[MUD-Dev] TECH: Trusting Network Clients

[Benjamin Tolputt]

Damon Baker wrote:
> Fox McCloud <Fox_McCloud at gmx.net> wrote:

>> I lately started planning a graphical MUD and I hope it would
>> work so far. But I came across the question to trust the client
>> data or not. Of course it would be secure if the server just does
>> *everything* but I think this would afford a tremendously server
>> power. Well otherwise people could manipulate the data easily, so
>> where's the border line, what data should you allow the client to
>> process? Any reommendations?

> I'm working on something similiar, trying to use a pseudo random
> system to make it easier to keep up with things, so that if a
> character suddenly starts generating a bunch of numbers that don't
> match up with the server's idea of what they should be doing, they
> get banned (so like even if they had hacked a client to make them
> do a reasonable but still elevated ammount of damage with a
> weapon, I'd be able to know that they just weren't having a lucky
> day.) and making the clients mutually check each other in various
> ways. Right now it's still early testing stages and I'm sure
> people will find ways of causeing mischief but I think the idea is
> worth investigating further.

I'd actually like to point out that this is already being done by a
game known as first-person shooter - Serious Sam (developed by
Croteam). It has it's uses (such as decent client-side simulation),
but has a habit of dying badly when the network latency get's heavy
(due to mismatched random-seed checks/synchronisations).



_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev