ballistica
ballistica copied to clipboard
efroemling
Server List Spam Mitigation
Spam Again! :v
The server list is being spammed with tens of similar servers. I'm making this issue because it pretty much is a well known problem.
Filtering out servers with 0 player limits would be an easy fix or the Master Server could also blacklist IP's with more servers than a certain threshold.
Currently servers can easily be hosted by anyone, I suggest linking servers to the host's account would be a nice way to trace these spam attacks. The host account must be at-least a month old to be eligible to host servers.
Yes that spammed list still on, The guy behind this attack is Ankit. His account_id is (pb-IF4yVBYsNA==)and his Google and Android ID's are ( "\ue020PerpetualMind59","\ue020RuinedWillow5135","\ue020RandomGuyFun","\ue030Android30534380") He has been attacking my server since yesterday and abusing me and my family, this guy and his friend LovelySingh's account_id (pb-IF4lVBgyFQ==) and google Id and android ids are("\ue030Android37046721", "\ue020Indianplayer2003", "\ue020CNDkdjsnkd", "\ue020TheAnGryPiXie", "\ue030Android38877090", "\ue020TheAnGryPixie")have been attacking servers on a regular basis. Ankit has also made scripts with a hidden backdoor in them which he spreads to new server owners. Then he uses the backdoor to use their servers to spam and attack others.
If u guys are talking about this thing then firstly this is not the end. This thing grows beyond this. I personally tolerated all this things which includes: making of slang servers, abusing the default kick-vote system, spamming messages in a loop which leads to exploitation of chat blockers.
NOTE: I know Eric already had initiated to stop the spamming in a server but somehow that system failed to do its work. Moreover, now kick-vote system can be completely disabled but how the other players except admins should kick someone else?
Suggestions: Chat blockers should throw a warning firstly to a particular player who spams 5 msgs in the columns and next time when the same player continues to do so then chat blockers should kick that player on the spot.
Else: The time limit after spamming msgs 5 times in the columns should be at least 60 seconds or even more rather than 10 seconds.
I think more clean/better solution would be to store info about muted players (who sent 5, 10, 15 etc. messages) in memory if player leaves the party, so this info should be stored using account id instead of client id if possible (public servers have internet connection).
A few notes from my end on this:
- I've got some protection on the master-server already; a single IP address isn't allowed to list more than a handful of games/etc. I can also add simple things such as filtering out games with max players 0/etc. relatively easily. So please holler with any ideas like that and I can try to add some of them.
- I did add spambot protection to the server binaries to auto-kick/ban players, but it basically requires me to add explicit blacklisted words/phrases so its hard for me to stay on top of things. I would rather have something that server owners had more control over.
- In general, a lot of these ideas sound good, but I know I am somewhat of a bottleneck here in getting them implemented. My overall plan for this is to try and move most client-controlling logic to the Python layer, including the default kick-vote system/etc. This way folks would be able to tighten up security or implement their own kicking/banning/filtering for their server easily. I'm currently planning on including this in the next big code-refactoring update which will be 1.8, but perhaps I can implement this part sooner if it seems like it would be useful.
- So before that time I will probably be a bit hesitant to add new auto-kicking/etc. features since I would be implementing them in the C++ layer which is soon to be replaced with a Python one.
- It should theoretically be possible right now to implement some things such as a custom kick-voting setup by utilizing the chat-message filtering and per-client messaging that is in there now; it just isn't the most elegant solution.
So that's where things stand on my end.. let me know if you have any thoughts on this or other ideas/etc. It seems like a useful discussion...
We need this 2 things:-
- Enable/disable on screen left join and on screen chat message pop-ups.(or change pop-up location to right corner or other corner)
- As u already add kick player without votes for admin need also add this kick will attack account_id or ip address of player so if he just change his name he cant enter. Hope you will add this soon to defend spam attacks of left join and large messages spam.
Ankit has also made scripts with a hidden backdoor in them which he spreads to new server owners. Then he uses the backdoor to use their servers to spam and attack others.
I won't assume who wrote the backdoor but this seems to be true. I have access to one of public server files and it had a backdoor which adds additional account ids that can act as "owners" in the server via chat commands, and it also attempts to append a very specific SSH public key to /root/.ssh/authorized_keys authorizing themselves to be able to SSH into the instance running the game server. It also allows anyone to kick anyone by using the hidden chat command:
`````kick clientid
(where clientid is an integer client id of some player)
If you maintain a public server, you should grep your server files for patterns like:
$ grep -rnw -e authorized_keys -e ssh-rsa -e ownerHashes
and investigate if this returns anything suspicious.
