[C++/Py] HackFix Security: Server Crash & Flood Protection System

[Grafik3r]

HackFix Security: Server Crash & Flood Protection System

Hello everyone, I have recently conducted a comprehensive security study against "Core Down" (server crashes) and connection attacks experienced by many servers. (I would also like to thank other developers whose topics I've utilized). The primary goal of this system is to block abnormal packet traffic and exploit attempts that strain the server, without disrupting the natural player experience.

Key Features of the System
The system is built upon 6 main shields: Buffer, Client, Flood, Item, Login, and Packet. You can toggle these features on or off at any time via security_manager.h.

Smart Login Protection: Integrated dynamic IP blocking for incorrect password attempts and flood attacks on the login screen. (During my personal tests, I confirmed that IP bans are triggered by failed password attempts).

Buffer & Packet Security: Prevents malformed packets and excessive data transmission aimed at crashing the server.

Automation (Control.py): Thanks to the included Python script, you can automatically set up BANIP paths and firewall configurations without manual effort.

Updates and Other Protections
I did not include "Anti-Cheat" (Speed Hack, etc.) mechanisms in this post because I provided them in detail with their limits in my previous topic. The only missing element from that system—the issue where "the opponent falls in PvP even without a hit"—has been resolved in this version; a 3-second stun mechanism now triggers in such cases.

Access Anti-Cheat topic here: [M2HackFIX ServerSide] hack-fix-server-side-the-metin2-cheat-ending-t5991.html

Testing and Feedback
I have tried to keep the limits as flexible as possible, but every server has different player traffic. You can customize the system according to your own structure. Please conduct tests (excluding Login) and share your positive or negative experiences under this thread so we can make the system more stable together.

Enjoy using it, I look forward to your comments!

Login Pack Test:
#define SEC_LOGIN_MAX_FAILS 15 // Along with other mechanics, after 7 attempts, the IP is banned in for 20 seconds.
#define SEC_LOGIN_FAIL_WINDOW 600
#define SEC_LOGIN_BAN_DURATION 20

Conținut: Ascuns

Reacționează la acest mesaj și conținutul se va afișa automat.