To all server admins

[Razzle Dazzle 49]

The only solution to hackers in this game is passworded servers. The devs know it and server admins know it.

[notap 16]

What would you have the DayZ team do about the hackers? Even if they lessened any restrictions on what you can do with your server hackers will still be a problem. Its a problem with the game, not the mod, do remember that there is only so much rocket can edit with touching the Arma 2 source code, which as far as I am aware he cant edit at the moment.

Admin abuse is a focus point for the team as they can control what admins can and cant do. They can stop admins from doing unfair things on their servers, they cant stop the hackers, they can make sure that clans dont kick dozens of people off servers for clan members but they wont be able to do much to stop helicopter strafing runs that are firing explosive buses.

Admin control is easy to control, while hackers will continue to find ways around any measure taken against them. People who hack actively seek ways around protection, while admins use the tools at their disposal.

Silent,

I think many of the admins would agree that they host the server, they should control it... simple yet affective if I have a server and a Forum i would happily allow anyone who signed up to the forum to access the server, the password would be RIGHT THERE... and you may be thinking well a hacker could just go on and grab it.... and yes you are right a hacker could but there is effort in signing up to the forum there is effort getting the password and hell the password would change and banning would be easier.... that would be in my opinion an easy solution to culling some of the incessant server hoping hack monkeys out there. might not be perfect but it's something.

[polli 57]

The only solution to hackers in this game is passworded servers. The devs know it and server admins know it.

Passwording a server is forbidden by the rules. So we have to leave our doors open for hackers. Otherwise we get blacklistet.

[-W-Monkey 3]

This will probably get me a slap on the hands but would be worth it...

I think ALL server admins who are sick on the helpless feeling of not being able to provide a "hacker free gaming environment" should pick a 3 day period and all shutdown our servers for the whole 72 hours. Maybe the "community" would realize that we provide the city streets that they love to scavenge. 1 million plus players would have hell trying to play in a handful of servers that were afraid of being blacklisted..........

This doesn't even take into account the accusations we have thrown at us for being abusive or ban-happy from the ungrates that populate our streets. Its time to roll up the sidewalks on Aug.17,18 & 19

Like Ch3shir3 states above: "Im taking a stand, damnit"

Count me in.

our server got hacked so hard the other day it crashed..just saying im tired of having my hands tied

Edited August 12, 2012 by -W-Monkey

[tickle_me_jesus 37]

I'll tell you something even funnier....The script / bypass to download the server config and RCon config on the server you are playing has been made semi-public (this means it has been made public to all those script-kiddies)

You know what that means?

Any script running person that logs on to your server can leech the server config and the BEserver config. The server config will contain the ingame admin password as the BEserver config contains the password to connect to your server through RCon / BeRcon. This gives anyone who has it more or less control over your server.

Oh, and apparently this issue has been know for over a year (ARMA 2 thingie) and easily avoidable. Still the serverhosters out there (Vilayer for one) use the default paths and filenames for every single slotted server they rent out!

dev-heaven.net/issues/20994

forums.bistudio.com/showthread.php?121438-How-to-secure-Your-server-Read-here!/page3&p=1974973#post1974973

So not only do hackers run the show ingame, prepare your slotted gameserver to be taken over. Have fun!

Edited August 12, 2012 by tickle_me_jesus

[MovingShadow (DayZ) 13]

What would you have the DayZ team do about the hackers? Even if they lessened any restrictions on what you can do with your server hackers will still be a problem. Its a problem with the game, not the mod, do remember that there is only so much rocket can edit with touching the Arma 2 source code, which as far as I am aware he cant edit at the moment.

Admin abuse is a focus point for the team as they can control what admins can and cant do. They can stop admins from doing unfair things on their servers, they cant stop the hackers, they can make sure that clans dont kick dozens of people off servers for clan members but they wont be able to do much to stop helicopter strafing runs that are firing explosive buses.

Admin control is easy to control, while hackers will continue to find ways around any measure taken against them. People who hack actively seek ways around protection, while admins use the tools at their disposal.

silent do you even own/rent/admin a server ? Admin abuse is not the only problem. Its BE client and a code problem. Allow us to protect what we PAY for. they aren't doing us any favors its the other way around

Last time i checked this mod wasnt based off the stats of their servers.

let the devs speak for themselves and not try to play the good guy trying to stick up for them.

We don't need a captain obvious we need captain answers

No one is pointing fingers at anyone all we ask we be able to enforce/police our servers without being blacklisted for trying to keep our players on every single server safe.

[MovingShadow (DayZ) 13]

i love how random people come in these forums and off random solutions. get a clue rent/buy a server then talk.

[greigsj2001@hotmail.com 2]

im reading alot of missplaced B.s on this thread , "Oh admin abuse is focus point / stop them from doing unfair things " is any one seeing that this is the problem the DEV team/Rockets atitude is this mod is my vision no one may alter or ruin it while thats just hypacritacle No player should have power in his mind even admins , but by doing so hackers jump in and then start spawning anything they want and forceing players to do there bidding ( dance party the latest way to die ) now as an admin im unrelenting anoyed by the path rocket has went on incramentaly removing admin powers so that now were afectivly janitors on our own servers , when the hackers keep bypassing the safeguards and FISTING US ! , surely the best soulution in the short tearm is to allow us to LOCK or Password our servers untill they figure out a more rubust way to enforce battleye if that not accaptable then let rocket fit the bill for the fucking servers see what happens then

P.s im pretty sure rocket is completely in the dark towards this issue as hes allready admitted in a interview with "sidestrafe" he doesnt play on live servers only on his own private builds so he doesnt get hacked What a shock hes playing with all the powers were denied and is completly oblivios

[Gogster (DayZ) 626]

im reading alot of missplaced B.s on this thread , "Oh admin abuse is focus point / stop them from doing unfair things " is any one seeing that this is the problem the DEV team/Rockets atitude is this mod is my vision no one may alter or ruin it while thats just hypacritacle No player should have power in his mind even admins , but by doing so hackers jump in and then start spawning anything they want and forceing players to do there bidding ( dance party the latest way to die ) now as an admin im unrelenting anoyed by the path rocket has went on incramentaly removing admin powers so that now were afectivly janitors on our own servers , when the hackers keep bypassing the safeguards and FISTING US ! , surely the best soulution in the short tearm is to allow us to LOCK or Password our servers untill they figure out a more rubust way to enforce battleye if that not accaptable then let rocket fit the bill for the fucking servers see what happens then

P.s im pretty sure rocket is completely in the dark towards this issue as hes allready admitted in a interview with "sidestrafe" he doesnt play on live servers only on his own private builds so he doesnt get hacked What a shock hes playing with all the powers were denied and is completly oblivios

Script checking is part of the solution and it's far more productive than moaning in this thread.

[greigsj2001@hotmail.com 2]

yes because i have the time the troll through a big ass log file every day to find the hacker and deal with it ,,,with the limited tool set at my disposal not to mention that your avarage player / server hoster using a company in order to hose there server wont have much knowlage of scripting and the like ,

now no offence intended but that is realy part of dev teams responcabilities

the players should not be forced to clean up after the devs for making fuckups it is within there power to issue one change of codeing that could remedy this problem over night but refuse to do so leading to splintering withing the comunity and the creation of private hives witch isnt in line with "rockets" vision either

Edited August 13, 2012 by Kazaki-D

[jwiechers 92]

Hello everyone,

let me begin by saying that I've just read through the entire thread and I can sympathize with a lot that has been written -- I host several servers myself and I find it hugely vexing that there is very little we can effectively do to stop large-scale hacking, however, S1lentThunder hit the nail on the head with his post in my opinion, both as an admin, as well as a member of the Community Support Staff. The team is currently enforcing a set of rules that is relatively harsh on server-admins because they are the main group of people we *can* actually enforce a set of rules upon -- and misuse by server admins, sadly, is still rampant.

It isn't that anyone, as far as I am aware, is pre-emptively judging server admins, it is that this mod has blown out of all proportions and it is very hard to cope with that. As Matt wrote earlier today, it was thought that this mod tops out at about 600 people, but that wasn't the case. We're at a million unique players and thousands of servers and that means a lot of additional overhead. Things will likely change substantially with the DayZ standalone, but that's not where we're at right now.

Right now, DayZ is a mod for ARMA and that means rocket and the other devs have to deal with a game that is in a certain state and with a protection against hacking that is comparatively weak. They can change little things and are constantly improving the security of the mod as best as they can, but it takes time and some things are simply not possible.

I personally would like to see more power given to admins and better scripting-based hack detection without compromising vehicle locations etc. to the admins, but it's not as simple as you'd think -- just from chatter with some members of the team, a lot of options have been evaluated and thrown out because they'd work for a few days but wouldn't *solve* anything.

Private hives, in my opinion, solve nothing, either, because they don't change the underlying issue: they are in no way more secure. Furthermore, they go against what this game was supposed to deliver.

Edited August 13, 2012 by jwiechers

[Gogster (DayZ) 626]

yes because i have the time the troll through a big ass log file every day to find the hacker and deal with it ,,,with the limited tool set at my disposal not to mention that your avarage player / server hoster using a company in order to hose there server wont have much knowlage of scripting and the like ,

now no offence intended but that is realy part of dev teams responcabilities

the players should not be forced to clean up after the devs for making fuckups it is within there power to issue one change of codeing that could remedy this problem over night but refuse to do so leading to splintering withing the comunity and the creation of private hives witch isnt in line with "rockets" vision either

Not really. DayZ is not unique - when CoD & BF > 2 were popular, we'd implement custom checks into PB and check the screenshots everyday.

It's all part of being a server admin. You can host a server without doing it, but don't expect much sympathy when you come here moaning about the level of scripting going on. You have to be proactive.

The police don't expect criminals to hand themselves in, they have to catch them.

[byteslam (DayZ) 0]

Yes. I have banned 4 people and I reversed it. I have posted every ban in the forums to get help from the devs. I have seen yesterday that one of the players I banned before has now a global ban. And this was after battleye has reversed there false positives. And now you tell me that i do admin abuse. I try do keep my server hack free. Nothing more.

Your sentence sir is unnecessary. Thanks for not answearing the questions for help the admins. You blame admins nothing more. Please stay away from the forums when you not able to manage your job.

I´ve done a mistake and have seen that it was wrong. Now its time that you open your eyes.

Thanks.

I agree, I contacted the support team and even posted logs from possible hacks to get a proof to ban, but no response until now.

This mean as an Admin you are alone and you have to take counter actions to protect the 49 players on your server which would like to play against the 1 script-kiddie. I do perm BAN if I am sure about the person who did it.

should we not exchange BAN lists?

Does it make sens to have a standard way of identify hacks and deliver always the proof along with the BAN file?

This is some work but it will make live harder for script-kids.

what do you think?

[greigsj2001@hotmail.com 2]

@Gogster

well it would apear you have hosted more servers than i in your time and have more experiance in dooing this sort of thing , i on the other hand dont me and 3 friends played DAYz and liked it we desided to chip in and rent a server from the lads at HFB servers now we only run our server when atleast one of us is on to moniter it but i can only use the inbuilt tools to deal with problem players , i dont deal with scripting , or log files or any of that i wouldnt know where to start i havnt doen scripting and game code since college, now if you expect every player to be as up on scripting methodoligy as you are to run a server then your going to be disapointed ,

im not saying your wrong to want people to run a tighter ship in server tearms but it is on the dev's side to make the admin tools as simple to use and accsess as posible , we shouldt have to troll through logs hunting for malisious scripts then having report it here in the hopes something is done , we should just be able to see a player in game , dooing something wrong ie (spawning vehicles) then be able to push a button to report him automaticly , then ban him from your server and allow the powers that be deside on a global ban the tool set was avalable in earlyer builds we had more simplistic ways of dealing with problems but now it seams we have to learn about scripting just to secure our servers and to be fair it doesnt even help the damage is still done , were still left being the janitor and cleaning up after hackers , i spent 2 hours yesterday infact destroying hacked vehicles in game so all the gear within them would dissapear

Edited August 13, 2012 by Kazaki-D

[{sas}stalker 108]

The team is currently enforcing a set of rules that is relatively harsh on server-admins because they are the main group of people we *can* actually enforce a set of rules upon -- and misuse by server admins, sadly, is still rampant.

Then deal with them individually not by blanket hamstringing an entire group of people who predominantly want to help you achieve something great. The current policy is failing because guess what?, despite every rule and regulation you have in place the people who would abuse admin powers will do so regardless of what is allowed and what isnt.

As I have said repeatedly bad admined servers over time die and solve the problem by default. Admin abuse is and always has been a self prophesising problem that ALWAYS resolves itself. Good servers prosper, bad ones die thats a gaming fact that has been true since we were able to host servers. Currently the Dev team is perpetuating the current cheating problem by working against the good admins rather than with them.

Ultimately though its your choice but with each day and patch that passes I and my entire group of exceptionally good / fair admins move further and further away from being interested in hosting this release or its incoming stand alone incarnation.

Edited August 13, 2012 by {SAS}Stalker

[Yshido 34]

I don't have the authority to do so, but the way I read the tea leaves, that will get you blacklisted in short order.

I hope you are wrong. If the server is getting blacklisted, cause it is offline, the devs are getting in real trouble and they will have to pay his server bill at the end. And just in case you are right, I guess it is time to get the devs back on the ground, by suing them. The ingnorance of the dev team is really incredible. Thats my opinion as lawyer ... not as a player or fanboy.

Btw: I just took my server offline, cause it is useless (tents not saving and graphical glitches are making the game unplayable)

[Gogster (DayZ) 626]

Said stuff

It's not as complicated as it sounds. Download your scripts.log file from cfgdayz/battleye folder and run it through the CheatFinder:

http://dayzmod.com/forum/index.php?/topic/42702-cheat-finder-script-parser-for-admins/

Check the lines it picks up against the lines in the log file - once you're happy create a text file, add each line per person you want to ban:

aaaaabbbbbcccccdddddeeeeefffff -1 Reason for ban

Obviously the GUID above is fake. You can add any text after the -1 you like, I tend to put "<player name> banned for cheating, contact Gogster to appeal"

When you've finished append these lines to the end of the bans.txt file in the same folder and restart your server.

It is time consuming.

[Gogster (DayZ) 626]

Then deal with them individually not by blanket hamstringing an entire group of people who predominantly want to help you achieve something great. The current policy is failing because guess what despite every rule and regulation you have in place the people who would abuse admin powers will do so regardless of what is allowed and what isnt.

As I have said repeatedly bad admined servers over time die and solve the problem by default. Admin abuse is and always has been a self perpetuating problem that ALWAYS resolves itself. Good servers prosper, bad ones die thats a gaming fact that has been true since we were able to host servers. Currently the Dev team is perpetuating the current cheating problem by working against the good admins rather than with them.

Ultimately though its your choice but with each day and patch that passes I and my entire group of exceptionally good / fair admins move further and further away from being interested in hosing this release or its incoming stand alone incarnation.

This is one of the best posts regarding the server admin/admin abuse/cheaters topics I have read on these forums.

[Yshido 34]

This is one of the best posts regarding the server admin/admin abuse/cheaters topics I have read on these forums.

Totally agreed.

[jwiechers 92]

Then deal with them individually not by blanket hamstringing an entire group of people who predominantly want to help you achieve something great. The current policy is failing because guess what?, despite every rule and regulation you have in place the people who would abuse admin powers will do so regardless of what is allowed and what isnt.

Who exactly is doing that?

The common set of rules isn't, per se, a problem. You can ban if you're sure that someone has hacked. The team has no way to magically improve BattlEye's cheat detection (which is fairly decent, as a matter of fact) or fix the fact that some cheaters have now focused on this game, seeing as it is popular. What exactly would you suggest? As long as a cheater does not use a bypass for BattlEye -- which could easily be deployed against many of the admins tools that could be offered, too -- there simply is no scripting that could be caught and dealt with. If they don't use a bypass for BattlEye, your scripts logfile will contain incriminating evidence and the scripts.txt base file, as well as the now existing auxiliary files for remoteexec and createvehicle do a sterling job identifying those cheaters.

Private hives are, for the most part, placebo. They don't really help, but you can carefully control some parameters which reduce the likelihood of a cheater appearing -- if he does however, he'll wreak havoc nonetheless. Yes, you can ban him then and hope others don't find your server, but that's about it.

There are a few things that could be done by adding script to the mod files, however, a lot of what could be done not only has the potential to be misused badly by those who'd do so, it also slows down the servers -- with many servers barely staying over 10 fps with even moderate player counts, that also isn't an ideal option. The team can't touch the engine and most of the ARMA2 base, so they're patching the holes they can patch, improving what they can improve and hoping to curb some issues while BE is also improving their pre-emptive detections.

Also, please understand that, for the most part, I'm like you. I have slightly more "access" to people involved in the actual coding because I answer tickets and I've discussed a few things with the devs and some guys from BIS who aren't directly involved in the mod. That's all. I recognize that this is extremly unsatisfying and only adds to the other issues many people have; for example, one of my physical servers is consistently ignored by GameSpy, which means I basically have hardware worth $4000 standing around idling because, at best, four or five people connect to the instances hosted on that server. I can even understand that many admins feel ignored or badly treated, but please rest assured, from all my talks with devs and other volunteers involved, I can tell you it's not due to an "us and them" or "top and bottom" attitude, it's sheer momentum, the size of the endaevour this mod has become. It's not like the devs, BE or BIS are stupid or unaware of the issues, it's that these issues are not solveable overnight and that there are only a handful of developers, assisted by another handful of volunteers, right now.

Just for comparison, it took DICE and Punkbuster *months* to effectively curb the massive hacking of Battlefield 3, including nasty "mass murder" scripts that killed entire servers -- sound familiar? There still is substantial hacking in BF3 or other AAA titles developed by large studies and protected by top of the line anticheat tools, even VAC-protected titles like Team Fortress 2, and a lot of what people write sounds as if you expect a tiny mod, developed by a couple of volunteers, to perform better than studios releasing Triple-A titles with budgets in the millions.

So, cards on the table -- what exactly do you think would help and why?

Edited August 13, 2012 by jwiechers

[Gogster (DayZ) 626]

So, cards on the table -- what exactly do you think would help and why?

A private server admins forum, with:

A list of known scripts for developers to create detection programs when parsing log-files.

A shared ban list, controlled by you if you wish, that we can vote and add people to and download - we can also add the relevant log file section

A discussion section within the forum for discussing new cheats and what format our regexs/inStr needs to be to detect them, Tutorials and guides for administering your server etc..

Just some initial thoughts.

[machomanugget 26]

Amazing, seriously some of the replys in this thread especialy from the actual forum mods astounds me.. where do you get off?

you have one basically saying do it or i'll blacklist you , another saying your the only ones we can force rules on, so we will..

let me get this right server admins / hosters / owners are the ones that actually pay / rent servers to let your mod players actually play your mod? and you have the audacity to claim that its server admins that are causing all this bullshit, with kicks bans hacks and the like... so you remove more and more of anything that actually helps them and threaten them in the process, yet nobody ever responds with an update to all the threads made over the past 4weeks regarding cheating? even though now there actually bypassing the anti-cheat completely?? hackers have gone through the roof as of late. so instead of dealing with all that you seem to attack the people that actually provide servers, that seriously is astonishing

You may have a million players that disagree with everything we say as was stated earlier but carrying on like that with the attitude that you seem to have delevoped over the past month or so and you will have 500 000 players trying to get on 100 servers.. and half of them will be hacking.. that will be fun for you.

I cant believe it honest, i highly doubt that you will be able to enforce what you do now when the standalone game actually comes out thats for sure.

and yes i do pay for a server and run it correctly.

[Razzle Dazzle 49]

lol How can you compare battleye to PB , There is a big difference on what punkbuster can do that battleye cant when it comes to monitoring servers. I know i have never gotten teleported in bf3.

Not really. DayZ is not unique - when CoD & BF > 2 were popular, we'd implement custom checks into PB and check the screenshots everyday.

It's all part of being a server admin. You can host a server without doing it, but don't expect much sympathy when you come here moaning about the level of scripting going on. You have to be proactive.

The police don't expect criminals to hand themselves in, they have to catch them.

[Yshido 34]

I still dont get the idea behind the rules. Right now you are supporting hackers, glitchers, abuser, craptalker, trolls and all kinds of people who are actually anoying all other players, by cutting of the admins power.

For example with the last patch the log file was reduced to a minimum of information. While it was possible to check the .rpt logs for hackers, hacked items, radar users (by checking their waypoints) you can do nothing about it now. Actually a server admin is not able to proof someone is hacking anymore. To be honest: is this your intention? If yes, this mod is going to die as fast as it raised out of nowhere.

Some people allready stated, that server where the admin abuses will die and I know he is absolutly right. At some point no player will join such a server anymore.

In my opinion you have to get rid of the rules. Let the community build their own rules and you will see everything is going to be solved on its own.

[jwiechers 92]

lol How can you compare battleye to PB , There is a big difference on what punkbuster can do that battleye cant when it comes to monitoring servers. I know i have never gotten teleported in bf3.

I'm working on a longer reply, but this is easy to answer quickly: Yup, you haven't, because the Battlefield 3 engine didn't need to hand that power to players. The ARMA2 engine, however, did -- and so we have to deal with that issue. You did get mass-murdered, though, didn't you -- and it took PB months to fix that. I wasn't directly comparing BF3 and DayZ/ARMA2, I am just saying that cheating prevention isn't as simple as some people might think.