Dawn of Light

Curently the maximum a servers staff can do to remove a player from the server is to ban the account and ip address.
The Result is that the user can just get himself a new ip address and log on the server again with a new account.
I´d like to create a way to realy prevent a baned user to access the server.

My idea was to do that via the users mac address, ok, still possible to change that one but it requires more knowledge and work for the player.

I read alot about that during the last days, also found some code snippets, but only very few.

Here is my current code that doesnt work yet, its in LoginRequestHandler -> HandlePacket()

Code: Select all

String[] ipsplit = ipAddress.Split(':');


int ldest = CryptLib168.inet_addr(ipsplit[0]);
long macinfo = 0; //Dient zur Speicherung der Mac-Adresse
int len = 6; //Länge
int res = CryptLib168.SendARP(ldest, 0, ref macinfo, ref len); //Mac-Adresse holen

string macAddress = formatMac(macinfo, '-');



log.Info("Mac Adresse: " + macAddress + " | IP Adresse: " +ldest.ToString() + " | Macinfo: " + macinfo.ToString());

The SendARP and inet_addr in the CryptLib:

Code: Select all

[DllImport("Ws2_32.dll")]
public static extern int inet_addr(string ip);

[DllImport("iphlpapi.dll")]
public static extern int SendARP(int dest, int host, ref long mac, ref int len);

The Method "formatMac" should just format the mac adress to a normal format, if the given macinfo is 0 it just returns
00-00-00-00-00-00

Thats why my results are currently like this:

15:52:53,578 - [2320] - INFO - DOL.GS.PacketHandler.Client.v168.LoginRequestHandler - Mac Adresse: 00-00-00-00-00-00 | IP Adresse: -1494206642 | Macinfo: 0

Its not the negative IP Adress there, i also tried with another computer that than had a positive value there but still no mac adress:
21:51:01,609 - [4660] - INFO - DOL.GS.PacketHandler.Client.v168.LoginRequestHandler - Mac Adresse: 00-00-00-00-00-00 | IP Adresse: 16777343 | Macinfo: 0


Maybe someone could give me a hand with this code.
I am also interested if there might be other ways to make bans more effective.

I'd also like the IP ban to work, as currently it checks the players IP/Port and as such never hits it.

Mac Address requires we have access to the clients router if they are on a network I believe

We would need to be able to access the physical layer protocols from their computer to the router. In any case, we could access the mac address of the router's out port.

Simple fix for now please fix the IP ban Ryan

As Ryan said is the hardware adress ban is not the comp's one, it is the router one as it is convenient Ok we perhaps ban an entire campus but except students, who cares ? </taunt>

ROFL mac address is easier to change then the IP imo.. in fact i coded a mac address generator some time ago lol.. not worth coding into dol imo.. and i think that every linksys router has mac address spoofing. and if u combine that + mac address generator + lets say Comcast internet. a user can run with any random mac address and any random IP address they want lol..

and even then go directly to the computers hardware mac address say u get that far. then all u have to do is spoof the computers hardware mac address and thats still simple enough. or say u have a friend with a ton of old computer parts or maybe a box of old ethernet cards lawlz.. u can just swap them out using a different mac address each time lol

tho if you do make it possible to ban mac addresses in dol even tho useless for the most part ill admit it would be pretty cool haha

i dont think so, the mass of ppl just has no clue about changing a mac adress, they just know that they get a new ip when they restart their router. Anyway, i stoped that long ago, i implented the possibility to ban ip ranges, ofc even that can be bypassed but not by the casual players who are the majority.

i guess so.. lol new ip when restart router? must be nice.. wish mine did that lol

i dont think so, the mass of ppl just has no clue about changing a mac adress, they just know that they get a new ip when they restart their router. Anyway, i stoped that long ago, i implented the possibility to ban ip ranges, ofc even that can be bypassed but not by the casual players who are the majority.

If someone is determined enough to care about hacking or cheating, then they have knowledge enough to get past a MAC ban..

Or even a ranged ban if they have WiFi and Aircrack.

+1

Well you ll REALLY guys have to keep in mind the gap between hackers and rest of the world !

the guys able to mac/ip spoof are really in the bottom of the list in dol dev priority. Actually, i really don't care to hunt kids...

i dont think so, the mass of ppl just has no clue about changing a mac adress, they just know that they get a new ip when they restart their router. Anyway, i stoped that long ago, i implented the possibility to ban ip ranges, ofc even that can be bypassed but not by the casual players who are the majority.

If someone is determined enough to care about hacking or cheating, then they have knowledge enough to get past a MAC ban..

Or even a ranged ban if they have WiFi and Aircrack.

Even the current very basic ip ban keeps a lot of hackers away, just not enough in my opinion, baning mac adresses would keep some more away, ip range bans almost keeps em all away, but i made that thing to get rid of annoying ppl, not to keep them permanently away. I cant do a range ban forever because it almost always affects other ppl too. So my ip range ban is for situations where you ip ban someone and than he gets himself a new ip, comes back and goes like "ololol idiot you can not ban me" and starts to flame you. Really just for such situations because i just dont like to have to mess with such ppl, than i make a range ban and keep that for some hours and hope that this cheater gives up and lets me be. My current system shows me how many ppl would be affected by a range ban, filters accounts that would be affected by the ban but are not accounts of the cheater i want to ban. But i cant filter all accounts, so if i do a range ban i might ban innocent ppl too, thats why i release the ban after some hours or days (depending on the number of affected accounts).
Ofc, this is far from a perfect ban, and ofc a mac ban would also be far from perfect. It is just a bit more than the current system, and thats better than nothing.

If you have better ideas, your welcome to share them, i cant see any.


But i dont think that ppl that hack have great knowledge about computers or whatever, they just use google and download what they find, those that understand what they are doing are very few.

lol if a guy changes his ip and then comes back and says he changed his ip hes a total nub... if u change ur ip and come back you dont tell them so that they could ban u one more time lol what a waste of a perfectly good ip. its the ones who come back and u never know about is the ones u have to worry about haha

hello, anybody solved that issue about banning the mac address??

we really need it..

dear god, really? Is there a need to bump a almost three + year thread?