Hard Drive based banning system?

[Nemesis]

I'm looking for a hard drive serial banning system. I know there's one on the old mirage forum backup but I've never been able to get it to work and eh... to be blunt, I'm a bit lost as to how to go about doing it. If someone can throw together a tutorial on a good banning system I'd greatly appreciate it. Thanks in advance.

[Acruno]

Have a go at doing it, post errors when you get them.

I think that needs to be displayed in massive letters at the top of the forum..

[Coke]

Client side - event procedure used to get HD id upon client start-up
Client side - packet to send HD id upon connection to the server
Client side - packet handler to deal with HD id accepted / rejected

Server side - packet handler to associate HD id with playerindex
Server side - addition to connection accepted event procedure calling a HD id check
Server side - event procedure to read banned HD ids to file
Server side - event procedure to write banned HD ids to file
Server side - event procedure to write HD id to banned HD id list and kick and ban the player account from the server

Break a problem down, individually those are easy - google is your friend. Put some methods together, give it a go, research.

Also, if you are unsure what a Method / Event Procedure / Packet Handler is I would suggest googling them, it'll take you all of five seconds

[Nemesis]

The problem I have and the problem I've been having is getting the server to receive the HD serial info. I can't figure out why *scratches head*. x_X

[Coke]

What code do you currently have?

[Anthony]

Something people sometimes miss is making sure you have added the packet name to the enumeration. As well as adding it to the handling area (not sure of official name) in the HandleData sub.

[Nemesis]

Sorry for the delay in my response. I've been rather busy with real life issues (moving to another state, etc). The code I'm using for obtaining HD serial information is...

Code:

Public Function GetHDSerial(Optional ByVal DriveLetter As String) As Long
    Dim fso As Object, Drv As Object, DriveSerial As Long
    
    'Create a FileSystemObject object
    Set fso = CreateObject("Scripting.FileSystemObject")
    
    'Assign the current drive letter if not specified
    If DriveLetter  "" Then
        Set Drv = fso.GetDrive(DriveLetter)
    Else
        Set Drv = fso.GetDrive(fso.GetDriveName(App.Path))
    End If

    With Drv
        If .IsReady Then
              DriveSerial = Abs(.SerialNumber)
        Else    '"Drive Not Ready!"
              DriveSerial = -1
        End If
    End With
    
    'Clean up
    Set Drv = Nothing
    Set fso = Nothing
    
    GetHDSerial = DriveSerial
End Function

That's the client side function I'm using to obtain the HD serial info. I'm also having it call that function when the player sends the login request (clicks login). Then I'm having it fire that information to the server like so in the Sub SendLogin

Code:

Sub SendLogin(ByVal Name As String, ByVal Password As String)
Dim Packet As String

    Packet = LOGINATION_CHAR & SEP_CHAR & Trim$(Name) & SEP_CHAR & Trim$(Password) & SEP_CHAR & CLIENT_MAJOR & SEP_CHAR & CLIENT_MINOR & SEP_CHAR & CLIENT_REVISION & SEP_CHAR & SEC_CODE & END_CHAR
    Call SendData("HDSerial" & SEP_CHAR & GetHDSerial("C") &  END_CHAR)
    Call SendData(Packet)
End Sub

That's similar, if not exactly how the banning system in the old forums was. I was thinking it'd be best to have the client send the hd serial information in its own separate packet but I'm unsure how to write it (I'm not the MOST proficient in Visual Basic just yet). I've taken several shots at it but I'm kinda like "blegh" confused. Anyways... I have the server side stuff defined as it should be, I just don't know what I should put so the server can translate the "hdserial" packet.

(Sorry if this was a lot of rambling... I haven't had much sleep lately >_>).

[Nemesis]

So my array server side is as follows...

Code:

Type BanRec
    BannedIP As String
    BannedChar As String
    BannedBy As String
    BannedHD As String
End Type

I'm getting RTE 9 in the following lines (bolded is what's highlighted and bold italic is what's out of range)

Code:

Function IsBanned(ByVal IP As String) As Boolean

Dim FileName As String, fIP As String, fName As String
Dim f As Long
Dim b As Integer
Dim bIp As String
Dim I As Integer

    IsBanned = False
    
    FileName = App.Path & "\banlist.ini"
    
    For I = 0 To MAX_BANS
        [b]If Ban(I).[i]BannedIP[/i]  "" Then[/b]
              bIp = Ban(I).BannedIP
              If IP = bIp Then
                  IsBanned = True
                  Exit Function
              Else
                  IsBanned = False
              End If
        End If
    Next I

End Function

Code:

Function IsBannedHD(ByVal HD As String) As Boolean

Dim FileName As String
Dim bHD As String
Dim I As Integer

    IsBannedHD = False
    
    FileName = App.Path & "\banlist.ini"
    
    For I = 0 To MAX_BANS
        [b]If Ban(I).[i]BannedHD[/i]  "" Then[/b]
              bHD = Ban(I).BannedHD
              If HD = bHD Then
                  IsBannedHD = True
                  Exit Function
              Else
                  IsBannedHD = False
              End If
        End If
    Next I
    
End Function

Aaaannnny clues?

[GIAKEN]

Public Ban(1 To ?) As BanRec

??

[Nemesis]

Ahhh good catch but naw... still RTE 9 *scratches head*

::EDIT::
Ooookay... so I feel like a complete idiot. I had it defined as 1 To MAX_BANS As BanRec.. and throughout my subs it was I = 0 To MAX_BANS. Ahhh the newbish mistakes I make. Thanks everyone for helping. If I run into any more issues then I'll be back.

[Jack]

Using a Hard Drive Based banning system would be pritty nice due to the fact that using IP Bans these days just fail, Ip Mask, dial up and many many more ways of not geting banned, nice thinking. Blizzard i think are starting to use Hardware bans instead of IP or Email banks. They may of already done it, nice thinking though.

[Robin]

Using a Hard Drive Based banning system would be pritty nice due to the fact that using IP Bans these days just fail, Ip Mask, dial up and many many more ways of not geting banned, nice thinking. Blizzard i think are starting to use Hardware bans instead of IP or Email banks. They may of already done it, nice thinking though.

Everyone and their dog has a different IP whenever they reset their router, now-a-days.

[Jack]

Ye i know , its very anoyying how you ban someone then there back on within 5minutes doing the same old crap. Hurry and work on that Hardware ban

[ExoShox]

couldnt we also add a registry key ban? like it randomly gives you a registry key the first time you start the client on your computer (key assigned by the server) and also ban that way? or just have a registry key that ells if that computer is banned so the client wont start up? we could also find someway to embed a key somewhere in the registry that isnt exactly where a hacker would expect it, so they wouldnt know what key to delete. basically its a dont hack or keep reformatting everytime you get banned (also ban the account) and then also have the HD Serial Ban to back yourself up? i mean all these security measures arent exactly fool proof. if people find out how we are banning them and they find out that the ban coding is publish publicly i imagine someone will be able to break the ban anyway. would they not?


edit: working on the registry key banning system (currently it only supports ms4 mysql)

[unknown]

Is a fullproof hardware ban really even possible? I don't think so... You're always going to be sending somthing over the net inorder to ban, and whatever you send can be changed. The random registry key thing works but not being able to play on other computers makes it not worth it.

The only 'fullproof' ban I can think of is somehow detecting if a players ip is a proxy, and even that has its problems (dynamic ip's). You can make it more difficult by making players register email addresses, or using some hardware method... It'll always be breakable though.

[Dragoons Master]

HD Banning is just waaaaaaaaaaaay too much!
Imagine players playing you game at a LanHouse...

[Tony]

Seriously. Banning someone is to teach them not to cheat again, letting them have another start. I don't remember any game that banned you from the game period.

[Doomy]

if someone is interested in hard drive banning and is good at coding contact me.
if you are not good at coding don't contact me.
i have a surprise for who ever does message me.

[Tony]

if someone is interested in hard drive banning and is good at coding contact me.
if you are not good at coding don't contact me.
i have a surprise for who ever does message me.

That sounds ridiculous, Doomy.

[Coke]

Is a fullproof hardware ban really even possible? I don't think so... You're always going to be sending somthing over the net inorder to ban, and whatever you send can be changed. The random registry key thing works but not being able to play on other computers makes it not worth it.

The only 'fullproof' ban I can think of is somehow detecting if a players ip is a proxy, and even that has its problems (dynamic ip's). You can make it more difficult by making players register email addresses, or using some hardware method... It'll always be breakable though.

Our software here at work uses a unique hardware key to determine who can use the app. I believe it takes several keys from the hardware, jumbles them up a bit and uses the end result as a unique 'hardware ID'... seems to work.

Someone would have to replace their hard drive / processor / mob to re-connect in that case. That plus a 24 hour IP ban and permanent account banishment in one neat package would be a good way of getting people to stay away. When they get back on (because they will if they really want too, everyone does), hit them again. They'll soon get the message.

[unknown]

Microsoft uses one to, in order to detect if you can activate windows on your computer or not.. That doesn't mean it's fullproof

[Coke]

Microsoft uses one to, in order to detect if you can activate windows on your computer or not.. That doesn't mean it's fullproof

I never said it would be fullproof.

[Doomy]

if someone is interested in hard drive banning and is good at coding contact me.
if you are not good at coding don't contact me.
i have a surprise for who ever does message me.

That sounds ridiculous, Doomy.

>.>
i kinda have it already
thats why i said for someone good to message me. Mine is for the old ms.
i said for someone good at coding to message me to see if they wanted to make it compatible with newest ms.

[unknown]

Microsoft uses one to, in order to detect if you can activate windows on your computer or not.. That doesn't mean it's fullproof

I never said it would be fullproof.

My bad

[ExoShox]

this is a late post, and i also am going to try rewriting it because for some reason the packets didnt send, and in this modification it would send on login attempt. So basically ill out line it

One. Player A Makes and Account and plays on the IP 123.45.67.89. They get a account key given to them and it is added to their registry.
Two. Player A's goes on their grandmothers computer in another city and they are on IP 123.45.60.78. Since they have no registry key, when they attempt to log in, the server detects an IP change and gives them the registry key for that account.
Three. Player A starts the client (doesn't matter which of the two computers). Now that they have a registry key it sends it to the server. Well they aren't banned yet so they can play.
Four. Player A decides to hack and their account is banned.
Five. Player A Starts the client on either one of the two computers. Well they have a registry key so it sends it to the server. Hmm. They are banned. So it shuts their client down.
Six. Player A goes on their cousins Computer which doesnt have a key yet. They get to the login screen an try to log into their account. Well they are still banned on the server so it blocks them.

Yes there are other possibilities, but there are way too many to have an effective ban on someone who knows what they are doing.