So a few friends and I are making a game using Astron and Panda3D just for the fun of it and everything. We have the core game features and all down, but we’re worried about security. We have the game compiled and ready to go but occasionally the servers are down and it shows the IP on the screen. With this someone can simply join the server with an entirely different client and load connections to lag/take down the server or inject code to give an unfair advantage. What I want to do is force the client to get access from the server to verify that it’s the certain client that is used. I know there is server versions and matching with the client and all but that is easily bypassable (you can get around it somehow or just have the server version right and the client wrong). How do I add extra security measures like this?
You can’t hide the IP even if it doesn’t show up on screen. Just get DDoS protection.
But the game will still lag even if I have DDoS protection.
Some of this, such as injecting code, can be handled by not trusting anything sent by the client. A most extreme example is only sending keypresses from client to server, server checking if it is a valid action, then doing it. Client side prediction and some game design can hide this.
Preventing cheating, such as client spoofing or reading values in memory that are normally hidden from the player are more involved. There are expensive and inexpensive solutions for this such as what is offered by valve with steam. Using SSL certs can help with this as well, but I don’t know the details on this process.
Keeping a strict “don’t trust the client” design will get you most of the way there.
EDIT: There are some additional things, such as only accepting a set limited number of connections per ip address. This wont protect from botnet attacks but if your game is popular enough from that then you should have some resources for you.
You cannot hide your IP. Get DDoS protection.
About code injection
There’s no way to be 100% safe. Things you can do:
- Build Panda3D, Python and thirdparty packages staticly. This way PyRun_SimpleString and similars are not exposed.
- Make you sure only your client can connect to the server (i.e. forbid connecting from source). This can be achieved by using HMAC in client authentication process. Beware of replay attacks.
- Obfuscate your bytecode and only read it when it’s time to execute it. This way you can’t recover them from memory.
- NEVER TRUST THE CLIENT
- Use TLS. Valid the server certificate properly. Use client certificates.