Persistent World Griefers

[Legacy_SHOVA]

               another is to check the inventory of new PCs, make sure they are not trying to bring in something silly.
               
               

               
            

[Legacy_spool32]

               I'll commit the Avlis servers to joining this. TSM, I'll be in touch privately, and  thanks for leading the effort. It's an idea I support.
               
               

               
            

[Legacy_TSMDude]

               

Evelath wrote...

 To get back on track...

What are some potential fixes (aside from banning tons of CD-Keys) could potentially work?

For RP Servers:

* A fix I've seen is simply creating a 'portal' once you're in-game that checks all of the players stats.  If a player has 3 stat lines that are single digit amounts (normally INT, WIS, and CHA @ , simply restrict them from entering the World.  Legitimately no character could survive very long in a dangerous world with those stat-lines, therefore those characters should require DM approval, similar to how many places require approval for PRCs or Subraces.

Any others thoughts?

While I like this suggestion (And I do like it alot actually)because I am one of these weird rp worlds this small group has also attacked Action and Social. So any server admin is also welcome to join. We are up to 15 servers now and a lot of info is being shared.

Thank you all as sappy as this sounds this shows that we indeed have a great Community in NWN.
               
               

               
            

[Legacy_FireWraith]

               Yes, we're talking about people who've been going out of their way to deliberately cause trouble on a number of servers, not just one.  I know what I've seen, and it's not been that hard to deal with, though others may have had further problems.  I know what I've heard from other servers, and while I can't confirm any of that, I do know I've heard rumors of activities that do go into the 'illegal' realm, by which I mean things that ISPs and potentially Law Enforcement do care about.  There are a lot of script kiddies out there who don't quite realize the level of trouble you can get yourself into doing things like gaining unauthorized access to someone's email, to a computer system, etc (by which I mean machine access, not logging in to a game).  Anyway...

For the issue of these characters, the easiest solution is the Enforce Legal Characters option.  For many servers, especially using custom content, that may not be an option.  In that case, I would suggest scripts that check the stats of incoming players, especially new ones.  Establish what the maximum starting value could possibly be for things like ability scores, or other parameters, and autoboot anyone who exceeds the value.  Keep logs so you can go back and add them to a ban list later.  
If you have an easy way to tell which are new characters, this may make your task easier, as you can better establish that stat range (Maybe 22 or so would be your absolute limit).  Even a full blown level 40 server probably isn't going to see anyone with a stat north of, say, 50.  Add a bit of padding and you'd still block this particular exploit.

At that point they'll either move to bother someone else, or (far more likely) come up with a different way to try and cause problems.  There's ways to deal with that too though.
               
               

               
            

[Legacy_NWN DM]

               Hmm...
               
               

               
            

[Legacy_Lord Sullivan]

               If you can trust your regulars(player base) by giving them a power that they could use in case of an attack from a griefer/griefers... then I would give them an item that when activated it would spawn a powerfull dragon that would attack the ostile currently in combat and while the dragon is spawned both the dragon and the player would get auto heal and in case the player just had enough time to spawn the dragon(activate the item) but gets killed the player is auto resurected and gets auto heal...

Witness the griefer be griefed!  '>
               
               

               
            

[Legacy_Sethan_1]

               Just became aware of this thread when our Head DM returned from vacation and pointed me at it.  We've had a lot of trouble with the "greifer" group over the last few days.

There are various methods of dealing with people who are willing to cheat, hack servers, or otherwise ruin other people's fun for their jollies.

Some of those methods are in server setup, some are in scripting, some in various other security methods that I won't mention here.  Some we have implemented already, others we are working on since the latest round of attacks.

I think the coalition of server admins is a very good idea, and long overdue.

I will say I find it annoying that I have to waste resources and time combating griefers that I could be using to make the server more fun for everyone else.
               
               

               

                     Modifié par Sethan_1, 19 mars 2011 - 05:55 .
                     
                  

            

[Legacy_Zarathustra217]

               Hey all, glad people are taking the initiative, count Ravenloft POTM on board.
               
               

               
            

[Legacy__Guile]

               I check stats when a person logs on through scripting, and do an item scan on ALL equipment for bad items properties...

So their gear would get jacked even if they were playing a legal character...

I had problems with people cheating a lot on a server so made systems to simply deal with them.

All you need is a good anti cheating script...
               
               

               
            

[Legacy_TSMDude]

               So last night a new low. Besides the usual crud but to honestly ask a girl player to cyber with you and you will leave the server alone? And to top it off ask a 15 year old girl at that? Pedophile. Rape like fantasy?

A griefer who kills people is an arse but one who now is bringing sick twisted sexual games into it with a child is just wrong on so many levels.
               
               

               
            

[Legacy_Azador]

               Got a random question - are they able to log in consistently after a CD-key ban? The only way to do that would to have a LOT of CD-keys, like a generator or something. I doubt they are shelling out $10 for new keys.
               
               

               
            

[Legacy_kalbaern]

               

Azador wrote...

Got a random question - are they able to log in consistently after a CD-key ban? The only way to do that would to have a LOT of CD-keys, like a generator or something. I doubt they are shelling out $10 for new keys.

Short answer: Yes.
               
               

               
            

[Legacy_Calvinthesneak]

               If you're running a server vault it should be fairly easy to stop hackers.  One strip all items on players entering a module with 0 xp.  Two, make sure your DM powers and abilities are tied to CDKey's or some other unique method of identification.  Any system administrator will tell you to operate on the principle of least permissions, so close off all avenues before someone uses them.  There are some people that will slip through the cracks still, but with two procedures like that it becomes a great deal more difficult for them to cause widespread damage unless they manage to hack CDKeys and such of DM's, and believe me they can and will do that.
               
               

               
            

[Legacy_GLoRToR]

               Apparently telenet.be is the isp that this guy uses.
We had him, we reported him to his isp for ddos attempts.
He logged in from another city, likely divorced parents or somesuch.
I urge all admins to keep sending logs of him ddosing and screenshots of him harrassing to his isp. If it becomes a daily issue that they receive such emails, they are likely to take action simply because of the amount of feedback.
               
               

               
            

[Legacy_Quilver]

               

GLoRToR wrote...

Apparently telenet.be is the isp that this guy uses.
We had him, we reported him to his isp for ddos attempts.
He logged in from another city, likely divorced parents or somesuch.
I urge all admins to keep sending logs of him ddosing and screenshots of him harrassing to his isp. If it becomes a daily issue that they receive such emails, they are likely to take action simply because of the amount of feedback.

They're attacking the module, not the server. There are a few exploits that allow players to crash modules, but they exist within NWN. That is entirely different to DDoS.

You shouldn't really be making accusations of criminal activity on a public forum, either.

Edited to add: If you have proof that he has hacked the server rather than exploited the game, then you aren't necessarily in the wrong. But if you don't have proof, you're actually breaking the law by accusing another of criminal activity.
               
               

               

                     Modifié par Quilver, 28 mai 2011 - 06:11 .