Solved

VB: Winsock Wrapper ?

Posted on 2004-10-30
378 Views
Last Modified: 2013-11-13
Hey guys,

I have developed a "Anti Cheat" system in Visual Basic and it is running good,

A Problem has arised where people have been able to gain the port the ac "randomly" selects and then "Manual Join" the port.

I have been told a little information about a "Winsock Wrapper" which encrypts information it sends, and i was just wondering if this is possible in visual basic and how ??

Or if you have any other ideas they would be greatly appreciated,

Many Thanks
0
Question by:TheJay04
    13 Comments
     
    LVL 8

    Expert Comment

    by:mugman21
    TheJay04,

    Not totally sure what it is your talking about. If you could clarify what your statements mean, I'm sure I would be able to help.

    With 15 years experience, in programing and networking, I don't know what the following means, "I have developed a "Anti Cheat" system in Visual Basic and it is running good, A Problem has arised where people have been able to gain the port the ac "randomly" selects and then "Manual Join" the port.".

    Question, what is an "anti cheat" system, what is "ac" - access control? Puzzeled by the quotes around "randomly", what does "manual join" mean? With regards to TCP/IP there is no such thing as a "manual join" that i'm aware of...... When you speak of ports, I assume you mean a network port, right?

    Ughh, the way this question is phrased is twisting my mind...... If all you want to do is encrypt data before sending it (via a wrapper class), you can indeed wrap it in SSL (Secure Socket Layer). There is a code example of how to do this at http://www.planetsourcecode.com/vb/scripts/ShowCode.asp?txtCodeId=43694&lngWId=1 .

    If that link above doesn't help, please clarify and restate your question.

    mugman
    0
     
    LVL 4

    Author Comment

    by:TheJay04
    Hey

    Sorry for this mis-understanding.

    A "Anti Cheat" is a program used to stop people cheating in online gaming.
    A "ac" is the above "Anti Cheat", im just used to calling it an ac lol.

    "Random Join" what i mean by this is,

    Gamers connect to my program, 1 person hosts the gaming session and the others who are participating join the hosts IP.

    When the game is launched data is sent to launch all of the other gamers who are connected to the host,  the IP of the game is got via the same IP the users connected to.

    But my problem is the port.  I make it randomly select a port to use
    (but this is bad for gamers with routers/firewalls) I know this but its the only way I can thing of to do it.

    Once the port is made the game is launched.

    Now heres where i need help.. People can just simple close the game, use "netstat -na" to gain the port the "Anti Cheat" has randomly made.  

    Then they open up the game manually and connect to that IP/PORT therefor not running the program, thus letting them cheat.

    I hope that clears some of your questions up.

    I will check your link, in the mean time if you have any other ideas they would be greatly appreciated.

    Cheers
    0
     
    LVL 3

    Expert Comment

    by:vippx
    Hi TheJay04

    you have reached what has been the bane of network programmers for ages. As mugman suggested if u need secure communication SSL is the option and you could have the security certificate embedded in your game. But still i dont know if you can hide a port, because as long  as you are using TCP/IP there is no way to avoid the clients knowing which port to connect to. Use of SSL would allow you to authenticate the gaming client and so technically its difficult to cheat, but then that would draw us into a long debate of network security and how the game can be reverse engineered to get the certificate.

    Even using SSL, the port which is used to connect is visible. However performance hit of using secure communications is a sizable overhead and the players would not like its realtime response.

    hope this helps



    0
     
    LVL 8

    Expert Comment

    by:mugman21
    I got it now...

    I wouldn't use random ports for the exact reason you mentioned. Here's one idea: When they first connect to the game server and recieve the port to use for the game, pass them a random GUID and associate that GUID with their game client. On disconnect (socket close), destroy the GUID that is associated with their client. In doing so, everytime they want to connect, they would have to do it the proper way in order to know what the random GUID your server created was.

    Using a method simular to this, it wouldn't matter if they used a sniffer to see what the guid was, because as soon as they diconnected the client and attempted to manually connect, the guid would no longer be valid.

    Just an Idea...

    Mugman
    0
     
    LVL 3

    Expert Comment

    by:vippx
    a good idea . but then you would also require to authenticate if the client that is connecting is your game client or not. i mean if i write a hack proggie to simulate your game and manage to obtain a guid for myself, i could still be in the game but not with your game client.

    but your approcah would definitely prevent a faction of hackers using packet sniffing and port scan.
    0
     
    LVL 4

    Author Comment

    by:TheJay04
    We'll heres my idea.

    Because the ac launches the computer connected to the ac, the client would have to run the game on a different computer because:

    When the game is launched it activates a variable which starts the memory scanning.

    If they leave game, then manual join it then the ac is still scanning the game, so they would have to use a different computer.

    My idea is, maybe as soon as the game is launched have some code check if the game window ever closes, if it does inform the other gamers connected to the server and make the ac need a "relaunch" of the game. .

    Is this possible ?? If so what would be the best way to do it. (hope you understand).
    0
     
    LVL 3

    Expert Comment

    by:vippx
    Hi...

    could you clarify a bit more... i dont understand these parts

    <quote>
    Because the ac launches the computer connected to the ac,
    </quote> dint get that at all, launch a computer??

    <quote>
    When the game is launched it activates a variable which starts the memory scanning.
    </quote> memory scanning for what??

    <quote>
    My idea is, maybe as soon as the game is launched have some code check if the game window ever closes, if it does inform the other gamers connected to the server and make the ac need a "relaunch" of the game. .
    </quote> what is to be informed to other gamers? wo launches the games.

    please talk in terms of "client" and "server" so that other experts can understand clearer



    0
     
    LVL 4

    Author Comment

    by:TheJay04
    ok,

    1st Quote:

    When the clients are ready the host launches the game,  each client connected will then join the host's game.

    2nd Quote:

    Memory Scanning the Game for violations, I.E Cheats

    3rd Quote

    My Idea was to flash a message accross the clients screen, like it does when some1 is caught cheating..  I.E "Gamer123 has disconnected from the game"

    Then every1 goes back to the program and the host relaunches the game.

    --------

    What i needed help with was:

    Maybe check if the clients game window ever closes, is this possible ???
    Or have you any other ideas.
    0
     
    LVL 8

    Accepted Solution

    by:
    Sure, simple solution, add code in your Form_Unload procedure to send a "BYE" packet to the server.
    0
     
    LVL 3

    Assisted Solution

    by:vippx
    Hi,

    The BYE packet is an excellent idea and you can put this on your WM_QUIT or form_unload procedure as mugman suggested.

    However this would work only if the application was closed correctly and not if it was killed.

    Another approach to this can be use of a "HeartBeat" Feature. The server along with scanning memory also maintains track of all accepted connections. Every client connected is supposed to send a heartbeat packet after every set interval. this heartbeat packet would be a very small with minimal information so as to not congest the network. its purpose is to let the server know the client is alive. The sending and recieving of heartbeatrs should be automated so that it does not depend on human interations. Now if the server does not recieve a heartbeat in the set timeout period, then the connection is assumed to be lost and the socket can be closed and all other players can be notified of the particular client leaving the game.

    The timeout can be decided accordinly, if on a high speed network it can be set to very low values as heartbeats can be frequently sent, while on dial up and slower networks the timeouts can be higher.
    0
     
    LVL 8

    Expert Comment

    by:mugman21
    back again,

    As vippx put it, "The BYE packet is an excellent idea and you can put this on your WM_QUIT or form_unload procedure as mugman suggested.", yet I must agree with vippx's point about unexpected shutdowns. I honestly believe both of our ideas should be incorperated to acheive the result that your looking for.

    Question too vippx, even if the application exited unexpectidly, would the Form_Terminate event STILL fire? I thought that it would, unless of course the system lost power or shutdown completely (which wouldn't be helpful to cheaters)....

    Mugman
    0
     
    LVL 3

    Expert Comment

    by:vippx
    Hi Mugman,

    If a process is killed, i believe form_terminate would not fire. So they use the task manager to kill a process, then the procedure would never be executed.

    0
     
    LVL 4

    Author Comment

    by:TheJay04
    Thanks guys,

    I decided to split the points as you both have been very helpful :D
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Suggested Solutions

    If you haven’t already, I encourage you to read the first article (http://www.experts-exchange.com/articles/18680/An-Introduction-to-R-Programming-and-R-Studio.html) in my series to gain a basic foundation of R and R Studio.  You will also find the …
    If you’re thinking to yourself “That description sounds a lot like two people doing the work that one could accomplish,” you’re not alone.
    This tutorial will introduce the viewer to VisualVM for the Java platform application. This video explains an example program and covers the Overview, Monitor, and Heap Dump tabs.
    The goal of the video will be to teach the user the difference and consequence of passing data by value vs passing data by reference in C++. An example of passing data by value as well as an example of passing data by reference will be be given. Bot…

    846 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now