[hlds] Halloween Update Question
Does anyone have a web link that explains the details of the 2011 Halloween update other than Valve's generic advertising pages? Valve did not do a good job detailing this update for server operators or users, and people are confused on how the update actually works. One of the main questions I have is how many people must to be in a server before drops work. I can't find anything online from Valve that clarifies this and I have a community of people looking for the answer. I've heard rumors it's 10, but I'd love to know this for sure because drops are no longer since the player count fell after Halloween. I just want to make sure something else isn't broken with the server because people are no longer joining it since the drops no longer seem to be working. And yes, I already restarted the server several times and it always worked fine before Halloween. After Halloween, no more drops and almost no one is connecting. Maybe people are just done playing now that Halloween is over? Thanks in advance - Mike _ From: Team BOOM! [mailto:teamb...@comcast.net] Sent: Sunday, October 30, 2011 6:15 PM To: 'Half-Life dedicated Win32 server mailing list' Subject: RE: [hlds] TF2 registered servers: check for rogue '=' in theconvarsettings Thanks so much James, that was exactly what I was looking for. Have a great weekend. _ From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of James Botting Sent: Sunday, October 30, 2011 6:01 PM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] TF2 registered servers: check for rogue '=' in theconvarsettings What he means is an equals sign being used to assign the steamed to a cvar. Like a variable tf_server_identity_token = lallaalalalL WRONG tf_server_identity_token lallaalalalL CORRECT Hope that helps. On 31 Oct 2011, at 00:50, Team BOOM! teamb...@comcast.net wrote: I'm sorry fellas, I know this has been discussed already but I'm still not clear on the convar syntax with the = sign. I have 7 registered TF2 servers. Some have an = sign inside the quoted identity section of the convar and some do not. My problem is I don't know where the = Fletch is talking about actually belongs within the convar line. Below is the convar from one of the servers I run. Note there is no = sign anywhere in the line yet the drops are working fine using on this server. tf_server_identity_token BeH_VJ$T6sgn Do I need to add an = sign somewhere to this line for some reason? If so, can you reply with an example of what the line should look like with the = in the line? Thanks in advance and sorry for my confusion. _ From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Fletcher Dunn Sent: Friday, October 28, 2011 1:38 PM To: Half-Life dedicated Linux server mailing list; Half-Life dedicated Win32 server mailing list Subject: [hlds] TF2 registered servers: check for rogue '=' in the convarsettings If your server is not getting Halloween drops, check if your config file has an '=' in the lines to set the registration convars. Also, make sure you put the identity token in quotes. If you have these two problems, you probably (quite reasonably) cut and paste the two config file lines from the client console when you registered your server. That output erroneously had the ='s in them, and did not quote the identity token. We fixed the output soon after we shipped the registered server feature, which explains why a lot of people not getting the drops are also saying that they have been registered for a long time. In case that does not fix the problem, the next update will provide more verbose logging so such errors will not go undetected for so long. Your humble servant, Fletch ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Halloween Update Question
I'd say check the TF2 wiki. That's where I found this: http://wiki.teamfortress.com/wiki/Eyeaduct 5th paragraph shows what you are asking about. Hope this helps From: teamb...@comcast.net To: hlds@list.valvesoftware.com Date: Wed, 2 Nov 2011 09:03:31 -0700 Subject: [hlds] Halloween Update Question Does anyone have a web link that explains the details of the 2011 Halloween update other than Valve’s generic advertising pages? Valve did not do a good job detailing this update for server operators or users, and people are confused on how the update actually works. One of the main questions I have is how many people must to be in a server before drops work. I can’t find anything online from Valve that clarifies this and I have a community of people looking for the answer. I’ve heard rumors it’s 10, but I’d love to know this for sure because drops are no longer since the player count fell after Halloween. I just want to make sure something else isn’t broken with the server because people are no longer joining it since the drops no longer seem to be working. And yes, I already restarted the server several times and it always worked fine before Halloween. After Halloween, no more drops and almost no one is connecting. Maybe people are just done playing now that Halloween is over? Thanks in advance - Mike From: Team BOOM! [mailto:teamb...@comcast.net] Sent: Sunday, October 30, 2011 6:15 PM To: 'Half-Life dedicated Win32 server mailing list' Subject: RE: [hlds] TF2 registered servers: check for rogue '=' in theconvarsettings Thanks so much James, that was exactly what I was looking for. Have a great weekend. From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of James Botting Sent: Sunday, October 30, 2011 6:01 PM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] TF2 registered servers: check for rogue '=' in theconvarsettings What he means is an equals sign being used to assign the steamed to a cvar. Like a variable tf_server_identity_token = lallaalalalL WRONG tf_server_identity_token lallaalalalL CORRECT Hope that helps. On 31 Oct 2011, at 00:50, Team BOOM! teamb...@comcast.net wrote: I’m sorry fellas, I know this has been discussed already but I’m still not clear on the convar syntax with the “=” sign. I have 7 registered TF2 servers. Some have an = sign inside the quoted identity section of the convar and some do not. My problem is I don’t know where the “=” Fletch is talking about actually belongs within the convar line. Below is the convar from one of the servers I run. Note there is no “=” sign anywhere in the line yet the drops are working fine using on this server. tf_server_identity_token BeH_VJ$T6sgn Do I need to add an = sign somewhere to this line for some reason? If so, can you reply with an example of what the line should look like with the “=” in the line? Thanks in advance and sorry for my confusion. From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Fletcher Dunn Sent: Friday, October 28, 2011 1:38 PM To: Half-Life dedicated Linux server mailing list; Half-Life dedicated Win32 server mailing list Subject: [hlds] TF2 registered servers: check for rogue '=' in the convarsettings If your server is not getting Halloween drops, check if your config file has an '=' in the lines to set the registration convars. Also, make sure you put the identity token in quotes. If you have these two problems, you probably (quite reasonably) cut and paste the two config file lines from the client console when you registered your server. That output erroneously had the ='s in them, and did not quote the identity token. We fixed the output soon after we shipped the registered server feature, which explains why a lot of people not getting the drops are also saying that they have been registered for a long time. In case that does not fix the problem, the next update will provide more verbose logging so such errors will not go undetected for so long. Your humble servant, Fletch ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Halloween Update Question
Beautiful Steve! Thanks! _ From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Steve Kovack Sr. Sent: Wednesday, November 02, 2011 9:27 AM To: hlds list Subject: Re: [hlds] Halloween Update Question I'd say check the TF2 wiki. That's where I found this: http://wiki.teamfortress.com/wiki/Eyeaduct 5th paragraph shows what you are asking about. Hope this helps _ From: teamb...@comcast.net To: hlds@list.valvesoftware.com Date: Wed, 2 Nov 2011 09:03:31 -0700 Subject: [hlds] Halloween Update Question Does anyone have a web link that explains the details of the 2011 Halloween update other than Valve's generic advertising pages? Valve did not do a good job detailing this update for server operators or users, and people are confused on how the update actually works. One of the main questions I have is how many people must to be in a server before drops work. I can't find anything online from Valve that clarifies this and I have a community of people looking for the answer. I've heard rumors it's 10, but I'd love to know this for sure because drops are no longer since the player count fell after Halloween. I just want to make sure something else isn't broken with the server because people are no longer joining it since the drops no longer seem to be working. And yes, I already restarted the server several times and it always worked fine before Halloween. After Halloween, no more drops and almost no one is connecting. Maybe people are just done playing now that Halloween is over? Thanks in advance - Mike _ From: Team BOOM! [mailto:teamb...@comcast.net] Sent: Sunday, October 30, 2011 6:15 PM To: 'Half-Life dedicated Win32 server mailing list' Subject: RE: [hlds] TF2 registered servers: check for rogue '=' in theconvarsettings Thanks so much James, that was exactly what I was looking for. Have a great weekend. _ From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of James Botting Sent: Sunday, October 30, 2011 6:01 PM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] TF2 registered servers: check for rogue '=' in theconvarsettings What he means is an equals sign being used to assign the steamed to a cvar. Like a variable tf_server_identity_token = lallaalalalL WRONG tf_server_identity_token lallaalalalL CORRECT Hope that helps. On 31 Oct 2011, at 00:50, Team BOOM! teamb...@comcast.net wrote: I'm sorry fellas, I know this has been discussed already but I'm still not clear on the convar syntax with the = sign. I have 7 registered TF2 servers. Some have an = sign inside the quoted identity section of the convar and some do not. My problem is I don't know where the = Fletch is talking about actually belongs within the convar line. Below is the convar from one of the servers I run. Note there is no = sign anywhere in the line yet the drops are working fine using on this server. tf_server_identity_token BeH_VJ$T6sgn Do I need to add an = sign somewhere to this line for some reason? If so, can you reply with an example of what the line should look like with the = in the line? Thanks in advance and sorry for my confusion. _ From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Fletcher Dunn Sent: Friday, October 28, 2011 1:38 PM To: Half-Life dedicated Linux server mailing list; Half-Life dedicated Win32 server mailing list Subject: [hlds] TF2 registered servers: check for rogue '=' in the convarsettings If your server is not getting Halloween drops, check if your config file has an '=' in the lines to set the registration convars. Also, make sure you put the identity token in quotes. If you have these two problems, you probably (quite reasonably) cut and paste the two config file lines from the client console when you registered your server. That output erroneously had the ='s in them, and did not quote the identity token. We fixed the output soon after we shipped the registered server feature, which explains why a lot of people not getting the drops are also saying that they have been registered for a long time. In case that does not fix the problem, the next update will provide more verbose logging so such errors will not go undetected for so long. Your humble servant, Fletch ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit:
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
This is a problem we're obviously aware of. It's definitely not that we don't care. However, it is essentially an arms race that is provably unwinnable by Valve. Furthermore, any change we make in the name of security will almost certainly cause a disruption of legitimate service, due to bugs on our part, or usage cases we're just not aware of. It is a classic conflict between security and accessibility. Hopefully those two reasons help explain our reluctance to address these sorts of problems through technology. They will create an ongoing arms race, in which we can possibly limit this activity and make it harder, but probably never eliminate it completely. Furthermore, this benefit comes at a cost of taking resources away from adding features and fixing bugs, and also disrupting legitimate users. When we can do simple and safe things to make it harder to do these sorts of things, we will. We have some protocol changes that will make it harder to do this sort of spoofing, which have been beta tested for some time now. We'll be rolling those out in the next couple of months. Crowdsourcing using the abuse reports helps us stay out of the arms race, and it's the safest and simplest way to deal with this problem and many others like it. Your humble servant, Fletch -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Mart-Jan Reeuwijk Sent: Wednesday, November 02, 2011 5:39 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images there is some italian group that does that. they have dozens maybe even in the hundred of servers in server list, but all get redirected to 1 server. and those server report a variety of maps played, names in server lists etc. you click info, refresh, says for example dustbowl, and then join, get redirected to their server, with bots, and another map then advertized in the server info. Its damn annoying. And indeed, they change IP's a lot, to evade blacklisting. From: daniel jokiaho daniel.joki...@gmail.com To: Half-Life dedicated Linux server mailing list hlds_li...@list.valvesoftware.com Sent: Wednesday, 2 November 2011, 7:27 Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images what about servers on different ips and port that have exactly the same players. I join server x. U join server y. And still we play against or with each other :-( On 2 Nov 2011 06:53, msleeper mslee...@ismsleeperwrong.com wrote: Are you sure they're not just adding more servers? Changing IPs is a server playerbase suicide as anyone who had it bookmarked won't be able to find it again. I suppose they could use those servers for redirects, but in theory that would get those IPs blacklisted pretty fast if Valve's scoring/reputation system is still in effect. On Wed, Nov 2, 2011 at 1:42 AM, Jesse Porter reacherg...@gmail.com wrote: The problem with blacklisting these servers is that they seem to show up a few weeks later with a new batch of ip addresses. Can't blacklist them effectively when they do that. On Nov 1, 2011 7:40 PM, Robert Paulson thepauls...@gmail.com wrote: It is very rude of you to repeatedly spam the mailing list to pressure Valve into doing whatever you want instead of working on crashes and content. Valve has already put in a huge effort making these servers less prominent. - Blacklist - Quickplay - Reputation It isn't perfect but blacklisting takes care of the servers you don't like once you've spotted them. Quickplay and reputation filter most of the ones you haven't spotted yet. No one I know has any problems finding a server full of real players. Everyone I know just blacklists and move on. Server IPs do not change often since it costs money to buy new ones and you need proper ARIN justification to get more due to the IPV4 shortage. The fact that you are on here spamming about it as though TF2 is going to die out next week makes me think that you are struggling with your own server rather than being a concerned player. I also hate the big pay-to-win servers with fake clients, but it would be a mistake for Valve to just de-list them, wrongly assuming no one really wants to play there. I have a friend who wouldn't be playing TF2 if they didn't exist and has bought hundreds of dollars worth of Mann Co keys. And from what he tells me he isn't the only one. Yes he knows there are bots. The cloaked bots appeal to him for the same reason Valve decided not to name bots bot1, bot2, bot3 and to have them taunt randomly. These servers still exist not because of a fake player plugin but because, as much as it pains us to believe, some players actually prefer them. No one here is enthusiastic about having
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
Fletcher - Is there someone we can report blatantly, aggressively abusive servers to in an attempt to escalate the worst offenders to human intervention? I don't think any of us here are expecting a flawless programmatic solution to the issue of Bad Servers, nor would we expect Valve staff to spend paid manhours joining and checking servers instead of working on much more important tasks, but as someone else said, the 1% worst offenders are too big to fail and seem to be falling through the cracks in your automated systems. The reporting tool sounds like a great solution, but my immediate concern is that it might not pan out like you (and us server ops) are hoping since the vast majority of players probably aren't even aware of such problems. On Wed, Nov 2, 2011 at 2:50 PM, Fletcher Dunn fletch...@valvesoftware.com wrote: This is a problem we're obviously aware of. It's definitely not that we don't care. However, it is essentially an arms race that is provably unwinnable by Valve. Furthermore, any change we make in the name of security will almost certainly cause a disruption of legitimate service, due to bugs on our part, or usage cases we're just not aware of. It is a classic conflict between security and accessibility. Hopefully those two reasons help explain our reluctance to address these sorts of problems through technology. They will create an ongoing arms race, in which we can possibly limit this activity and make it harder, but probably never eliminate it completely. Furthermore, this benefit comes at a cost of taking resources away from adding features and fixing bugs, and also disrupting legitimate users. When we can do simple and safe things to make it harder to do these sorts of things, we will. We have some protocol changes that will make it harder to do this sort of spoofing, which have been beta tested for some time now. We'll be rolling those out in the next couple of months. Crowdsourcing using the abuse reports helps us stay out of the arms race, and it's the safest and simplest way to deal with this problem and many others like it. Your humble servant, Fletch -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Mart-Jan Reeuwijk Sent: Wednesday, November 02, 2011 5:39 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images there is some italian group that does that. they have dozens maybe even in the hundred of servers in server list, but all get redirected to 1 server. and those server report a variety of maps played, names in server lists etc. you click info, refresh, says for example dustbowl, and then join, get redirected to their server, with bots, and another map then advertized in the server info. Its damn annoying. And indeed, they change IP's a lot, to evade blacklisting. From: daniel jokiaho daniel.joki...@gmail.com To: Half-Life dedicated Linux server mailing list hlds_li...@list.valvesoftware.com Sent: Wednesday, 2 November 2011, 7:27 Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images what about servers on different ips and port that have exactly the same players. I join server x. U join server y. And still we play against or with each other :-( On 2 Nov 2011 06:53, msleeper mslee...@ismsleeperwrong.com wrote: Are you sure they're not just adding more servers? Changing IPs is a server playerbase suicide as anyone who had it bookmarked won't be able to find it again. I suppose they could use those servers for redirects, but in theory that would get those IPs blacklisted pretty fast if Valve's scoring/reputation system is still in effect. On Wed, Nov 2, 2011 at 1:42 AM, Jesse Porter reacherg...@gmail.com wrote: The problem with blacklisting these servers is that they seem to show up a few weeks later with a new batch of ip addresses. Can't blacklist them effectively when they do that. On Nov 1, 2011 7:40 PM, Robert Paulson thepauls...@gmail.com wrote: It is very rude of you to repeatedly spam the mailing list to pressure Valve into doing whatever you want instead of working on crashes and content. Valve has already put in a huge effort making these servers less prominent. - Blacklist - Quickplay - Reputation It isn't perfect but blacklisting takes care of the servers you don't like once you've spotted them. Quickplay and reputation filter most of the ones you haven't spotted yet. No one I know has any problems finding a server full of real players. Everyone I know just blacklists and move on. Server IPs do not change often since it costs money to buy new ones and you need proper ARIN justification to get more due to the IPV4 shortage. The fact that you are on here spamming about
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
This would be nice, yes. On 11/2/2011 3:45 PM, msleeper wrote: Fletcher - Is there someone we can report blatantly, aggressively abusive servers to in an attempt to escalate the worst offenders to human intervention? I don't think any of us here are expecting a flawless programmatic solution to the issue of Bad Servers, nor would we expect Valve staff to spend paid manhours joining and checking servers instead of working on much more important tasks, but as someone else said, the 1% worst offenders are too big to fail and seem to be falling through the cracks in your automated systems. The reporting tool sounds like a great solution, but my immediate concern is that it might not pan out like you (and us server ops) are hoping since the vast majority of players probably aren't even aware of such problems. On Wed, Nov 2, 2011 at 2:50 PM, Fletcher Dunn fletch...@valvesoftware.com wrote: This is a problem we're obviously aware of. It's definitely not that we don't care. However, it is essentially an arms race that is provably unwinnable by Valve. Furthermore, any change we make in the name of security will almost certainly cause a disruption of legitimate service, due to bugs on our part, or usage cases we're just not aware of. It is a classic conflict between security and accessibility. Hopefully those two reasons help explain our reluctance to address these sorts of problems through technology. They will create an ongoing arms race, in which we can possibly limit this activity and make it harder, but probably never eliminate it completely. Furthermore, this benefit comes at a cost of taking resources away from adding features and fixing bugs, and also disrupting legitimate users. When we can do simple and safe things to make it harder to do these sorts of things, we will. We have some protocol changes that will make it harder to do this sort of spoofing, which have been beta tested for some time now. We'll be rolling those out in the next couple of months. Crowdsourcing using the abuse reports helps us stay out of the arms race, and it's the safest and simplest way to deal with this problem and many others like it. Your humble servant, Fletch -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Mart-Jan Reeuwijk Sent: Wednesday, November 02, 2011 5:39 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images there is some italian group that does that. they have dozens maybe even in the hundred of servers in server list, but all get redirected to 1 server. and those server report a variety of maps played, names in server lists etc. you click info, refresh, says for example dustbowl, and then join, get redirected to their server, with bots, and another map then advertized in the server info. Its damn annoying. And indeed, they change IP's a lot, to evade blacklisting. From: daniel jokiahodaniel.joki...@gmail.com To: Half-Life dedicated Linux server mailing listhlds_li...@list.valvesoftware.com Sent: Wednesday, 2 November 2011, 7:27 Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images what about servers on different ips and port that have exactly the same players. I join server x. U join server y. And still we play against or with each other :-( On 2 Nov 2011 06:53, msleepermslee...@ismsleeperwrong.com wrote: Are you sure they're not just adding more servers? Changing IPs is a server playerbase suicide as anyone who had it bookmarked won't be able to find it again. I suppose they could use those servers for redirects, but in theory that would get those IPs blacklisted pretty fast if Valve's scoring/reputation system is still in effect. On Wed, Nov 2, 2011 at 1:42 AM, Jesse Porterreacherg...@gmail.com wrote: The problem with blacklisting these servers is that they seem to show up a few weeks later with a new batch of ip addresses. Can't blacklist them effectively when they do that. On Nov 1, 2011 7:40 PM, Robert Paulsonthepauls...@gmail.com wrote: It is very rude of you to repeatedly spam the mailing list to pressure Valve into doing whatever you want instead of working on crashes and content. Valve has already put in a huge effort making these servers less prominent. - Blacklist - Quickplay - Reputation It isn't perfect but blacklisting takes care of the servers you don't like once you've spotted them. Quickplay and reputation filter most of the ones you haven't spotted yet. No one I know has any problems finding a server full of real players. Everyone I know just blacklists and move on. Server IPs do not change often since it costs money to buy new ones and you need proper ARIN justification to get more due to the IPV4 shortage. The fact that you are on here spamming about it as though
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
The abuse reporting system has only been live a total of 4 days. Give it some time. There are no plans to give any (non-Valve) entity any special route to get their claims of abuse escalated more quickly. There are still simple things we can do to increase player awareness of this functionality, and we are working on them. Give it a couple of weeks or so. We'll see how much data we get back from players, and how effective the system is at curbing these sorts of problems. Your humble servant, Fletch -Original Message- From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of msleeper Sent: Wednesday, November 02, 2011 12:45 PM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images Fletcher - Is there someone we can report blatantly, aggressively abusive servers to in an attempt to escalate the worst offenders to human intervention? I don't think any of us here are expecting a flawless programmatic solution to the issue of Bad Servers, nor would we expect Valve staff to spend paid manhours joining and checking servers instead of working on much more important tasks, but as someone else said, the 1% worst offenders are too big to fail and seem to be falling through the cracks in your automated systems. The reporting tool sounds like a great solution, but my immediate concern is that it might not pan out like you (and us server ops) are hoping since the vast majority of players probably aren't even aware of such problems. On Wed, Nov 2, 2011 at 2:50 PM, Fletcher Dunn fletch...@valvesoftware.com wrote: This is a problem we're obviously aware of. It's definitely not that we don't care. However, it is essentially an arms race that is provably unwinnable by Valve. Furthermore, any change we make in the name of security will almost certainly cause a disruption of legitimate service, due to bugs on our part, or usage cases we're just not aware of. It is a classic conflict between security and accessibility. Hopefully those two reasons help explain our reluctance to address these sorts of problems through technology. They will create an ongoing arms race, in which we can possibly limit this activity and make it harder, but probably never eliminate it completely. Furthermore, this benefit comes at a cost of taking resources away from adding features and fixing bugs, and also disrupting legitimate users. When we can do simple and safe things to make it harder to do these sorts of things, we will. We have some protocol changes that will make it harder to do this sort of spoofing, which have been beta tested for some time now. We'll be rolling those out in the next couple of months. Crowdsourcing using the abuse reports helps us stay out of the arms race, and it's the safest and simplest way to deal with this problem and many others like it. Your humble servant, Fletch -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Mart-Jan Reeuwijk Sent: Wednesday, November 02, 2011 5:39 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images there is some italian group that does that. they have dozens maybe even in the hundred of servers in server list, but all get redirected to 1 server. and those server report a variety of maps played, names in server lists etc. you click info, refresh, says for example dustbowl, and then join, get redirected to their server, with bots, and another map then advertized in the server info. Its damn annoying. And indeed, they change IP's a lot, to evade blacklisting. From: daniel jokiaho daniel.joki...@gmail.com To: Half-Life dedicated Linux server mailing list hlds_li...@list.valvesoftware.com Sent: Wednesday, 2 November 2011, 7:27 Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images what about servers on different ips and port that have exactly the same players. I join server x. U join server y. And still we play against or with each other :-( On 2 Nov 2011 06:53, msleeper mslee...@ismsleeperwrong.com wrote: Are you sure they're not just adding more servers? Changing IPs is a server playerbase suicide as anyone who had it bookmarked won't be able to find it again. I suppose they could use those servers for redirects, but in theory that would get those IPs blacklisted pretty fast if Valve's scoring/reputation system is still in effect. On Wed, Nov 2, 2011 at 1:42 AM, Jesse Porter reacherg...@gmail.com wrote: The problem with blacklisting these servers is that they seem to show up a few weeks later with a new batch of ip addresses. Can't blacklist them effectively when they do that.
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
Can anyone share some tips on identify those spoof server? There are a few servers I know that's doing it, but they're hiding it so well. it's really hard to tell they're using bots. On Thu, Nov 3, 2011 at 9:24 AM, Fletcher Dunn fletch...@valvesoftware.comwrote: The abuse reporting system has only been live a total of 4 days. Give it some time. There are no plans to give any (non-Valve) entity any special route to get their claims of abuse escalated more quickly. There are still simple things we can do to increase player awareness of this functionality, and we are working on them. Give it a couple of weeks or so. We'll see how much data we get back from players, and how effective the system is at curbing these sorts of problems. Your humble servant, Fletch -Original Message- From: hlds-boun...@list.valvesoftware.com [mailto: hlds-boun...@list.valvesoftware.com] On Behalf Of msleeper Sent: Wednesday, November 02, 2011 12:45 PM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images Fletcher - Is there someone we can report blatantly, aggressively abusive servers to in an attempt to escalate the worst offenders to human intervention? I don't think any of us here are expecting a flawless programmatic solution to the issue of Bad Servers, nor would we expect Valve staff to spend paid manhours joining and checking servers instead of working on much more important tasks, but as someone else said, the 1% worst offenders are too big to fail and seem to be falling through the cracks in your automated systems. The reporting tool sounds like a great solution, but my immediate concern is that it might not pan out like you (and us server ops) are hoping since the vast majority of players probably aren't even aware of such problems. On Wed, Nov 2, 2011 at 2:50 PM, Fletcher Dunn fletch...@valvesoftware.com wrote: This is a problem we're obviously aware of. It's definitely not that we don't care. However, it is essentially an arms race that is provably unwinnable by Valve. Furthermore, any change we make in the name of security will almost certainly cause a disruption of legitimate service, due to bugs on our part, or usage cases we're just not aware of. It is a classic conflict between security and accessibility. Hopefully those two reasons help explain our reluctance to address these sorts of problems through technology. They will create an ongoing arms race, in which we can possibly limit this activity and make it harder, but probably never eliminate it completely. Furthermore, this benefit comes at a cost of taking resources away from adding features and fixing bugs, and also disrupting legitimate users. When we can do simple and safe things to make it harder to do these sorts of things, we will. We have some protocol changes that will make it harder to do this sort of spoofing, which have been beta tested for some time now. We'll be rolling those out in the next couple of months. Crowdsourcing using the abuse reports helps us stay out of the arms race, and it's the safest and simplest way to deal with this problem and many others like it. Your humble servant, Fletch -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Mart-Jan Reeuwijk Sent: Wednesday, November 02, 2011 5:39 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images there is some italian group that does that. they have dozens maybe even in the hundred of servers in server list, but all get redirected to 1 server. and those server report a variety of maps played, names in server lists etc. you click info, refresh, says for example dustbowl, and then join, get redirected to their server, with bots, and another map then advertized in the server info. Its damn annoying. And indeed, they change IP's a lot, to evade blacklisting. From: daniel jokiaho daniel.joki...@gmail.com To: Half-Life dedicated Linux server mailing list hlds_li...@list.valvesoftware.com Sent: Wednesday, 2 November 2011, 7:27 Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images what about servers on different ips and port that have exactly the same players. I join server x. U join server y. And still we play against or with each other :-( On 2 Nov 2011 06:53, msleeper mslee...@ismsleeperwrong.com wrote: Are you sure they're not just adding more servers? Changing IPs is a server playerbase suicide as anyone who had it bookmarked won't be able to find it again. I suppose they could use those servers for redirects, but in theory that would get those IPs blacklisted pretty fast if Valve's
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
That doesn't really work. I don't want to get into the details on this public forum, but I can guarantee that the result of what you describe is that the problem would just be escalated higher, meaning more convincing bots with avatars, with valid steam accounts that are logged into steam, etc. A few weeks (or maybe even a few days) later, we'd have the same problem, only the avatars would be fixed and it would be even harder for a human to recognize them. This is exactly what I meant by an arms race. We would spend all that time, and maybe some people decided it was too much effort for them, but likely many would still continue to do it. The delusion that the problem is trivial or that there is magic bullet is only enabled by ignorance of what people are able to and the lengths they go to do this sort of thing. - Fletch From: John Schoenick [mailto:j...@pointysoftware.net] Sent: Wednesday, November 02, 2011 1:48 PM To: Half-Life dedicated Win32 server mailing list Cc: Rob Liu; Fletcher Dunn Subject: Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images Missing avatars is a big clue. Hit steam overlay - recent players or whatever, if they don't show up there, they're not actually in the server. All steam needs to do is keep clients updated on steamIDs auth'd with a server. TF2 could then just label steamIDs that are being shown on the scoreboard but not present according to steam as bots. It could evenly passively report this discrepancy via the abuse system. It's hardly unwinnable, it just requires adding some more capabilities to steam. Ideally, we'd just get our server lists from there and not trust servers to be honest. - Neph On 11/02/2011 01:42 PM, Rob Liu wrote: Can anyone share some tips on identify those spoof server? There are a few servers I know that's doing it, but they're hiding it so well. it's really hard to tell they're using bots. On Thu, Nov 3, 2011 at 9:24 AM, Fletcher Dunn fletch...@valvesoftware.commailto:fletch...@valvesoftware.com wrote: The abuse reporting system has only been live a total of 4 days. Give it some time. There are no plans to give any (non-Valve) entity any special route to get their claims of abuse escalated more quickly. There are still simple things we can do to increase player awareness of this functionality, and we are working on them. Give it a couple of weeks or so. We'll see how much data we get back from players, and how effective the system is at curbing these sorts of problems. Your humble servant, Fletch -Original Message- From: hlds-boun...@list.valvesoftware.commailto:hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.commailto:hlds-boun...@list.valvesoftware.com] On Behalf Of msleeper Sent: Wednesday, November 02, 2011 12:45 PM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images Fletcher - Is there someone we can report blatantly, aggressively abusive servers to in an attempt to escalate the worst offenders to human intervention? I don't think any of us here are expecting a flawless programmatic solution to the issue of Bad Servers, nor would we expect Valve staff to spend paid manhours joining and checking servers instead of working on much more important tasks, but as someone else said, the 1% worst offenders are too big to fail and seem to be falling through the cracks in your automated systems. The reporting tool sounds like a great solution, but my immediate concern is that it might not pan out like you (and us server ops) are hoping since the vast majority of players probably aren't even aware of such problems. On Wed, Nov 2, 2011 at 2:50 PM, Fletcher Dunn fletch...@valvesoftware.commailto:fletch...@valvesoftware.com wrote: This is a problem we're obviously aware of. It's definitely not that we don't care. However, it is essentially an arms race that is provably unwinnable by Valve. Furthermore, any change we make in the name of security will almost certainly cause a disruption of legitimate service, due to bugs on our part, or usage cases we're just not aware of. It is a classic conflict between security and accessibility. Hopefully those two reasons help explain our reluctance to address these sorts of problems through technology. They will create an ongoing arms race, in which we can possibly limit this activity and make it harder, but probably never eliminate it completely. Furthermore, this benefit comes at a cost of taking resources away from adding features and fixing bugs, and also disrupting legitimate users. When we can do simple and safe things to make it harder to do these sorts of things, we will. We have some protocol changes that will make it harder to do this sort of spoofing, which have been beta tested for some time now. We'll be rolling those out in the next couple
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
Also having the report option on the blacklist this server window that you get if you soon after joining disconnect from the gameserver. It would raise more awareness of the report fuction. That is one of the things we have on the list to help raise awareness and make the feature more accessible. Your humble servant, Fletch ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
[hlds] TF2 Request - Join Steam Group button a'la L4D2
So ics just mentioned this in another thread, and we were talking about this in IRC yesterday (#hlserveradmins on gamesurge, FYI) but I'd like to separate it into a new thread since it's not related to the thread it was posting in: Fletcher / Valve - I think all of us would love some sort of method similar to L4D2 for players on the server to be able to join a set Steam Group from within-game. I'm kind of surprised this hasn't already been done already, but that (and the MOTD server banner) were my 2 favorite things about running L4D / L4D2 servers. I loved that players had instant and direct access to joining the server's steam group, for those players who enjoyed being there and wanted to be apart. Blacklisting and reporting and so on are great for removing bad servers. But it would be awesome if some tools could be added on the other end of the scale, to allow players to add servers they enjoy playing at. There's already the add to favorites pop-up when you leave a server, perhaps add that option there? Or something on the scoreboard when you're in spectator mode? Or the MOTD as well? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] [hlds_linux] TF2 Request - Join Steam Group button a'la L4D2
Sounds like a good idea. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Jeff Sugar Sent: Wednesday, November 02, 2011 2:14 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] TF2 Request - Join Steam Group button a'la L4D2 Great idea. It'd definitely help new servers more easily gain a following and do a better job of integrating users into the communities of their favorite servers. On Nov 2, 2011 2:07 PM, msleeper mslee...@ismsleeperwrong.com wrote: So ics just mentioned this in another thread, and we were talking about this in IRC yesterday (#hlserveradmins on gamesurge, FYI) but I'd like to separate it into a new thread since it's not related to the thread it was posting in: Fletcher / Valve - I think all of us would love some sort of method similar to L4D2 for players on the server to be able to join a set Steam Group from within-game. I'm kind of surprised this hasn't already been done already, but that (and the MOTD server banner) were my 2 favorite things about running L4D / L4D2 servers. I loved that players had instant and direct access to joining the server's steam group, for those players who enjoyed being there and wanted to be apart. Blacklisting and reporting and so on are great for removing bad servers. But it would be awesome if some tools could be added on the other end of the scale, to allow players to add servers they enjoy playing at. There's already the add to favorites pop-up when you leave a server, perhaps add that option there? Or something on the scoreboard when you're in spectator mode? Or the MOTD as well? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
Some problems as a gamer are that its very hard to identify proper humans from bots. But there are someways to detect them which I now list. 1. If someone types on the chat in reply to what someone on mic or chat is saying. 2. Bots do not know how to surf or play on minigames. So if I join those kind of servers I can expect that I am playing with humans 3. If they show up on player list when I shift tab ti steam overlay 4. If I am playing on valve's official server. I know you guys won't lie to me about who is playing. What this means is that it could be possible to use this criteria to prove someone is human on a server, but noone would like to be typing captchas every certain minutes of playing. My gues is that having a list of official servers seperately from the community server could fix this issue. Having clans to properly register and to check them periodically for unwanted software could help this issue. Ie, servers that register for a valve server approval are checked. This along with the report tool could help to tackle this issue. Also, the report tool is quite hidden. I haven't seen it while I am playing. Also, a tag for valve's official servers could be created so users can find these servers on the server browser. it would be penalized for anyone unauthorized use this tag for their servers. These are just my thoughts on the issue, and hopefully this could be of any help. Enviado desde mi oficina móvil BlackBerry® de Telcel -Original Message- From: Fletcher Dunn fletch...@valvesoftware.com Sender: hlds-boun...@list.valvesoftware.com Date: Wed, 2 Nov 2011 21:03:35 To: Half-Life dedicated Linux server mailing listhlds_li...@list.valvesoftware.com Reply-To: Half-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com Cc: Half-Life dedicated Win32 server mailing listhlds@list.valvesoftware.com Subject: Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images Also having the report option on the blacklist this server window that you get if you soon after joining disconnect from the gameserver. It would raise more awareness of the report fuction. That is one of the things we have on the list to help raise awareness and make the feature more accessible. Your humble servant, Fletch ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] [hlds_linux] TF2 Request - Join Steam Group button a'la L4D2
Could be nice with something like the ahref='steam://connect/...'/a thing :) 2011/11/2 Fletcher Dunn fletch...@valvesoftware.com: Sounds like a good idea. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Jeff Sugar Sent: Wednesday, November 02, 2011 2:14 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] TF2 Request - Join Steam Group button a'la L4D2 Great idea. It'd definitely help new servers more easily gain a following and do a better job of integrating users into the communities of their favorite servers. On Nov 2, 2011 2:07 PM, msleeper mslee...@ismsleeperwrong.com wrote: So ics just mentioned this in another thread, and we were talking about this in IRC yesterday (#hlserveradmins on gamesurge, FYI) but I'd like to separate it into a new thread since it's not related to the thread it was posting in: Fletcher / Valve - I think all of us would love some sort of method similar to L4D2 for players on the server to be able to join a set Steam Group from within-game. I'm kind of surprised this hasn't already been done already, but that (and the MOTD server banner) were my 2 favorite things about running L4D / L4D2 servers. I loved that players had instant and direct access to joining the server's steam group, for those players who enjoyed being there and wanted to be apart. Blacklisting and reporting and so on are great for removing bad servers. But it would be awesome if some tools could be added on the other end of the scale, to allow players to add servers they enjoy playing at. There's already the add to favorites pop-up when you leave a server, perhaps add that option there? Or something on the scoreboard when you're in spectator mode? Or the MOTD as well? ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
I get what you're saying, but there's a difference between magic bullets and leaving the door unlocked. If you needed to setup 31 F2P accounts, get multiple IPs to avoid super-easy abuse detection, and use an external tool to have them all auth into your server (which is VAC bannable) it'd be a hell of a lot more involved than typing 'fake players' into a sourcemod plugin search and copying the first result into your server folder. - Neph On 11/02/2011 01:59 PM, Fletcher Dunn wrote: That doesn't really work. I don't want to get into the details on this public forum, but I can guarantee that the result of what you describe is that the problem would just be escalated higher, meaning more convincing bots with avatars, with valid steam accounts that are logged into steam, etc. A few weeks (or maybe even a few days) later, we'd have the same problem, only the avatars would be fixed and it would be even harder for a human to recognize them. This is exactly what I meant by an arms race. We would spend all that time, and maybe some people decided it was too much effort for them, but likely many would still continue to do it. The delusion that the problem is trivial or that there is magic bullet is only enabled by ignorance of what people are able to and the lengths they go to do this sort of thing. - Fletch From: John Schoenick [mailto:j...@pointysoftware.net] Sent: Wednesday, November 02, 2011 1:48 PM To: Half-Life dedicated Win32 server mailing list Cc: Rob Liu; Fletcher Dunn Subject: Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images Missing avatars is a big clue. Hit steam overlay - recent players or whatever, if they don't show up there, they're not actually in the server. All steam needs to do is keep clients updated on steamIDs auth'd with a server. TF2 could then just label steamIDs that are being shown on the scoreboard but not present according to steam as bots. It could evenly passively report this discrepancy via the abuse system. It's hardly unwinnable, it just requires adding some more capabilities to steam. Ideally, we'd just get our server lists from there and not trust servers to be honest. - Neph On 11/02/2011 01:42 PM, Rob Liu wrote: Can anyone share some tips on identify those spoof server? There are a few servers I know that's doing it, but they're hiding it so well. it's really hard to tell they're using bots. On Thu, Nov 3, 2011 at 9:24 AM, Fletcher Dunnfletch...@valvesoftware.commailto:fletch...@valvesoftware.com wrote: The abuse reporting system has only been live a total of 4 days. Give it some time. There are no plans to give any (non-Valve) entity any special route to get their claims of abuse escalated more quickly. There are still simple things we can do to increase player awareness of this functionality, and we are working on them. Give it a couple of weeks or so. We'll see how much data we get back from players, and how effective the system is at curbing these sorts of problems. Your humble servant, Fletch -Original Message- From: hlds-boun...@list.valvesoftware.commailto:hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.commailto:hlds-boun...@list.valvesoftware.com] On Behalf Of msleeper Sent: Wednesday, November 02, 2011 12:45 PM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images Fletcher - Is there someone we can report blatantly, aggressively abusive servers to in an attempt to escalate the worst offenders to human intervention? I don't think any of us here are expecting a flawless programmatic solution to the issue of Bad Servers, nor would we expect Valve staff to spend paid manhours joining and checking servers instead of working on much more important tasks, but as someone else said, the 1% worst offenders are too big to fail and seem to be falling through the cracks in your automated systems. The reporting tool sounds like a great solution, but my immediate concern is that it might not pan out like you (and us server ops) are hoping since the vast majority of players probably aren't even aware of such problems. On Wed, Nov 2, 2011 at 2:50 PM, Fletcher Dunn fletch...@valvesoftware.commailto:fletch...@valvesoftware.com wrote: This is a problem we're obviously aware of. It's definitely not that we don't care. However, it is essentially an arms race that is provably unwinnable by Valve. Furthermore, any change we make in the name of security will almost certainly cause a disruption of legitimate service, due to bugs on our part, or usage cases we're just not aware of. It is a classic conflict between security and accessibility. Hopefully those two reasons help explain our reluctance to address these sorts of problems through technology. They will create an ongoing arms race, in which we can possibly limit this activity
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
Fletch probably doesn't have a ton of free time, if I had to guess, but if you want to talk to him further about the details he doesn't want to go into on this public forum, you might consider just replying to him and not including the list. ;) /includes the list on this email because sux On Wed, Nov 2, 2011 at 2:42 PM, John Schoenick nephy...@doublezen.netwrote: I get what you're saying, but there's a difference between magic bullets and leaving the door unlocked. If you needed to setup 31 F2P accounts, get multiple IPs to avoid super-easy abuse detection, and use an external tool to have them all auth into your server (which is VAC bannable) it'd be a hell of a lot more involved than typing 'fake players' into a sourcemod plugin search and copying the first result into your server folder. - Neph On 11/02/2011 01:59 PM, Fletcher Dunn wrote: That doesn't really work. I don't want to get into the details on this public forum, but I can guarantee that the result of what you describe is that the problem would just be escalated higher, meaning more convincing bots with avatars, with valid steam accounts that are logged into steam, etc. A few weeks (or maybe even a few days) later, we'd have the same problem, only the avatars would be fixed and it would be even harder for a human to recognize them. This is exactly what I meant by an arms race. We would spend all that time, and maybe some people decided it was too much effort for them, but likely many would still continue to do it. The delusion that the problem is trivial or that there is magic bullet is only enabled by ignorance of what people are able to and the lengths they go to do this sort of thing. - Fletch From: John Schoenick [mailto:john@pointysoftware.**netj...@pointysoftware.net ] Sent: Wednesday, November 02, 2011 1:48 PM To: Half-Life dedicated Win32 server mailing list Cc: Rob Liu; Fletcher Dunn Subject: Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images Missing avatars is a big clue. Hit steam overlay - recent players or whatever, if they don't show up there, they're not actually in the server. All steam needs to do is keep clients updated on steamIDs auth'd with a server. TF2 could then just label steamIDs that are being shown on the scoreboard but not present according to steam as bots. It could evenly passively report this discrepancy via the abuse system. It's hardly unwinnable, it just requires adding some more capabilities to steam. Ideally, we'd just get our server lists from there and not trust servers to be honest. - Neph On 11/02/2011 01:42 PM, Rob Liu wrote: Can anyone share some tips on identify those spoof server? There are a few servers I know that's doing it, but they're hiding it so well. it's really hard to tell they're using bots. On Thu, Nov 3, 2011 at 9:24 AM, Fletcher Dunnfletcherd@valvesoftware.** com fletch...@valvesoftware.commailto:fletcherd@**valvesoftware.comfletch...@valvesoftware.com wrote: The abuse reporting system has only been live a total of 4 days. Give it some time. There are no plans to give any (non-Valve) entity any special route to get their claims of abuse escalated more quickly. There are still simple things we can do to increase player awareness of this functionality, and we are working on them. Give it a couple of weeks or so. We'll see how much data we get back from players, and how effective the system is at curbing these sorts of problems. Your humble servant, Fletch -Original Message- From: hlds-bounces@list.**valvesoftware.comhlds-boun...@list.valvesoftware.com mailto:hlds-**boun...@list.valvesoftware.comhlds-boun...@list.valvesoftware.com ** [mailto:hlds-bounces@list.**valvesoftware.comhlds-boun...@list.valvesoftware.com mailto:hlds-**boun...@list.valvesoftware.comhlds-boun...@list.valvesoftware.com **] On Behalf Of msleeper Sent: Wednesday, November 02, 2011 12:45 PM To: Half-Life dedicated Win32 server mailing list Subject: Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images Fletcher - Is there someone we can report blatantly, aggressively abusive servers to in an attempt to escalate the worst offenders to human intervention? I don't think any of us here are expecting a flawless programmatic solution to the issue of Bad Servers, nor would we expect Valve staff to spend paid manhours joining and checking servers instead of working on much more important tasks, but as someone else said, the 1% worst offenders are too big to fail and seem to be falling through the cracks in your automated systems. The reporting tool sounds like a great solution, but my immediate concern is that it might not pan out like you (and us server ops) are hoping since the vast majority of players probably aren't even aware of such problems. On Wed, Nov 2, 2011 at 2:50 PM, Fletcher Dunn
[hlds] Team Fortress 2 Update Released
Required updates for Team Fortress 2 are now available. The specific changes include: Source Engine Changes (CS:S, DoD:S, TF2, HL2:DM) - Output of status command now includes public IP - Fixed playback for pre-Halloween demo recordings Team Fortress 2 - Output of status command not includes registration status, including any error message causing failure - Update the '_registered' server tag based on whether registration is successful, not whether the registration convars are set - All registration related messages now go to the server log in addition to the console - Fix response from cl_gameserver_reset_identity command to properly format convar config lines - Added a taunt for the Tin Soldier set - Fixed the Soldier's melee dare response rule - MONOCULUS! HAS GROWN ANGRY - Updated the localization files Thanks, Tony ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images
one other thing I like to notice, is that IF you blacklist a server, its the last accessed one, not the one clicked in my previous described case. I had to go search again for the same server and blacklist the server in the server list i tried to connect to to make it effective... in other words, the normal system didn't blacklist the IP I tried connecting to, but instead the one I was redirected to... I'm sure valve is aware, reading Fletchers response, and I appreciate their balance in it. but maybe the above can be addressed also somehow. and thnx for letting us know that there is some in the pipeline for this stuff. From: Spencer 'Voogru' MacDonald voo...@voogru.com To: Half-Life dedicated Win32 server mailing list hlds@list.valvesoftware.com Sent: Wednesday, 2 November 2011, 20:49 Subject: Re: [hlds] [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images This would be nice, yes. On 11/2/2011 3:45 PM, msleeper wrote: Fletcher - Is there someone we can report blatantly, aggressively abusive servers to in an attempt to escalate the worst offenders to human intervention? I don't think any of us here are expecting a flawless programmatic solution to the issue of Bad Servers, nor would we expect Valve staff to spend paid manhours joining and checking servers instead of working on much more important tasks, but as someone else said, the 1% worst offenders are too big to fail and seem to be falling through the cracks in your automated systems. The reporting tool sounds like a great solution, but my immediate concern is that it might not pan out like you (and us server ops) are hoping since the vast majority of players probably aren't even aware of such problems. On Wed, Nov 2, 2011 at 2:50 PM, Fletcher Dunn fletch...@valvesoftware.com wrote: This is a problem we're obviously aware of. It's definitely not that we don't care. However, it is essentially an arms race that is provably unwinnable by Valve. Furthermore, any change we make in the name of security will almost certainly cause a disruption of legitimate service, due to bugs on our part, or usage cases we're just not aware of. It is a classic conflict between security and accessibility. Hopefully those two reasons help explain our reluctance to address these sorts of problems through technology. They will create an ongoing arms race, in which we can possibly limit this activity and make it harder, but probably never eliminate it completely. Furthermore, this benefit comes at a cost of taking resources away from adding features and fixing bugs, and also disrupting legitimate users. When we can do simple and safe things to make it harder to do these sorts of things, we will. We have some protocol changes that will make it harder to do this sort of spoofing, which have been beta tested for some time now. We'll be rolling those out in the next couple of months. Crowdsourcing using the abuse reports helps us stay out of the arms race, and it's the safest and simplest way to deal with this problem and many others like it. Your humble servant, Fletch -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Mart-Jan Reeuwijk Sent: Wednesday, November 02, 2011 5:39 AM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images there is some italian group that does that. they have dozens maybe even in the hundred of servers in server list, but all get redirected to 1 server. and those server report a variety of maps played, names in server lists etc. you click info, refresh, says for example dustbowl, and then join, get redirected to their server, with bots, and another map then advertized in the server info. Its damn annoying. And indeed, they change IP's a lot, to evade blacklisting. From: daniel jokiahodaniel.joki...@gmail.com To: Half-Life dedicated Linux server mailing listhlds_li...@list.valvesoftware.com Sent: Wednesday, 2 November 2011, 7:27 Subject: Re: [hlds_linux] Fake clients, misreported bots, infringing usage of player names/images what about servers on different ips and port that have exactly the same players. I join server x. U join server y. And still we play against or with each other :-( On 2 Nov 2011 06:53, msleepermslee...@ismsleeperwrong.com wrote: Are you sure they're not just adding more servers? Changing IPs is a server playerbase suicide as anyone who had it bookmarked won't be able to find it again. I suppose they could use those servers for redirects, but in theory that would get those IPs blacklisted pretty fast if Valve's scoring/reputation system is still in effect. On Wed, Nov 2, 2011 at 1:42 AM, Jesse Porterreacherg...@gmail.com wrote: The
Re: [hlds] Team Fortress 2 Update Released
Oops, that should read - Output of status command *NOW* includes registration status, including any error message causing failure I believe that it should now be abundantly clear when you are successfully registered, and when that state changes. if you see any brokenness in the registration system, please let me know. This event is the first of hopefully more privileges associated with server registration. We want it to work reliably and we apologize for some flakiness this past week. Also, if you suspect funky characters in your identity are causing complications, use the cl_gameserver_reset_identity command on the client to get a new one. We've changed the identity generation to use a really restricted character set. A few servers will probably notice that they have been banned. Your humble servant, Fletch From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Tony Paloma Sent: Wednesday, November 02, 2011 3:35 PM To: hlds@list.valvesoftware.com; hlds_li...@list.valvesoftware.com; hlds_annou...@list.valvesoftware.com Subject: [hlds] Team Fortress 2 Update Released Required updates for Team Fortress 2 are now available. The specific changes include: Source Engine Changes (CS:S, DoD:S, TF2, HL2:DM) - Output of status command now includes public IP - Fixed playback for pre-Halloween demo recordings Team Fortress 2 - Output of status command not includes registration status, including any error message causing failure - Update the '_registered' server tag based on whether registration is successful, not whether the registration convars are set - All registration related messages now go to the server log in addition to the console - Fix response from cl_gameserver_reset_identity command to properly format convar config lines - Added a taunt for the Tin Soldier set - Fixed the Soldier's melee dare response rule - MONOCULUS! HAS GROWN ANGRY - Updated the localization files Thanks, Tony ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] Team Fortress 2 Update Released
Now the _registered tag is only added after the first mapchange. On 2011/11/02 23:34, Tony Paloma wrote: Required updates for Team Fortress 2 are now available. The specific changes include: Source Engine Changes (CS:S, DoD:S, TF2, HL2:DM) - Output of status command now includes public IP - Fixed playback for pre-Halloween demo recordings Team Fortress 2 - Output of status command not includes registration status, including any error message causing failure - Update the '_registered' server tag based on whether registration is successful, not whether the registration convars are set - All registration related messages now go to the server log in addition to the console - Fix response from cl_gameserver_reset_identity command to properly format convar config lines - Added a taunt for the Tin Soldier set - Fixed the Soldier’s melee dare response rule - MONOCULUS! HAS GROWN ANGRY - Updated the localization files Thanks, Tony ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] [hlds_linux] Team Fortress 2 Update Released
You select which account to get a new identity (password) for. The command has the basic context sensitive help to explain it. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Ross Bemrose Sent: Wednesday, November 02, 2011 3:54 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Team Fortress 2 Update Released Will that reset all identities, or can we choose which one to reset? On 11/2/2011 6:52 PM, Fletcher Dunn wrote: Oops, that should read - Output of status command *NOW* includes registration status, including any error message causing failure I believe that it should now be abundantly clear when you are successfully registered, and when that state changes. if you see any brokenness in the registration system, please let me know. This event is the first of hopefully more privileges associated with server registration. We want it to work reliably and we apologize for some flakiness this past week. Also, if you suspect funky characters in your identity are causing complications, use the cl_gameserver_reset_identity command on the client to get a new one. We've changed the identity generation to use a really restricted character set. A few servers will probably notice that they have been banned. Your humble servant, Fletch From: hlds-boun...@list.valvesoftware.com [mailto:hlds-boun...@list.valvesoftware.com] On Behalf Of Tony Paloma Sent: Wednesday, November 02, 2011 3:35 PM To: hlds@list.valvesoftware.com; hlds_li...@list.valvesoftware.com; hlds_annou...@list.valvesoftware.com Subject: [hlds] Team Fortress 2 Update Released Required updates for Team Fortress 2 are now available. The specific changes include: Source Engine Changes (CS:S, DoD:S, TF2, HL2:DM) - Output of status command now includes public IP - Fixed playback for pre-Halloween demo recordings Team Fortress 2 - Output of status command not includes registration status, including any error message causing failure - Update the '_registered' server tag based on whether registration is successful, not whether the registration convars are set - All registration related messages now go to the server log in addition to the console - Fix response from cl_gameserver_reset_identity command to properly format convar config lines - Added a taunt for the Tin Soldier set - Fixed the Soldier's melee dare response rule - MONOCULUS! HAS GROWN ANGRY - Updated the localization files Thanks, Tony ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] [hlds_linux] Team Fortress 2 Update Released
Sorry, you'll have to restart your server. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of bottige...@gmail.com Sent: Wednesday, November 02, 2011 4:13 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Team Fortress 2 Update Released How do I log in again? I reset my token after seeing this: not logged in (Incorrect identity token), but it hasn't reconnected by itself. On Wed, Nov 2, 2011 at 4:07 PM, msleeper mslee...@ismsleeperwrong.com wrote: Would it be possible to add the trending status to the status command output? Or is that only calculated once when the server first starts? On Wed, Nov 2, 2011 at 7:01 PM, Steven Miano mian...@gmail.com wrote: Is there any hope that in the future a non-premium account will be able to register a game server? Thanks! On Wed, Nov 2, 2011 at 6:56 PM, Fletcher Dunn fletch...@valvesoftware.comwrote: You select which account to get a new identity (password) for. The command has the basic context sensitive help to explain it. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Ross Bemrose Sent: Wednesday, November 02, 2011 3:54 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Team Fortress 2 Update Released Will that reset all identities, or can we choose which one to reset? On 11/2/2011 6:52 PM, Fletcher Dunn wrote: Oops, that should read - Output of status command *NOW* includes registration status, including any error message causing failure I believe that it should now be abundantly clear when you are successfully registered, and when that state changes. if you see any brokenness in the registration system, please let me know. This event is the first of hopefully more privileges associated with server registration. We want it to work reliably and we apologize for some flakiness this past week. Also, if you suspect funky characters in your identity are causing complications, use the cl_gameserver_reset_identity command on the client to get a new one. We've changed the identity generation to use a really restricted character set. A few servers will probably notice that they have been banned. Your humble servant, Fletch From: hlds-boun...@list.valvesoftware.com [mailto: hlds-boun...@list.valvesoftware.com] On Behalf Of Tony Paloma Sent: Wednesday, November 02, 2011 3:35 PM To: hlds@list.valvesoftware.com; hlds_li...@list.valvesoftware.com; hlds_annou...@list.valvesoftware.com Subject: [hlds] Team Fortress 2 Update Released Required updates for Team Fortress 2 are now available. The specific changes include: Source Engine Changes (CS:S, DoD:S, TF2, HL2:DM) - Output of status command now includes public IP - Fixed playback for pre-Halloween demo recordings Team Fortress 2 - Output of status command not includes registration status, including any error message causing failure - Update the '_registered' server tag based on whether registration is successful, not whether the registration convars are set - All registration related messages now go to the server log in addition to the console - Fix response from cl_gameserver_reset_identity command to properly format convar config lines - Added a taunt for the Tin Soldier set - Fixed the Soldier's melee dare response rule - MONOCULUS! HAS GROWN ANGRY - Updated the localization files Thanks, Tony ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
Re: [hlds] [hlds_linux] Team Fortress 2 Update Released
Right, currently it is only fetched at login time. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux-boun...@list.valvesoftware.com] On Behalf Of msleeper Sent: Wednesday, November 02, 2011 4:08 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Team Fortress 2 Update Released Would it be possible to add the trending status to the status command output? Or is that only calculated once when the server first starts? On Wed, Nov 2, 2011 at 7:01 PM, Steven Miano mian...@gmail.com wrote: Is there any hope that in the future a non-premium account will be able to register a game server? Thanks! On Wed, Nov 2, 2011 at 6:56 PM, Fletcher Dunn fletch...@valvesoftware.comwrote: You select which account to get a new identity (password) for. The command has the basic context sensitive help to explain it. -Original Message- From: hlds_linux-boun...@list.valvesoftware.com [mailto: hlds_linux-boun...@list.valvesoftware.com] On Behalf Of Ross Bemrose Sent: Wednesday, November 02, 2011 3:54 PM To: Half-Life dedicated Linux server mailing list Subject: Re: [hlds_linux] Team Fortress 2 Update Released Will that reset all identities, or can we choose which one to reset? On 11/2/2011 6:52 PM, Fletcher Dunn wrote: Oops, that should read - Output of status command *NOW* includes registration status, including any error message causing failure I believe that it should now be abundantly clear when you are successfully registered, and when that state changes. if you see any brokenness in the registration system, please let me know. This event is the first of hopefully more privileges associated with server registration. We want it to work reliably and we apologize for some flakiness this past week. Also, if you suspect funky characters in your identity are causing complications, use the cl_gameserver_reset_identity command on the client to get a new one. We've changed the identity generation to use a really restricted character set. A few servers will probably notice that they have been banned. Your humble servant, Fletch From: hlds-boun...@list.valvesoftware.com [mailto: hlds-boun...@list.valvesoftware.com] On Behalf Of Tony Paloma Sent: Wednesday, November 02, 2011 3:35 PM To: hlds@list.valvesoftware.com; hlds_li...@list.valvesoftware.com; hlds_annou...@list.valvesoftware.com Subject: [hlds] Team Fortress 2 Update Released Required updates for Team Fortress 2 are now available. The specific changes include: Source Engine Changes (CS:S, DoD:S, TF2, HL2:DM) - Output of status command now includes public IP - Fixed playback for pre-Halloween demo recordings Team Fortress 2 - Output of status command not includes registration status, including any error message causing failure - Update the '_registered' server tag based on whether registration is successful, not whether the registration convars are set - All registration related messages now go to the server log in addition to the console - Fix response from cl_gameserver_reset_identity command to properly format convar config lines - Added a taunt for the Tin Soldier set - Fixed the Soldier's melee dare response rule - MONOCULUS! HAS GROWN ANGRY - Updated the localization files Thanks, Tony ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds