AlliedModders

AlliedModders (https://forums.alliedmods.net/index.php)
-   Scripting Help (https://forums.alliedmods.net/forumdisplay.php?f=11)
-   -   Full Proof Server Authentication (https://forums.alliedmods.net/showthread.php?t=27691)

OneEyed 04-26-2006 23:15

Full Proof Server Authentication
 
I'm working on a way to create a full proof server authentication. Currently i connect to a db, and cross check IP's. But unfortunately there is a security risk with the way AMXX retrieves the server's IP. I came on here to see if anyone else has a full proof method of server authentication.

This is so a server must pass authentication to use the plugin. Any ideas would be helpful.

Also, if anyone knows how to get the server ip, without using cvar that'd also be very helpful, cause cvars can be fabricated.

GHW_Chronic 04-27-2006 00:07

You are currently using:
Code:
get_user_ip(0,ip,31,0)
?

OneEyed 04-27-2006 00:12

yes, but that can be fabricated

During some tests of connecting to a database, i found that the error message returned showed my hostname for an unsuccessful login. This might be one way of me returning a "true" unique id.

Twilight Suzuka 04-27-2006 08:02

One cannot have a FULL PROOF method, as it is very easy to simply hexedit the plugin OR to use a proxy or IP spoofer to fool it.

Furthermore, it is unethical to deny ANYONE access to a plugin which is supposed to be OPEN SOURCE, and thus anyone SHOULD be able to use it or set up their own SQL DB to use it.


All times are GMT -4. The time now is 05:03.

Powered by vBulletin®
Copyright ©2000 - 2024, vBulletin Solutions, Inc.