Packet Encrypting to and from server
Author
Ok I'm pretty new at working with packets, so I've come here to ask this question..
I'm in the process of making a MMORPG and the developers i have do not know this either, but
Is there a way to encrypt all or certain packets to and from a server?
and if there is can you give me a small walk through on it or any programs that could help.
Thanks and i Appreciate any help given.
Quote:Original post by Nit3Mare
Ok I'm pretty new at working with packets, so I've come here to ask this question..
I'm in the process of making a MMORPG and the developers i have do not know this either, but
Is there a way to encrypt all or certain packets to and from a server?
and if there is can you give me a small walk through on it or any programs that could help.
Thanks and i Appreciate any help given.
You could take a look at OpenSSL , it has all the functionality you need to encrypt and decrypt data.
Author
would that work on a windows server? i currently use windows server 2003 to host my game.
Quote:Original post by Nit3Mare
would that work on a windows server? i currently use windows server 2003 to host my game.
Yes, OpenSSL can be compiled for a large number of platforms, including Windows.
You could either use it to do SSL/TSL or as a generic cryptography library.
You can find precompiled libraries for Visual Studio here (if you don't want to go through the hassle of compiling yourself):
http://www.slproweb.com/products/Win32OpenSSL.html
You should read the below thread. Short version: packet encryption isn't important/necessary except perhaps for login information.
http://www.gamedev.net/community/forums/topic.asp?topic_id=356528
Pay particular attention to hplus's comments. He's an actual IRL commercial MMO developer.
-me
http://www.gamedev.net/community/forums/topic.asp?topic_id=356528
Pay particular attention to hplus's comments. He's an actual IRL commercial MMO developer.
-me
Author
i use HackShield for the security and its working for the most part, but everyday there are new programs that are made to get around it.
and i currently have 2 servers up that each get around 2-3k people only daily so its hard to have to remake the whole game once i find people that packet hack.
and i know that my devs are not the greatest but they have definatly done a good job thus far.
@Simon thanks for the help so far i will give that a shot and see if it works. (*Crosses fingers)
@Palidine part of the reason I'm trying to find a good way to encrypt the packets is also to do with the login portion as well.
thanks for both of your guys' help i will see if this is a good way to stop people from any type of "packet hacking"
and i currently have 2 servers up that each get around 2-3k people only daily so its hard to have to remake the whole game once i find people that packet hack.
and i know that my devs are not the greatest but they have definatly done a good job thus far.
@Simon thanks for the help so far i will give that a shot and see if it works. (*Crosses fingers)
@Palidine part of the reason I'm trying to find a good way to encrypt the packets is also to do with the login portion as well.
thanks for both of your guys' help i will see if this is a good way to stop people from any type of "packet hacking"
Quote:Original post by Nit3Mare
i use HackShield for the security and its working for the most part, but everyday there are new programs that are made to get around it.
and i currently have 2 servers up that each get around 2-3k people only daily so its hard to have to remake the whole game once i find people that packet hack.
and i know that my devs are not the greatest but they have definatly done a good job thus far.
@Simon thanks for the help so far i will give that a shot and see if it works. (*Crosses fingers)
@Palidine part of the reason I'm trying to find a good way to encrypt the packets is also to do with the login portion as well.
thanks for both of your guys' help i will see if this is a good way to stop people from any type of "packet hacking"
Encryption unfortunatly doesn't eliminate cheating, while it does become harder to modify the packets directly it is still possible (and quite trivial to be honest) to modify the data in memory before it gets encrypted or drop some of the packets generated by the game and replace them with custom ones.
I would only recommend using it for authorization (This pretty much has to be encrypted, you don't want a compromised router somewhere outside of your control to result in thousands of your clients loosing their accounts or worse their passwords that they also use for other services (Yes, people are lazy and will use the same password for their online games, their email, and sometimes even their bank)), For anything else its mostly a waste of cpu time , both for the server and the client.
In an mmo you have to assume that a client can use any data you send to them to their advantage and that any data they send to you could have been modified, if you ever trust the client to only send you "correct" data or to disregard information that you send to it people will cheat. (The same is true for any multiplayer game ofcourse, but mmos are far more sensitive to cheating since the game world is persistent and simply removing the cheating player might not be enough to get things back to normal)
Author
@Simon yea thats true but it seems that any types of cheating done in my game only comes from packet hacking, and it seems the only way, at the moment, to get around this is to encrypt the packets until we find a better method all together.
Quote:Original post by Nit3Mare
@Simon yea thats true but it seems that any types of cheating done in my game only comes from packet hacking, and it seems the only way, at the moment, to get around this is to encrypt the packets until we find a better method all together.
If they can cheat by packet hacking you're network architecture is incorrect. It means you are "trusting the client" which is against the cardinal rule of multiplayer design: "never trust the client"
-me
Quote:Original post by Nit3Mare
@Simon yea thats true but it seems that any types of cheating done in my game only comes from packet hacking, and it seems the only way, at the moment, to get around this is to encrypt the packets until we find a better method all together.
There's several different aspects to "encryption":
- Data integrity. Using checksum and potentially encoded peer-specific information (ip/port) you can validate that payload is correct.
- Man-in-the-middle attacks. By using some form of encoding and potentially sequencing, you prevent third-party simply sending bogus packets as they see fit. For example, using third-party application to spam "I shoot at X" packets.
- Replay attacks. Many attacks can be as simple as resending several packets of unknown content to achieve something.
What you seem to be claiming is man-in-the-middle, where encryption may or may not help. If they are hacking by modifying the client, then no packet encryption will help. If they are indeed manipulating the packets in transit, then this will stall them.
Given limited resources, what you need to determine first is what these hacks are, and how they are done. Then, solve the problems on server first. If they are spamming attacks, add some form of counter that limits the number of attacks client may send at any time (5 per second, regardless of packets). If you then ever encounter a peer that is sending more, you know you're dealing with broken client.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
