Quote:
|
Originally Posted by Monolith
I haven't taken a look at how any CSHP works before. It could work better than trying to detect things from the server, but still how would you detect things on the client's side?
|
The same way you do it on server.
Quote:
|
Originally Posted by Monolith
Just looking at the running processes wouldn't be any good because they could just rename the program.
|
There should be a blacklist for the cheating tools containing unique signatures so that the client scanner can recognise these right away.
Here are some methods I had in mind:
- Size and MD5/CRC32 of the exe or some internal parts of it
- Window captions and class names
- Search for certain text strings within the process
- Spy the APIs to see if any program is using an API to memory edit Jazz 2
__________________
<a href="http://nmap.org/"><img border="0" alt="Nmap Security Scanner" src="http://images.insecure.org/nmap/images/prop/nmap_bnr_matrix_pfos.gif"/></a>
|