If you want stop to cheating, dont let the client know information he doesnt need to and dont let him administrate relevant resources himself. no other way to stop it.
Can we construct a general software model to handle this kind of problems on Panda3D? Such as, logging key inputs, interrupting gameing periodically, or other methods.
Especially, automatic monitoring and judging seems more helpful, do you think so?
If yes then the general rule is not to trust anything that the client sends and to have all the game mechanic on the server.
In an ideal model the client only sends events about player actions (like player1 shoots player2, but not player1 hits player2) and knows only this part of the scen (level) that is visable on screen in the current frame. A model like that could only work in cloud computing with a ultra fast connection.
In real world the level and some collisions are made client side. How to know a client is not using a hacked copy or third party tools (like aimbot or macro recorder)? I wish Iād know.
ā¦But often are very expensive and this is the crux of it. If you have a huge world and e.g. a dozen players it would be quite inefficient to let the server calculate the physics for each and every player.
Possibilities that come to my mind, ATM, are:
Constantly checking on the client-executableās file size to see if it has been modified
Making the client-executable send a message to the server when it notices a third-party process trying to hook it
Always having admins play on the server and kick obvious cheaters
Well, as far as i know, with current hardware, servers are able to handle 128 players simultaneously in same area. For example logic that i would use would be something like this, divide world in squares, and each player is checked only against his current square and against players in adjacent squares.
As for sending some data from player to server, that can be faked easily, for example server sends request for filesize to client and client returns hardcoded value.
Even password protecting data can be avoided easily, for example server sends request to do some operations on xxxxyyyzzz location in game executable file, and cracked version does that on original file and voila its done.
Having admin online is one solution but it is also not perfect.
That means, firstly, we should make certain that players are using unmodified client program; secondly, we only receive data from trust program; thirdly, players could not handle data in the memory.
If your game gets hacked be happy because your game is popular! Indifference from both players and hackers alike is how our games die. Make the game more fun instead!
i think the best solution performance wise would be to do spot tests. this system would also work with a p2p-network. but as treeform said. you probably should invest the time to make the game more fun
how to detect a cheater, all you need to do is to search for anomalies in the gameplay.
about the key, try to imagin a rubic cube (with ~10 x 10 x 10 cubes). your code get split (line wise, page wise, letter wise ā¦) up into this cells. then the cube starts to mix up and you receive your personal pattern key by email. which can only be used one time, after you logged in this cube the cube is start randomly spinning with you onto his back. so noone is able to hack your game you play. (only one computer will be able to excute the individual splitted game code).
thats just a old mind i had. and i will be sad to see this one time.
How do you know that players are using unmodified programs, and that they can not access program memory and how do you know from which process you receive data on server?
You canāt prevent people from modifying their clients. Itās simply impossible to prevent it or to correctly detect if it has been modified. As a rule of thumb, you should always assume that all clients are not to be trusted.