so basically, i wanna search for a way to detect bot users / any clientless tools, in my server via my proxy, i heared there was a way to do it with something to do with the svr locale, if anybody got another way or he could help, please share.
detecting botters, clientless tools
10/18/2016 17:33
Isoline*#1
10/19/2016 05:17
silkroadbotter#2
I'd like to know this too..
10/19/2016 15:29
sokpuppet#3
you cant detect them, who told u that lol
unless is outdated
unless is outdated
10/19/2016 16:00
florian0#4
Just break the blowfish encryption, packet counter or crc. No packet-based tools will work for you server that way.
Since you're using a proxy already, you can build a seamless fallback to the "old" algorithm and detect all tools this way.
Since you're using a proxy already, you can build a seamless fallback to the "old" algorithm and detect all tools this way.
10/19/2016 23:00
Isoline*#5
can you explain why so? ellaborate a wee bit.Quote:
Just break the blowfish encryption, packet counter or crc. No packet-based tools will work for you server that way.
Since you're using a proxy already, you can build a seamless fallback to the "old" algorithm and detect all tools this way.
10/20/2016 07:45
florian0#6
Broken encryption/counter/crc = broken handshake and/or broken packetflow = no connection possible. Change it on both, server and client-side, and it will work again while most clientless-tools and/or bots will fail to perform a valid handshake since these are using the now "outdated" encryption/counter/crc values.
To this point many, maybe all packet-based tools for sro will not work. Now add a fallback-mode. If the "new" handshake fails, try again with the old handshake. The tools will work again, but you can log anyone who uses the old handshake. These are obviously people who are not using (only) your client to connect ...
Sounds easier than it is. You also have to add the fallback on both, client and server to make non-clientless-tools work again. But in case you just want to lock out all the bots, just change something among the encryption.
To this point many, maybe all packet-based tools for sro will not work. Now add a fallback-mode. If the "new" handshake fails, try again with the old handshake. The tools will work again, but you can log anyone who uses the old handshake. These are obviously people who are not using (only) your client to connect ...
Sounds easier than it is. You also have to add the fallback on both, client and server to make non-clientless-tools work again. But in case you just want to lock out all the bots, just change something among the encryption.