Sign in to follow this  
Followers 0
cyanidemonkey

capturing MAC address over internet?

10 posts in this topic

Hi,

We have problems with guys cheating in and/or crashing our game servers, I was going to just get the offenders IP addy and block them, but I figure they will just reset their IP or use a proxy.

I have seen some threads here on capturing the NICs MAC address, is this possible over then internet? ie. would I be able to capture the game hackers MAC addy remotely?


My AutoIt Scripts.- AutoHost and Password Enabler for Delta Force 2 Demo.| Caffine for Winamp 2.9x and WRS 2.0 | mp3 directory cleaner | CRAP DJ | A:B:J Radio Automation Software | FFMPEG batch conversion automator

Share this post


Link to post
Share on other sites



Hi,

We have problems with guys cheating in and/or crashing our game servers, I was going to just get the offenders IP addy and block them, but I figure they will just reset their IP or use a proxy.

I have seen some threads here on capturing the NICs MAC address, is this possible over then internet? ie. would I be able to capture the game hackers MAC addy remotely?

moin, moin... :lmao:!

Ooh I believe this is a difficult task, you would have to be able to intercept with netmon an ip package and select from its hader the mac adress. but how you exactly want to know which packages from hakker come


[font="Comic Sans Ms"][center]Powered by AutoIt3http://www.wik-eric.de/zips/Synchro2.2.2-4free.zip[/center][/font]

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

oh bugga, ok, I'll do IP banning.

It's just that EA Games did something like that back in the BF2 demo days to ban hosts who used cracks to unlock time limits and weapons, but how they did it only they know. I thought it might be possible.

I did not realise the mac addy could be changed via the router, kinda defeats the perpose I spose

Edited by cyanidemonkey

My AutoIt Scripts.- AutoHost and Password Enabler for Delta Force 2 Demo.| Caffine for Winamp 2.9x and WRS 2.0 | mp3 directory cleaner | CRAP DJ | A:B:J Radio Automation Software | FFMPEG batch conversion automator

Share this post


Link to post
Share on other sites

Basically... if it has been created, it can be destroyed. With enough time, patience, knowledge, and wisdom of course. :lmao:

Thanks,

JS


AutoIt Links

File-String Hash Plugin Updated! 04-02-2008 Plugins have been discontinued. I just found out.

ComputerGetInfo UDF's Updated! 11-23-2006

External Links

Vortex Revolutions Engineer / Inventor (Web, Desktop, and Mobile Applications, Hardware Gizmos, Consulting, and more)

Share this post


Link to post
Share on other sites

If you have control over the development and code of the software being run at the other end, why not create an unique identifier which they need to connect to your server? A lot of people do it - it is called a serial number. You can then check that against your list of authorised people before letting them use your server and remove them from that list if you wish either temporarily or permanently.

The MAC address is usually unique but can be changed too!

If you do not have control over the code at the remote end then the IP address is pretty much all you have to go by.

Share this post


Link to post
Share on other sites

IMHO (and having run a game server in the past),

Banning MAC address

- waste of time because many routers now have an inbuilt ability to change the MAC address

- very hard to capture MAC address unless your game server software is able to remotely do it

Banning IP addresses

- waste of time because no cheater is going to use a permanent IP

- most ISP's use dynamic IP's, so IP banning is just plain stupid on this point alone

- changing your dynamic IP is a simple matter of disconnecting and reconnecting again a few minutes later

- because most IP's are dynamic, you end up banning a valid player and your email box starts to fill up with complaints (very time consuming)

Banning User ID/Name

- waste of time because most cheaters use fake online names rather than their true handle

- too easy to change so all you end up with is a list of banned usernames

- good if you want only clean(ish) usernames displayed on your server (ie. no usernames that include the phrases f*ck or c*nt etc).

Banning Game Serial Numbers

- very effective against the casual/not too bright cheater

- costs them money to get a new serial number (they have to buy another game)

- not 100% effective against hard core cheaters because they have many serial numbers (stolen from noobs via worms)

- you may need to run the anti-cheater software from the game company because the serial number may not be available to the server operator

Some additional things you can do to minimise cheating:

Banning Domains/Countries

- good if you want to control who accesses your server to keep ping times reasonable

- not effective if the cheater owns his/her own domain

- banning an entire domain because of one cheater is stupid (email box complaint thingy again)

Banning Proxies

- effective in that it requires a valid internet ISP (which means you have a point of complaint)

- not effective if cheater runs an ISP or owns his/her own domain

Banning Accounts

- some game accounts require valid email addresses (reduces the number of casual cheaters).

- not effective unless you ban free email accounts (eg. Yahoo, Hotmail etc)

- not effective if cheater runs his/her own mail server.

Banning Hard Drive Serial Numbers

- effective in that it requires a complete format which is time consuming

- requires software to detect it

Require Anti-Cheat Software

- effectiveness varies depending on the game and the anti-cheating software used

- requires software running on the client

And for something really radical (I don't necessarily subscribe to this viewpoint): allow cheating/hax on your server and provide gamers with them. This way, everyone is on a level playing field again :lmao:

I guess you could always write an AutoIt script that assigns a random number (unique identifier) to a computer which is interrogated by the server for validity prior to the game starting. This way, it's not relying on any of the above methods to determine the cheaters identity.

Share this post


Link to post
Share on other sites

Hi,

We have problems with guys cheating in and/or crashing our game servers, I was going to just get the offenders IP addy and block them, but I figure they will just reset their IP or use a proxy.

I have seen some threads here on capturing the NICs MAC address, is this possible over then internet? ie. would I be able to capture the game hackers MAC addy remotely?

The MAC address in the packets of any host outside your own network is just the MAC address of your own router interface (Gateway). Blocking that MAC would be a bad thing! :lmao:

At each router in the path between two hosts the MAC address gets changed, but the source/destination IP address remains the same (disregarding NAT). If you were talking about getting the MAC by running something on the remote host, then you are likely to be seen as a hostile actor yourself by anyone savvy enough to notice what you're doing. ;)


Valuater's AutoIt 1-2-3, Class... Is now in Session!For those who want somebody to write the script for them: RentACoder"Any technology distinguishable from magic is insufficiently advanced." -- Geek's corollary to Clarke's law

Share this post


Link to post
Share on other sites

Banning Hard Drive Serial Numbers

- effective in that it requires a complete format which is time consuming

- requires software to detect it

actually you can spoof if with tools like HDspoof


My UDF's:;mem stuff_Mem;ftp stuff_FTP ( OLD );inet stuff_INetGetSource ( OLD )_INetGetImage _INetBrowse ( Collection )_EncodeUrl_NetStat_Google;random stuff_iPixelSearch_DiceRoll

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0