Ok recently these packet editors have been crashing servers by bombarding them with "player joined". They also rename players, and change players fur colours. They also make people say things that they didn't. I have found a solution which seems to work for me.

In your banlist.lst insert a blank line
To open it choose notepad.

Heres what mine looks like (sorry to platty)
------------------------------------------
; Example: Uncomment the next line to deny access to all users who try to
; log on from IP 129.0.22.12.
;129.0.22.12
test
dude
SAMALNMDER WAC

sÀlÄmÃnDèR WAC
Hi Is Not A Noun
JazzTool 12
-------------------------------------------

Now the line which is between the SAMALNMDER WAC and sÀlÄmÃnDèR WAC is completely blank All I did was push enter.
The Packet editors use no name characters to do their evil things. So once you add this they wont be able to hack your server.
Make sure ther are no spaces
just a good push of the enter key.

This is not guaranteed to work as it's not exactly easy to find people to help me test it. One person did though and they said they couldn't do anytinhg to my serv. If you guys find out any other solutions or find any probs or hav questions just say so : P.

Ban Spazzyman.

It works great for me.

Yea he seems to do it alot.
The problem is he isnt the only one who does it.

First of all, I think that it is a good idea not to "name names." While this person is doing something wrong, it can oftentimes lead to unnecessary fingerpointing and blaming that prevents a solution to the real problem, which is how to prevent against it. As with anything that can easily be used as a tool to annoy people, it leaked, and the person in question will not be the only one to do it for long.

However, there is one thing that confuses me. You mentioned fur color and name changes were taking place. This does not fit the packet editing thing. You see, when a packet is transferred, only the necessary people receive it. It goes from the server to the client or vice-versa. No other clients generally receive it. Therefore, things like fur color and name changes are genereally local client-only. Could you clarify what you mean by changes in name and fur color?

The blank line trick unfortunately is fairly ineffective. It prevents against spamming by bots that use a blank name, but not all do. I do not think this is packet editing-related, anyway. It can easily be done (unfortunately) by numerous popular launchers. Doing this blocks those. Some hosts may like this method, some may not care, and some may not want bots blocked from their servers. Besides, because other bots use different names, it is not highly reliable.

The best course of action for now would probably be kicking and/or banning the offender. This is a new and annoying problem and a bit disappointing that it leaked (although, honestly, I am not surprised). Hopefully, this fad will fade quickly.

~ Traft

thnx, whoever is doing it is being annoying. >(

Derby: Content removal.

You are right about the renaming, fur change, and character change. I have seen it happen. I also have the offender's IP address and know their identity. They remain it was not them, but I doubt it was not. I will look into it further, though.

~ Traft

Kicking them off or banning them is more fun, IMHO. :cool:

These people think that just because they can do something, they can do it legally, even if it's otherwise. I think these lowlifes just do it to "show off" or generally just to annoy people.

This is one of the many reasons why debugging\reverse engineering is not taught. Yes, I know it's not exactly that, but making JJ2 do "stuff that it isn't supposed to" is tampering with it, even if it's indirect.

I have discovered who did this and they promised to test the program in question in private servers in the future. One other person has a similar program, and I have been unable to contact them.

For not, just kick or ban and then store their IPs in case you need to add them to your banlist.

~ Traft

You CANNOT see which person is doing this (sending the packets). and Yeah there are more people out there who can do this.

It's not me this time. =)

In fact, it wasn't even me last time. =)

=)

"Ban Spazzyman."


LoL

If you accuse him of anything, though, he'll get WICKED (angry). So... careful ;p

Derby: Content replacement.

You CANNOT see which person is doing this (sending the packets). and Yeah there are more people out there who can do this.
I am confused as to how you came to this conclusion. I used a packet editor to extract the information and, yes, in fact, you can.

~ Traft

Let me say it different then. as a JJ2 player you cant "SEE" while playing who is doing it.

You prolly are right in that case/

I don't think you can kick/ban them. One time while I was hosting someone renamed me and changed my character, team and fur color >(. Then some suspicious character just suddenly happened to join my server (which was passworded btw) named "Whatever". I was suspicious that this was the haxor and he/she would do something evil, so I typed in "kick 2" and kicked them. then my jj2 suddenly crashed right when I typed kick 2 and pressed enter. Coincidence? I think not.

And you can't actually SEE who is doing it. One time in Scizor's server there was someone kept joining and leaving under different names such as "FireSword DM, Trexian (BN's online name) and some other names. They even joined and left under scizor's name (who was hosting the server) and under my name (They matched the color and everything perfectly). And each time they joined and left either someone would be renamed or their character changed etc. Plus they did it so fast that that it was impossible to ban them/see their IP adress.

they did it so fast that that it was impossible to see their IP adress.
Use a screen capture tool ;)

Whenever I catch someone doing something like this, I follow the following steps:

1. Copy their IP address.
2. Tell them that "Any further offenses will result in a ban."
3. Before they can respond I ban them whether they do anything or not.

Fun, really.

Packet editors will show the IP the information is coming from.

Packet editors will show the IP the information is coming from.

Yes. If anyone wishes to know a location of a packet editor, just PM me and I might respond. Just in case this gets edited out.

You have can use (apple), (banana), and (orange). (Apple) is the best because of its power and its compatibility, (banana) is also a good alternative but its shareware. If you're really hardcore, use (orange), its the first of its kind but it might not work under NT/2K/XP.

Derby: Content replacement.

I didn't see what Derby edited out of Lama's post, but I'm guessing it was names of packet editors. For people wishing to get IP addresses of the people causing mischief, try a packet sniffer which does not have any editing or sending capabilities.

I'm mentioning two programs here, both freeware and open source, whose names should not be edited because they are completely legal and do not have capability to send or modify packets.

WinDump (http://windump.polito.it/) is a port of the Unix tcpdump, but it is command-line so may be difficult to use.

For a GUI-based program try Ethereal (http://www.ethereal.com/), which is fairly easy to use and is what I use for most of my needs.

Both of those programs use and require the WinPcap (http://winpcap.polito.it) library. They both use filter strings, which are a bit complicated, but the string "tcp port 10052" is enough to capture the JJ2 packets in question.

You all that blamed me..You are all a bag of rux...And labrat, Black Ninja did it in your server, not me. NinjaGPW, why this? i am not even banned from your server ;-.-. Spay, when was the last time i did it to you? And ill edit this once i go look who else blamed me.

Anyone out there wanna point fingers? You all have been using me as a scapegoat just because i learnt it first.

Here are a few things:

1. I was the first to find it out
2. NinjaGPW Begged me to tell him how, and i refused.
3. I made a program out of it in VB
4. I have not given anyone MY personal program
5. I am not the only one who knows how to do this stuff, i can name at least a few others and a few people who freaking wont stop asking me how i do it.
6. Any complaints can be sent to spazzyx32@hotmail.com

So remember, if any of you needs a scapegoat, its not me.

Anyone else have anything? email me.

..one more thing while we're at this topic. Has anyone else been dos attacked while hosting a server with lots of people? Some noname [like spay says] joined my server and was laughing at everyone, then later on, after they left someone crashed my server -- more than once. Dos attacking is when it says "joined the game" to everyone else and you cant see it if you are the server because you crashed (i think thats what it is)..

..also, never EVER try to kick or ban an "unknown network"-IPed person as it WILL crash jazz, rather, get overlord's project controller and "stealth kick" the person so that they time out. That is the best (or only?) way to get rid of them.

Derby: Content clearance. Also note that threats will not be tolerated here.

Jazz, Yes i did rename in your server yesterday. And do you want to know why everyone? He screamed at me on msn for lasering him. He says it messed up his pc. I kept renaming him to "come on msn" and stuff like that, maybe i could help fix it, but he doesnt care and hes not talking to me. After that i left him alone and i changed his name back to URJazz||||[si]. SO NYA. DOnt try to put it on me. If anyone wants my ip to ban, feel free, even though it doesnt work and renaming can still bypass, i dont care, here it is 68.48.145.25 i think.

Hrmph, you all suck [well not all, only some *cough*]. Use me as anything, ie jazz not tellin the whole story. I cant believe how much propoganda you all use. [not all]

YES I renamed in URJAzz's server for crying out loud im sorry for admitting it and being honest. Maybe next time i should lie and stuff.

You can fix this by banning spazzyman's IP with your firewall/router/thing. This way, you'll receive none of his packets.

EDIT: by spazzyman, I actually mean anybody you catch sending you manipulated or mass amounts of packets.

I packet edit too, but that's only when I'm the server and I use PC4, a perfectly legal program that can be found on J2o. Or would you not consider renaming people for people to join and see packet editing, would you? Much fun to rename everybody the same thing except for you, like naming everybody "Foo person" and having a little fun that way. :p :)

Yesterday I learned that the people don't even have to be in the server to hcange your name etc. I was in a server with BlackRabbit and Spazzyman kept changing my name and he wasn't in the server (I even made it so no one else could join). And no, BR was not Spazzyman. And yes, this is no scaepgoat, it WAS spazzyman.


Don't you mean Blackraptor ;P

Yesterday I learned that the people don't even have to be in the server to hcange your name etc. I was in a server with BlackRabbit and Spazzyman kept changing my name and he wasn't in the server (I even made it so no one else could join). And no, BR was not Spazzyman. And yes, this is no scaepgoat, it WAS spazzyman.

You give no evidence to support this, yet you assume it's obvious.

Thanks for the links, Link.

Does anyone know for sure whether adding the offending player's IP to your banlist works?

test

ok, it looks like i can no longer delete or edit my posts cuz i was ip banned(?)

It's not me this time. =)

In fact, it wasn't even me last time. =)

=)

Yeah, I know it's not you. The programs you've made are in Delphi and I hear it's harder to make packet editors using that language than when using VB.

I don't know about Txl Kill and Black Ninja, though because (PM me if you want to know but I think in Txl Kill's case you already know).

I don't personally think it was spazzyman. Im sure he did it a couple of times to some people who he hates, but i dont think he is the one consantly running around doing it to people. I have some screenshots, and I'll post em as soon as I find a good place to upload them (not geocities >()

Spazzyman is capable of doing it but it doesn't automatically mean that it's him. Someone could be using his nick & fur colors and spoofing his IP (faking their IP to match Spazzyman's). But who would go through all that trouble?

How do we know Spazzman's IP anyway? Even if you get the IP that doesn't mean we know who it is.

How do we know Spazzman's IP anyway? Even if you get the IP that doesn't mean we know who it is.

How do we know Spazz<b>y</b>man's IP anyway? He said this:


here it is 68.48.145.25


Yes, even when if you get Spazzyman's IP it doesn't mean you know that it is really him. I already said this here:


spoofing his IP (faking their IP to match Spazzyman's).

But how do we know Spazzyman is not lying? What if he is a dial-up user? WHAT IF IT IS ALL A GOVERNMENT CONSIRACY :O:O

:P

I've finished my program to detect these. It's available on J2O:

http://www.jazz2online.com/downloads/moreinfo.php?levelid=2639

It was made quite quickly, and I would say I may have rushed a bit, so there are probably still some bugs in it. It's also my first major program coded in C. But it gets the job done, so hopefully we may all have some more insight into who is behind these.

(It's also a good server logging utility, because it records all joins, not just suspicious ones)

Thank you, Link.

First of all, I would like to say Spazzyman did not do this. Both persons involved have agreed to stop doing it, and it will remain not a problem unless the program is leaked, in which case I will slap all involved with lush green leeks.

~ Traft

WHAT IF IT IS ALL A GOVERNMENT CONSIRACY :O:O


They're watching JJ2 now? OMG! :O