- Forum
- General C++ Programming
- Help prevent hackers on network game
Help prevent hackers on network game
Hi,
This isn't really a c++ question but more of a network question for my online game. First of all when I say "Help prevent hackers on network game" what I mean is to stop hackers viewing the packets and trying to send the same ones off again this is my idea to help make this harder.
During the login stage the login is encrypted using a public/private key algorithm. The client sends an integer which goes a bit like (System_Time + random_char_of_username). Now the server takes in that integer and adds something like (Server_System_Time + totalUsersLoggedIn) to the integer sent by the client. Now the server sends that number back.
So now lets pretend we are all logged in and lets pretend the integer we took in from the server which was to do with all the system time + totalloggedinusers ect ect lets call it "opcodeSalt"
so when we want to create a frame it would go something like
void createFrame(unsigned char o)
{
unsigned char opcode = ((unsigned char)opcodeSalt + o);
}
This isn't set in stone and I can see issues with it right now such as it going past 255 and looping around but this is just a basic idea so far basically because the client and the server both know a unique number that the 3rd party does not know it will be harder for them to play with the packets.
Oh we also increase the salt after every frame created this is so the same action will be different every time, again this makes it harder to identify and also means if you are a 3rd party and resubmit the packet it will not be valid
Is this a good idea or bad idea? If so could you provide a better idea?
Many thanks,
Dan
This isn't really a c++ question but more of a network question for my online game. First of all when I say "Help prevent hackers on network game" what I mean is to stop hackers viewing the packets and trying to send the same ones off again this is my idea to help make this harder.
During the login stage the login is encrypted using a public/private key algorithm. The client sends an integer which goes a bit like (System_Time + random_char_of_username). Now the server takes in that integer and adds something like (Server_System_Time + totalUsersLoggedIn) to the integer sent by the client. Now the server sends that number back.
So now lets pretend we are all logged in and lets pretend the integer we took in from the server which was to do with all the system time + totalloggedinusers ect ect lets call it "opcodeSalt"
so when we want to create a frame it would go something like
void createFrame(unsigned char o)
{
unsigned char opcode = ((unsigned char)opcodeSalt + o);
}
This isn't set in stone and I can see issues with it right now such as it going past 255 and looping around but this is just a basic idea so far basically because the client and the server both know a unique number that the 3rd party does not know it will be harder for them to play with the packets.
Oh we also increase the salt after every frame created this is so the same action will be different every time, again this makes it harder to identify and also means if you are a 3rd party and resubmit the packet it will not be valid
Is this a good idea or bad idea? If so could you provide a better idea?
Many thanks,
Dan
Last edited on
Topic archived. No new replies allowed.