external programs (BEC, RCon, BattlEye, Live GUID Checking) And some restrictions as well, If there is a signature check file that failed on a player, why risk it? We just don't let them in (This has about a 10% false alarm rate, The player only has to try and log in again and it always works), If a GUID does not verify, We dont let them in. We keep our server running fast with 3 scheduled restarts a day, that have warning timers for players in world. And we support our players VIA email all the time. We have issued 1 Ban for that 1 Hacker. we ALWAYS keep battle eye up to date, and we know 80% of the community use a launcher of some kind or another, so we always keep up to date with the same version as everyone else, minimising the downtime!

I honestly cannot believe, that If we can reduce the amount of hackers to pretty much none on our server, that other admin's cannot do the same. Yes there are about 2% of hacks out there that bypass battle eye completely, but its nothing that can do some of the stuff I am seeing on here (Spawning all players to x, Removing all weapons from x, spawning vehicles that should not exist).

We research all hacks available, Every good security guard/programmer/whatever knows that if you want to defend against attacks, you need to know what your going up against, we actively search for those hacks that can effect us, and then look for a way to block that hole.

Sorry for the WOT, But I just had to get my 2 penny's out there, I simply cannot believe that some people are being hacked every day, every hour, and yet we are not!

[Edit]

Please note, we are not saying we are an un-hackable server that has defended everything and are the best, This is not the case as some people are trying to make out, No company in the world can defend from every attack and neither can we. We simple are trying to help all server admins defend their servers the best they can with the tools that are available, to those who want to listen, As stated if and admins want help/advise, we are more than happy to help.

Cheers

-Daten

Edited August 2, 2012 by DatenThielt

[i_deadly_i 10]

lol, yesterday the server was full of hackers. Cherno blew up. And there was like 10 chopters hovering about

[DatenThielt 11]

lol, yesterday the server was full of hackers. Cherno blew up. And there was like 10 chopters hovering about

Lol, I think not. There are 3 clans on our server that constantly keep us updated. Plus we were playing last night, So unless you have some proof, stop trolling.

[ryahn 112]

I am just curious unless I am missing something. What or how do you get live guid checking? Also I have never been able to get battleye to kick people for unverified guid players

[DayZ UK 5]

I am just curious unless I am missing something. What or how do you get live guid checking? Also I have never been able to get battleye to kick people for unverified guid players

Research > Google > Result

[Gogster (DayZ) 626]

There's little information on the BattlEye website - but it would be good to get a knowledge base going (perhaps an anti-cheat forum?) for configuring custom checks (MD5) using BattlEye (if it even has that feature?).

[@ndreas 15]

lol, yesterday the server was full of hackers. Cherno blew up. And there was like 10 chopters hovering about

... as in every PvP game I have ever played, some people tend to shout "hacker" if they encounter things that look strange or meet guys that seem way too overpowered (because they have great skill).

"Wait, those guys killed me instantly while being covered from all sides? They must be hackers!1111"

I don't say that happens every time, but I experienced a lot of that "false alarms" just due to the fact that not enough knowledge about game mechanics and tactical team-play existed.

[ryahn 112]

Research > Google > Result

I have tried googling and it doesnt seem to bring the results I am looking for. I guess I will have to try some more later when I'm not tired

[173 3]

Yes there are about 2% of hacks out there that bypass battle eye completely,

Oh dear. You have no idea.

[TheWeedMan 132]

Instead of blowing your own trumpet why not share ur knowledge with other admins....me included ;)

[Gogster (DayZ) 626]

I wonder whether this forum could do with a hidden forums for verified server admins to exchange knowledge of scripts/checks/anything else that keeps their servers safe?

Forum team what say ye?

[kawaiigirl42069666xxxxxx 34]

Okay. Except most people don't have the processing power or bandwidth to host a 40-man server 24/7?

[Gogster (DayZ) 626]

Okay. Except most people don't have the processing power or bandwidth to host a 40-man server 24/7?

Is that a reply to me or to the managed server point from the OP? I assume the latter and agree, you would need to go with a good GSP.

[Orcworm 18]

Okay. Except most people don't have the processing power or bandwidth to host a 40-man server 24/7?

Not sure what you're getting at since practically no-one runs their server at home. The £50 you pay to a GSP could net you a proper dedi that would be more than capable of running a dayz server among other things.

[DatenThielt 11]

Exactally, And not just that, For about £30 a month, you can actually set up a 6 core , 6GB VPS , This is currently how we host our second server, And its running just as stable as our Dedicated with 40 players. So that is why I state that there is cheaper alternatives, You just have to choose the right VPS provider, We used 123-reg for the UK, Completely configurable VPS. That is reliable and runs a DayZ server very well. Also We dident make this post to blow our own horn, We simple wanted to tell people how we have been running our server, Any Admins that want any advise can feel free to I'm me and I will be more than happy to help!

[Gogster (DayZ) 626]

I will, once again, state the case for Gaming Deluxe (http://www.gamingdeluxe.co.uk) given DatenThielt's post. We have had CoD, CoD:UO, BF, DayZ and all sorts of games servers on our dedi-box. The support is excellent and responsive.

Well worth a look.

[gwbrewer 49]

Instead of blowing your own trumpet why not share ur knowledge with other admins....me included ;)

Pretty much this.. When you come on here and promote your server over the community you get "douchebag listed" When someone asks you about where to find or configure this stuff the answer is "google --> research" HAHAH, you're worse than a hacker.

[Gogster (DayZ) 626]

Pretty much this.. When you come on here and promote your server over the community you get "douchebag listed" When someone asks you about where to find or configure this stuff the answer is "google --> research" HAHAH, you're worse than a hacker.

That answer came from a different poster.

Lets not let this descend into a flame war - server admins need to exchange information as much as possible.

[Grufftech 10]

If there is a signature check file that failed on a player, why risk it? We just don't let them in (This has about a 10% false alarm rate, The player only has to try and log in again and it always works), If a GUID does not verify, We dont let them in.

What server settings do this?

[GhostSe7en 20]

Research > Google > Result

How about you research, google, and post the result for everyone?

In all honesty, a lot of people who are server admins (i'm going to guess 70-80%) have never had to work against a system, that was built in such a way it was born for being hacked. It is a MOD based on scripting, with a security function developed by one man and helped with by a select few.

If the ability to just google "How to stop hackers from DayZ server abuse" was listed, and even half the people knew how to implement fixes I would imagine a lot of this would be done already.

So no, googling the shit isn't going to work. People need help from the devs to battle this, or just let it continue to slide downhill.

DayZ isn't going anywhere, but If they are already getting beaten to the punch from other companies (WarZ / Day13 etc.) I would imagine losing player base may be a priority. Half if not more of the skids get shit on in game, and then again, and then again by hackers. So what do they do? Google "How to hack DayZ".

Let me tell you:

Google: How to hack DayZ has about 20 different sites on how to successfully hack DayZ Mod.

Google: How to defend against hacks on DayZ has 2,000 different threads and 15 websites on how there is NO possible way to defend against it.

So Google in one hand, and shit in the other.

Do you know what you are holding?

A hand full of shit.

[DatenThielt 11]

The Live GUID checker (The most usefull tool of them all) Is part of BEC, In the BEC config file there is an optional parameter. http://ibattle.org/install-and-configure/configure/

# Optional

[Reporter]

User = username

Password = password

In order to get a username and password you need to use the contact address at ibattle.org. And request a username and password, You will receive a link to a registration page, and its easy from there. Just for those would could not find it. This by far has been one of the turning points in our fight against hackers.

Edited August 2, 2012 by DatenThielt

[IMF2000 (DayZ) 29]

How good is the BEC central database? Can't seem to find any good information on this.

Other than that, I think you may be kidding yourself about hackers. We felt the same until 4 turned up with BE bypass.

Not sure how well your system is going to work when they are not already banned.

[DatenThielt 11]

BEC itself has a small amount of detection built in, And so far has not failed us, All I would say to anyone is try it, and see for yourself. Using the methods described in my post we have been able to almost eliminate hackers, We still get the odd one or two a month, but nothing that effects game play.

[Zoop 343]

Or maybe your server is just lucky? The fact that hackers don't frequent it doesn't necessarily mean your security keeps them out, it might only mean that your server isn't frequented by hackers. Yet.

[DatenThielt 11]

Well the frequent attacks we had after posting this , that were rejected seems to state that if you set up the security right, you can avoid most attacks