Security

[William]

Do anybody have any ideas on how to improve the security, I cant come up with anything. So give me some ideas and I see if I can put them into use.

[Spodi]

Packet encryption? Besides abusing bugs, spoofing packets seems to be the easiest way to screw MS's server.

[William]

Packet Encryption is already available in many different methods. I've seen that ES has a lot of them posted by JokeofWeek (or what is name is). Such as XorEncryption.

I never understood the aspect of spoofing packet. What is spoofing?

[Spodi]

Problem with that is it only obfuscates you from reading what it is. Lets say you have a movement packet:

ASDF1

And you encrypt it:

1XZ>:

Every time, it still will appear:

1XZ>:

So encryption with a constant key hardly stops any hackers except for making it harder to figure out what it does.

For packet spoofing, you can tell the server any packet you want at any speed you want, which is why you have to have server-side checks for every request the client can make.

[William]

Okay, but it is still some improvement by it.