Anticheat resources for server operators

Post Reply
User avatar
rheo
Member
Posts: 49
Joined: Fri May 03, 2019 20:40
GitHub: fluxionary
IRC: flux fluxflux
In-game: flux rheo

Anticheat resources for server operators

by rheo » Post

Let's discuss what's out there, and I will try to update this post to provide a reference list of things server operators can do to stop or reduce cheating and/or the use of hacked clients.

Please, in this topic, let's not rehash the arguments about whether you can or can't prevent hackers in this game, or about the ethics of using hacked clients, or about architectural changes you think minetest should implement, etc.

Questions are welcome - if you want to know if a particular cheating issue is soluble, or whether anyone has coded up a mod to do it, please bring it up.

As a reminder, Forum Rule #7

Hacking/Cheating: It is not permissible to promote, link, or otherwise direct Forum users to any kind of "hacking" or "cheating" tools, regardless of their claimed purpose. This includes but is not limited to scripts, bots, modified Minetest clients, CSM mods, third-party programs, etc. Doing so is grounds for an immediate, permanent ban, and may result deletion of all of the user's posts.

Builtin Anticheat

In current versions of minetest engine, the builtin anticheat mechanism are enabled by default. They work fairly effectively for the few things they claim to prevent, such as enabling "fast" mode without the "fast" privilege. More information can be found in the Lua API.

Mods with anti-cheat features

real suffocation is mildly successful in preventing egregious noclip-ing. It can be even more effective if you modify it to use `damage_per_second` instead of `drowning`. However, admins often find this mod obnoxious because these mechanisms don't differentiate between permitted noclip-ing (with the correct privilege) and unpermitted noclip-ing. There also can be issues w.r.t. non-full nodes, e.g. nodebox or mesh drawtype - players can drown in mostly-open nodes.

The abyssch branch of the underch mod spawns (almost) all terrain as placeholder "matrix" nodes, which do not resolve into real nodes until they are exposed to the surface during mapgen or due to player action. This effectively prevents the use of the "x-ray" feature of certain hacked clients, that players use to find ore that isn't exposed to the surface. However, this mod creates a huge amount of processor load, totally restructures the underground parts of the server, and won't affect previously generated regions of a world.

The fairplay mod appears to have a number of useful features.

The beowulf mod has been suggested lately, but I have not experimented with it. It feels like it might be overly strict.

admin mods (for cheat detection/mitigation)

cloaking allows an admin/moderator to hide their presence from the game, so they can observe the behavior of a player while remaining undetected. Hacked clients still may be able to realize the position of a cloaked player.

LogCheat (log analyzer script to detect cheating) NOTE: I haven't tested this and don't know if or how it works.

Detecting self-identifying hacked clients

This was honestly what inspired me to make this post, but I'm not sure how to talk about it without violating forum rules. Give me a moment.

Note to self: start with this

Preventing cheaters from evading bans

xban2 and sban are ok, but my verbana mod provides a more sophisticated means of keeping unwanted users out of the server, while trying to reduce the impact that banning can have on well-behaved users. It has proven incredibly useful for keeping out persistent, VPN-using trolls on Blocky Survival and Tunnelers' Abyss. It is, unfortunately, somewhat more complicated to use than other ban/jail mods.

Communicating with cheaters and trolls

If anyone has any resources (or relevant experience) about communicating with cheaters and trolls in ways that leads to more positive outcomes, that also belongs here.

Relevant, existing forum posts

So we don't have to have these discussions again.

Technical discussion about cheating and hacked clients
We need better anticheat against softwares like cheat engine.
hacked PunTrue client
Hack-/Cheat-Clients

Relevant, existing bug reports

Again, no need to repeat these things.

#6114: Detection of dirty clients
Last edited by rheo on Thu Jul 14, 2022 00:10, edited 9 times in total.

MykieDoesStuff
Member
Posts: 136
Joined: Sat Aug 16, 2014 02:44

Re: Anticheat resources for server operators

by MykieDoesStuff » Post

This should be pinned. I'll checking these out some time later....
For fast response... send me a PM

LordPhyre
Member
Posts: 41
Joined: Wed Nov 17, 2021 13:01

Re: Anticheat resources for server operators

by LordPhyre » Post

I have seen variants of this which allowed the player admin to attach to a particular player
As of the latest version, the luk3yx/cloaking mod already has a feature for this.
If anyone has any... relevant experience... about communicating with cheaters and trolls in ways that leads to more positive outcomes, that also belongs here.
I have some. More or less trolls and cheaters have a cheating account, and an actual account. Only the most hopeless of cheaters don't. As a result, changing the password of that account has been effective in my experience to make them experience loss.
If you delete the account, it will only cause more malice and nothing good will come of it, but changing the password allows a possibility of you changing it back to normal and them accessing it again.

I'm not exactly sure how popular my sentiment is, because as for "communicating", I don't... like to a normal person.
Cheaters have this false sense of power since they can cheat, if they get banned change their ip, etc.
Really just knowing their weakpoints and threatening them with them are the only viable option, usually. Unless dealing with someone who has a small fraction of IQ left, having a discussion and coming to an agreement is quite hard.

Your verbana mod is quite interesting and it seems useful for a lot of things, particularly "untrusted" IPs, but this doesn't directly stop cheaters from using a VPN, doing the verification, and going along their day ruining the server.
I might suggest a new banning method, that uses something other than IPs? I'm not sure if it is even possible, but hardware bans in other games are very effective.

LordPhyre
Member
Posts: 41
Joined: Wed Nov 17, 2021 13:01

Re: Anticheat resources for server operators

by LordPhyre » Post

Detecting self-identifying hacked clients
This was honestly what inspired me to make this post, but I'm not sure how to talk about it without violating forum rules. Give me a moment.
Lemme help out here. As long as we don't "promote, link, or otherwise direct Forum users to any kind of" hacked client, we're good... Hopefully.

On a certain large and popular hacked client, (designed only for anarchy servers, but thats probably a lie) had a very large discussion about closing it down on the basis that many (non-anarchy) servers are being ruined and hackers are basically everywhere. The discussion was quite stupid, except for the fact that someone suggested a custom version string to be implemented.

Now as one of those people who had their servers ruined, I was making a mod that combined various anti-cheat methods in one. One of these methods, was to instantly detect that custom version string, and ban the hackers without mercy.
It would've been a very effective and easy way to do things, except when asking how to implement it, fluxionary told me that it's not possible in a mod, and that you can only do it blah blah blah. (I still don't really understand your answer lol)

So does anyone else have any idea how, if possible, to detect that custom version string using mods or some server settings, so that anyone joining the server with that hacked client instantly gets banned?

User avatar
rheo
Member
Posts: 49
Joined: Fri May 03, 2019 20:40
GitHub: fluxionary
IRC: flux fluxflux
In-game: flux rheo

Re: Anticheat resources for server operators

by rheo » Post

LordPhyre wrote:
Wed Nov 17, 2021 13:17
I might suggest a new banning method, that uses something other than IPs? I'm not sure if it is even possible, but hardware bans in other games are very effective.
To not be trivially bypassed w/ a hacked client, that would require forcing DRM, which isn't generally philosophically compatible w/ open source. It'd also require someone to code that up properly, which isn't easy. And I don't want to debate architecture changes in this thread.

User avatar
rheo
Member
Posts: 49
Joined: Fri May 03, 2019 20:40
GitHub: fluxionary
IRC: flux fluxflux
In-game: flux rheo

Re: Anticheat resources for server operators

by rheo » Post

LordPhyre wrote:
Wed Nov 17, 2021 13:17
Your verbana mod is quite interesting and it seems useful for a lot of things, particularly "untrusted" IPs, but this doesn't directly stop cheaters from using a VPN, doing the verification, and going along their day ruining the server.
With verbana, if you wish, you can entirely block a VPN with a single command, w/ an optional expiry limit. Verification, by its very nature, requires a trusted, privileged player to be around, so they can keep an eye on the new users. It works incredibly well in practice, particularly in conjunction w/ cloaking.

Honestly, I should just make a separate thread on these forums about verbana. I've been waiting to do so until I could rework it to be easier to use and maintain, but it's been over a year and that hasn't progressed at all.

Talk about what verbana can (and can't) do, and how to do it, should be done on a verbana topic in WIP mods. I'll try to get that going in the next 24 hours, and I'll update this comment with a link.

User avatar
rheo
Member
Posts: 49
Joined: Fri May 03, 2019 20:40
GitHub: fluxionary
IRC: flux fluxflux
In-game: flux rheo

Re: Anticheat resources for server operators

by rheo » Post

LordPhyre wrote:
Wed Nov 17, 2021 14:09
So does anyone else have any idea how, if possible, to detect that custom version string using mods or some server settings, so that anyone joining the server with that hacked client instantly gets banned?
Yes, I have two methods of doing this, but one requires editing the c++ code of the minetest engine, and the other requires doing the same, or turning on debug mode. I plan on creating a gist (or something) that will outline the procedure w/out mentioning or linking to specific hacked clients. When it is ready, I'll provide a link to it.

Astrobe
Member
Posts: 568
Joined: Sun Apr 01, 2018 10:46

Re: Anticheat resources for server operators

by Astrobe » Post

rheo wrote:
Tue Nov 16, 2021 23:20

Mods with anti-cheat features

real suffocation is mildly successful in preventing egregious noclip-ing. It can be even more effective if you modify it to use `damage_per_second` instead of `drowning`. However, admins often find this mod obnoxious because these mechanisms don't differentiate between permitted noclip-ing (with the correct privilege) and unpermitted noclip-ing. There also can be issues w.r.t. non-full nodes, e.g. nodebox or mesh drawtype - players can drown in mostly-open nodes.
This got me thinking that a fast ObjectRef:standing_in() function would maybe be useful both for anti-cheat and "normal" mods. Then for anti-cheat you can have a blacklist of nodes in which players certainly can't be (more than a few seconds, that is; it seems that sometimes because of lag players can be partially in blocks).

As for normal mods, MobsRedo for instance does that a lot (for mobs), or one could implement pressure plates using it, or one could customize the healing/damage effect of certain nodes when standard node damage doesn't fit what you want to do.

It would double as a problem fixer too - sometimes players get stuck inside blocks without trying to cheat (e.g. they left the game standing in the middle of a plain but other players came there and built a whole city), in which case one could e.g. send them back to the spawning point (if this can't be used as an exploit with regard to the general gameplay).

LordPhyre
Member
Posts: 41
Joined: Wed Nov 17, 2021 13:01

Re: Anticheat resources for server operators

by LordPhyre » Post

rheo wrote:
Thu Nov 18, 2021 01:40
With verbana, if you wish, you can entirely block a VPN with a single command, w/ an optional expiry limit.
Useful!
rheo wrote:
Thu Nov 18, 2021 01:40
Talk about what verbana can (and can't) do, and how to do it, should be done on a verbana topic in WIP mods.
Yes I think you've done enough self-promotion here lol

LordPhyre
Member
Posts: 41
Joined: Wed Nov 17, 2021 13:01

Re: Anticheat resources for server operators

by LordPhyre » Post

Astrobe wrote:
Thu Nov 18, 2021 07:03
This got me thinking that a fast ObjectRef:standing_in() function would maybe be useful both for anti-cheat and "normal" mods. Then for anti-cheat you can have a blacklist of nodes in which players certainly can't be (more than a few seconds, that is; it seems that sometimes because of lag players can be partially in blocks). ...

...It would double as a problem fixer too - sometimes players get stuck inside blocks without trying to cheat (e.g. they left the game standing in the middle of a plain but other players came there and built a whole city), in which case one could e.g. send them back to the spawning point (if this can't be used as an exploit with regard to the general gameplay).
Yea that would be very useful.
I've been trying to incorporate a system that checks if the player is standing inside a non-liquid, solid block, but I haven't been successful in making the check loop.
I want a thing that, every 5 seconds or so, it checks if the player is in non-liquid, solid block, and if so, kicks/damages player.
But my coding skills are sub-par and I've managed to get nothing working correctly lol

A simple 10-20 lines of code that does that can easily be inputted into basically any mod and its very useful to make sure people can't suddenly transform into walls

User avatar
Blockhead
Member
Posts: 1602
Joined: Wed Jul 17, 2019 10:14
GitHub: Montandalar
IRC: Blockhead256
In-game: Blockhead Blockhead256
Location: Land Down Under
Contact:

Re: Anticheat resources for server operators

by Blockhead » Post

LordPhyre wrote:
Thu Nov 18, 2021 16:04
I want a thing that, every 5 seconds or so, it checks if the player is in non-liquid, solid block, and if so, kicks/damages player.
It's trivially easy to end up inside a solid block even without cheating or abusing lag. Methods include:
  • Any game: Build inside player enable_build_where_you_stand = true in settings lets you place nodes where you stand.
  • Teleportation mods like teleport potion, which you can use to teleport deep underground.
So you need to make the penalty not too harsh, and the detection somewhat strict, such as only normal full size blocks but not stairs, meshes etc. It's really hard to tell if a player got inside the node legitimately or not.
/˳˳_˳˳]_[˳˳_˳˳]_[˳˳_˳˳\ Advtrains enthusiast | My map: Noah's Railyard | My Content on ContentDB ✝️♂

LordPhyre
Member
Posts: 41
Joined: Wed Nov 17, 2021 13:01

Re: Anticheat resources for server operators

by LordPhyre » Post

Blockhead wrote:
Fri Nov 19, 2021 16:16
[*]Any game: Build inside player enable_build_where_you_stand = true in settings lets you place nodes where you stand.
[*]Teleportation mods like teleport potion, which you can use to teleport deep underground.
[/list]

So you need to make the penalty not too harsh, and the detection somewhat strict, such as only normal full size blocks but not stairs, meshes etc. It's really hard to tell if a player got inside the node legitimately or not.
yea I've accounted for that. For example, I am checking if there is a block at your feet, at your head, and above your head. Because you probably cannot build above your head without purposefully encaging yourself, suffocation damage seems totally normal.
As for teleporter potions, I don't need to deal with those.
But if I did, why are you abusing the potions like that anyways, knowing you're gonna start suffocating?

Also about the stairs/meshes, is there a way to differentiate them from normal blocks? I only know of "walkable" and "liquid".
Do those types of blocks have categories like that too?

User avatar
Blockhead
Member
Posts: 1602
Joined: Wed Jul 17, 2019 10:14
GitHub: Montandalar
IRC: Blockhead256
In-game: Blockhead Blockhead256
Location: Land Down Under
Contact:

Re: Anticheat resources for server operators

by Blockhead » Post

LordPhyre wrote:
Fri Nov 19, 2021 19:22
Blockhead wrote:
Fri Nov 19, 2021 16:16
[*]Any game: Build inside player enable_build_where_you_stand = true in settings lets you place nodes where you stand.
[*]Teleportation mods like teleport potion, which you can use to teleport deep underground.
[/list]

So you need to make the penalty not too harsh, and the detection somewhat strict, such as only normal full size blocks but not stairs, meshes etc. It's really hard to tell if a player got inside the node legitimately or not.
yea I've accounted for that. For example, I am checking if there is a block at your feet, at your head, and above your head. Because you probably cannot build above your head without purposefully encaging yourself, suffocation damage seems totally normal.
As for teleporter potions, I don't need to deal with those.
But if I did, why are you abusing the potions like that anyways, knowing you're gonna start suffocating?

Also about the stairs/meshes, is there a way to differentiate them from normal blocks? I only know of "walkable" and "liquid".
Do those types of blocks have categories like that too?
The teleport potion (or usually teleport pad) trick is used on servers with technic to get down to -30k or so where the ore is rich and skip digging all the way down just to get there.

Looking at the API reference, I would choose normal, glasslike, glasslike_framed, glasslike_framed_optional, allfaces and allfaces_optional as nominally 'solid'. Then I would exclude things in the liquidtype ~= none (liquidtype == "source" or liquidtype == "flowing").

If you want to be super pedantic you could technically check the collision_box definitions on the nodes as well, but that might get computationally expensive. It was rejected for advtrains for that reason.
/˳˳_˳˳]_[˳˳_˳˳]_[˳˳_˳˳\ Advtrains enthusiast | My map: Noah's Railyard | My Content on ContentDB ✝️♂

LordPhyre
Member
Posts: 41
Joined: Wed Nov 17, 2021 13:01

Re: Anticheat resources for server operators

by LordPhyre » Post

Blockhead wrote:
Sat Nov 20, 2021 01:25
Looking at the API reference, I would choose normal, glasslike, glasslike_framed, glasslike_framed_optional, allfaces and allfaces_optional as nominally 'solid'. Then I would exclude things in the liquidtype ~= none (liquidtype == "source" or liquidtype == "flowing").

If you want to be super pedantic you could technically check the collision_box definitions on the nodes as well, but that might get computationally expensive. It was rejected for advtrains for that reason.
Alr will look into those things, thanks alot!

User avatar
TalkLounge
Member
Posts: 324
Joined: Sun Mar 26, 2017 12:42
GitHub: TalkLounge
In-game: TalkLounge
Location: Germany

Re: Anticheat resources for server operators

by TalkLounge » Post

There's another anti cheat mod for servers: fairplay
Subgames Server: Sky World Subgames German Survival Server: Wildes Land 2 E-Mail: talklounge@yahoo.de

LordPhyre
Member
Posts: 41
Joined: Wed Nov 17, 2021 13:01

Re: Anticheat resources for server operators

by LordPhyre » Post

TalkLounge wrote:
Sat Dec 04, 2021 22:54
There's another anti cheat mod for servers: fairplay
Looks lit, has useful unique features like "placing blocks while pointing at air" that I haven't seen anywhere else before.
Great mod!

Bastrabun
Member
Posts: 210
Joined: Mon Nov 04, 2019 19:48

Re: Anticheat resources for server operators

by Bastrabun » Post

pin please, it's about the nth time I was asked for an anticheat reference today and I sent them this thread :)
Whatever I say is CC0

Post Reply

Who is online

Users browsing this forum: No registered users and 8 guests