Fake servers in Counter-Strike about halflife HOT 76 OPEN

We still have a big problems with official monitoring.
Players can't find normal server in thousands of fake servers which only want to redirect client to another server.
Server owners can't get online because normal server disappear in thousands of fake servers.
Any info about fixing this problems?

I add to favorits some fake serves by game title and ping. total servers 1300+, 700+ fake servers. 50% of crap.
how should we play in such a swamp? how server owners can get online?
700 garbage servers for 10k players.

from halflife.

@SamVanheer @Mistrick I'm sure this will take more work to identify and ban or at least better filter the server list by default, but I did update the current beta with a change you can test.

We do already receive Steam account information from the game server if it exists, so I've added a filter option to the server browser that only displays servers that have a valid Steam account associated with them. It seemed to properly filter out all of the obviously fake servers, so give it a try and let me know how well that works, if it misses any fake servers or improperly filters out servers that should be there, etc.

from halflife.

Thank. This works for me. Most fake servers no longer appear on the list. But I still see a lot of non-original garbage servers (REHLDS and so on) that are not marked in any special way. Can you add filtering to highlight the original genuine servers from VALVE, from third-party servers? Now they are all on the same list. Maybe add a column showing the version of the server? That would be good. I remember that in CS 1.5 there was something similar, it was even displayed on which platform the server is located (Windows \ Linux). Now for this purpose you have to use a third-party program "HLSW", which is not very convenient. It would be nice to add a new column with the server version hidden by default. And \ or another filter that allows you to separate VALVE oniginal servers from fake ones (In the conscience of a third-party developer).

from halflife.

@mikela-valve as you can see there, #2064 (comment) this is general steam master server issue and not realted to GoldSRC at all, we can't fix it by filtering,( i mean we can, but it's crappy way, like checking is last symbol in description is number and etc ), i mean you can provide info to Valve, than they can create separate Moderator for Masterserver for example. Coz in automode we can't detect this server's, there can be related attack's and etc, i dont wanna describe this, i think you can get it.

Servers redirecting you should be prevented if you have cl_filterstuffcmd turned on, once the beta is pushed to release it should solve that problem. Slowhacking should also be prevented entirely at the same time.

If you think like there no another RCE... Lol, there ton's of this shit in engine.

It's can be fixed in

but still, there many way's to spoof it, so, this is the reason why we should block any command's from server.

Once I described the problem, but you still didn’t get it, so try to join to my test server (94.250.249.75:27015), it sends the jump forward voicerecord command,
and then try to stop it, without console, you can't do it without writing -jump, -forward -voicerecord in the console.

Of course, you can fix this by writing some kind of pseudo-fix (crappy), for example, execute - for all the commands registered on disconnect, but how it will help?

There can be custom -/+ command's which you can't detect.

This is another reason why they should be added to the blacklist, there is no reason to leave them unlocked, at least in Counter-Strike.

Connecting to 80.211.195.16:27015...
Connection accepted by 80.211.195.16:27015
[Extra Mirror] blocked: "motdfile "!MD5/../../cstrike/hw/opengl.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "joystick.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "joystick.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "banned.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "default.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "dcstrike16.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "menucs16.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "listenserver.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "csconfig.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "userconfig.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "joystick.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "language.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "violence.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "!MD5/../../valve/hw/opengl.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "!MD5/../../valve/hw/geforce.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "!MD5/../../cstrike/hw/geforce.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "!MD5/../../valve/banned.CFG""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015motdfile "!MD5/../../valve/valve.rc""
[Extra Mirror] blocked: "motd_write Connect bst.csglobal.ro:27015clear"
[Extra Mirror] blocked: "echo "[AMXX] Simple Redirection -  Redirecting to best.csglobal.ro:27015""
Could not execute privileged command "Connect" best.csglobal.ro:27015
�
BUILD 7882 SERVER (0 CRC)
Server # 1
Your map [maps/de_dust2.bsp] differs from the server's.
Host_Error: Disconnected

this is log from connecting to one of fake server's

One more about it. Just informative.

As you can see just a map.

Only one resolution here, is using steam api key's for adding server to official master server,

like create some cvar or smthng like this, or file, where we can put our steam api web key or something like this, for adding server to ms.
So, then we can block fake server's owner's steam account's, but, there also should be Moderator.

I also mean it's just workaround, we can't fix fake server's, i can create fake server for any of source game and etc.

from halflife.

They can't redirect client but I as a player can't find normal server in current master server swamp.

from halflife.

Is there any progress on this?

Adding sv_setsteamaccount cvar, where you can get your login_token from https://steamcommunity.com/dev/managegameservers like CS:GO should be considered.

I think that allowing one server per token will potentially stop fake servers.

from halflife.

How is this NOT a bug? If this is the way you treat your customers I'm pretty so I won't be buying anything from you again. I'm in the same situation as nullcollision is. I can't find any proper games, just a list full of fakes.

This seems to also affect the Steam server browser.

from halflife.

What i learn on my life, is... if the weird things are NOT SOLVED, you must guess that the owner of service is benefiting from this. You MUST CLAIM for remove that ASAP.

from halflife.

Because it's still in beta.

It is fixed in public

] connect 109.105.70.158:29004
Connecting to 109.105.70.158:29004...
Connection accepted by 109.105.70.158:29004
Could not execute privileged command "connect"asus.gamepower.ro:27015
�
BUILD 5758 SERVER (0 CRC)
Server # 1
Your map [maps/de_inferno.bsp] differs from the server's.
Host_Error: Disconnected
] version 
Protocol version 48
Exe version 1.1.2.7/Stdio (cstrike)
Exe build: 15:58:59 Apr  3 2019 (8196)

from halflife.

They can't redirect client but I as a player can't find normal server in current master server swamp.

Then all that can be done is to enable GSLT for all GoldSource games (mods will automatically be covered by Half-Life's settings) and have moderation to catch and ban fake servers. Hopefully once these server operators get banned a few times they'll learn to stop doing this.

from halflife.

@mikela-valve Seems to be working but list is just too small, what does Has associated Steam account mean? We would like a bit of explanation on that one and how to opt-in to that.

I am thinking login through a real steam account when using SteamCMD and not using anonymous login but that make no sense at all.

from halflife.

This effects all versions?

from halflife.

Yes, it affects all mods, regular Half-Life as well. All GoldSrc based games are affected by this, on all OSes. It's really a game breaker. I thought I report this "bug" here since it affects all OSes.

At the moment, 75% of servers are like this. It tries to connect to them (3 bars), then it joins an another server, which will hack my game.

The best solution would be getting rid of the fake servers on the main server list.

from halflife.

Sadly, this is not the place to report it; this is for bugs regarding the linux version, not the service (which is causing the issue).

from halflife.

But it affects the Linux version too, and it should be fixed. I don't get why Valve allows players to host fake servers and hack other players' computers. It's impossible to play the game via server list.

As I said, it's not a bug, but it's a game breaker. It's a feature request just like https://github.com/ValveSoftware/steam-for-linux/issues/1006 is and it should have been in first place already. The game is completely unplayable to me because of this.

I hope Valve could AT LEAST take a look at this.

from halflife.

@unrealz0r. I'm not a Valve employee, first and foremost. Second, this isn't a bug regarding the linux client; there are other places for this report to go.

Being the linux client is still in beta and so many people are having a problem even connecting, you'll probably see a change in what servers are available. The issue is a well-documented one with a LONG history. Lets not forget that the game is from '99~'00. Many of the servers available were created ages ago and were hijacked sometime in the recent past (I'm reading some of the hijack articles going back 5 years).

The solution will be twofold. First, as more legit players come to play, there will be more clean servers. Second, there will be an increase in awareness of the issue due to an increased amount of players. More complaints about a given server, the more that will be taken down. Because of how these servers function, you have to take them down as they are detected; a fell-swoop won't do much.

The community has to be as proactive as the developers.

Valve can and will see this; closed issues don't go away.

On an aside, There are dozens of walkthroughs on how to easily hijack a CS1.6 server. CS:S and CS:GO are both safer until a patch can be made.

from halflife.

We can only hope Valve fixes this, as with Linux support I can bet there will be more angry customers. Valve should make some kind of a authentication system for the master server as well, as I can see there are many unauthorized servers there (everyone has VALVE_ID_LAN).

I can only hope for the best.

from halflife.

Like I said, part of it is finding servers you know are good. Most communities that hosted CS1.6 servers dropped them for CSS. Those that remained (many being home-based servers) got hacked and hijacked because of a very big security gap.

13 years ago, game 'sploits were everywhere.

The only way that these servers will become less of an issue is people actively moderating their own servers... which requires more people playing. There will be the same amount (potentially a few more), but the percentage of them in the server list will drop.

from halflife.

The problem is that the server admins are doing this themselves, they want more players on their servers. In my opinion doing this is wrong.

I still know many communities which play 1.6, it's a very popular game in my country as well.

It shouldn't be too hard for Valve to filter out these servers. The redirect ones, I mean. It's not fair against other server owners. Pirates also have their own, redirect filtered masterserver, why can't we have one?

I respect Valve as a company, but it just seems kinda random to me to not filter them. I hope you get my point. :)

from halflife.

That's just it though; the server admins largely -aren't- doing it themselves; the person who hijacked the server set up the hijacked system to forward it to one of theirs which modifies the client into adware..

True, a master server would help. Here's hoping they take suitable action.

from halflife.

That's wrong. A lot of these servers are put especially by some server admins, mostly from eastern europe if you check the IPs. Some IPs have hundred of fake servers, they just have different ports. It's quite easy to do, there are tools available that let you do it.

Checking the server list, it looks like 95% of servers are fake ones for me. There are more thousands of fake servers coming from 2-3 different IPs. I get a few real servers, which seem to be mostly empty.

And I have noticed a few times that the servers were able to replace the client files with different ones, I had my game menu modified as well, and other menus too. That's not limited to fake servers. Some real servers do it as well.

from halflife.

This was discussed all over the place. http://forums.steampowered.com/forums/archive/index.php/t-1667666.html has a great article from two years ago which gives a few work-arounds.

This is a nice early one: http://www.shoot-em.com/forum/how-i-removing-the-ads-t590.html which offers a way to prevent the config re-write.

Utilizing both is a good way to keep yourself safe until a fix comes.

from halflife.

I do plan to address the issue of fake servers, perhaps not with the initial release but certainly shortly there after.

from halflife.

I'm glad to hear about that. :)

from halflife.

Just a comment about this screen:
https://f.cloud.github.com/assets/3123539/106262/c207014a-69ed-11e2-849e-34156af9e610.jpg

What you showed can be done using a non-steam client (protocol 47), if you use Steam CS Client (protocol 48) nobody can do that to your game client

from halflife.

@Neeeeeeeeeel: This has happened me to with Protocol 48 client on Steam, too, so I doubt that.

from halflife.

@Neeeeeeeeeel: That is still possible to do on latest public version. However, Alfred said that he fixed that in beta version, I didn't test that yet, so I can't confirm.

from halflife.

Mmm I remember I tested (some time ago) and I can't
But he fixed it so i won't care about xd

from halflife.

If anyone's still having issues (and didn't bother reading the articles I mentioned), the best way is to chmod your config file so it's readable, but not writable. 544 or something of the sort should suffice as a stop-gap.

from halflife.

The update today has changed the serverbrowser to not include bots in the player count for a server, so this should help filter out these fake servers. Just tick "has users playing" in the filter options.

from halflife.

Is this just for 1.6 or for Steam as well?

from halflife.

Just for Goldsrc games (so cs and hl1 for now, and the rest soon).

from halflife.

The filter helps with fake servers, though there are still quite a lot of No Steam/Cracked servers which are full of people that are using non-steam cracked versions of the game. It can be seen with their SteamIDs which are invalid. Most of these servers are full of cheaters.
Unfortunately, there is no way to find out if a server is cracked before joining it. Any chance these servers can be delisted?

from halflife.

@anakin1 under filters set Anti-Cheat to secure, is that what you're looking for?

from halflife.

No. These servers are all showing as secured, while they are not. I guess they are either faking the status, or it's just that their crack allow clients that are not running VAC to connect anyway.

from halflife.

Alfred, Too much fake game server displayed in the list of masterserver.

The following fake servers IP's:

88.255.155.2:27015
88.255.155.5:27015
88.255.155.20:27015
88.255.155.110:27015
88.255.155.3:27015
88.255.155.51:27015
88.255.155.80:27015
88.255.155.54:27015
88.255.155.59:27015
88.255.155.73:27015
88.255.155.60:27015
88.255.155.29:27015
88.255.155.9:27015
88.255.155.6:27015
88.255.155.31:27015
88.255.155.101:27015
88.255.155.75:27015
88.255.155.99:27015
88.255.155.50:27015
88.255.155.4:27015
88.255.155.49:27015
88.255.155.83:27015
88.255.155.202:27015
88.255.155.8:27015
88.255.155.57:27015
88.255.155.56:27015
88.255.155.61:27015
88.255.155.84:27015
88.255.155.41:27015
88.255.155.47:27015
88.255.155.77:27015
88.255.155.43:27015
88.255.155.33:27015
88.255.155.58:27015
88.255.155.32:27015
88.255.155.13:27015
88.255.155.95:27015
88.255.155.91:27015
88.255.155.7:27015
88.255.155.78:27015
88.255.155.115:27015
88.255.155.11:27015
88.255.155.17:27015
88.255.155.39:27015
88.255.155.85:27015
88.255.155.81:27015
88.255.155.18:27015
88.255.155.200:27015
88.255.155.22:27015
88.255.155.40:27015
88.255.155.30:27015
88.255.155.34:27015
88.255.155.107:27015
88.255.155.86:27015
88.255.155.114:27015
88.255.155.48:27015
88.255.155.16:27015
88.255.155.113:27015
88.255.155.76:27015
88.255.155.106:27015
88.255.155.94:27015
88.255.155.90:27015
88.255.155.42:27015
88.255.155.19:27015
88.255.155.112:27015
88.255.155.53:27015
88.255.155.92:27015
88.255.155.71:27015
88.255.155.82:27015
88.255.155.102:27015
88.255.155.111:27015
88.255.155.89:27015
88.255.155.62:27015
88.255.155.96:27015
88.255.155.201:27015
88.255.155.88:27015
88.255.155.23:27015
88.255.155.74:27015
88.255.155.97:27015
88.255.155.37:27015
88.255.155.38:27015
88.255.155.44:27015
88.255.155.103:27015
88.255.155.28:27015
88.255.155.98:27015
88.255.155.87:27015
88.255.155.79:27015
88.255.155.109:27015
88.255.155.105:27015
88.255.155.45:27015
88.255.155.55:27015
88.255.155.14:27015
88.255.155.100:27015

from halflife.

You should publish that fake list to some "hack me if you can list" :D

from halflife.

These servers should definitely be blacklisted. There's far too many of them.

Lähettäjä: M3ndamailto:[email protected]
Lähetetty: ‎4.‎7.‎2015 18:53
Vastaanottaja: ValveSoftware/steam-for-linuxmailto:[email protected]
Kopio: nullcollisionmailto:[email protected]
Aihe: Re: [steam-for-linux] Fake servers in Counter-Strike (#1014)

You should publish that fake list to some "hack me if you can list" :D

Reply to this email directly or view it on GitHub:
https://github.com/ValveSoftware/steam-for-linux/issues/1014#issuecomment-118525485

from halflife.

Bump. Any news about it? Finding servers is worst for now. There are a lot of fake servers which are on top of the results.

from halflife.

Servers redirecting you should be prevented if you have cl_filterstuffcmd turned on, once the beta is pushed to release it should solve that problem. Slowhacking should also be prevented entirely at the same time.

Servers attempting to spoof the player count by changing the game name is being dealt with, leaving only the fake player count by way of bots issue.

As i noted here servers can spoof this information with no way to detect it by using a modified engine.

Steam provides support for bots by letting you create unauthenticated connections for them:
https://github.com/ValveSoftware/source-sdk-2013/blob/0d8dceea4310fde5706b3ce1c70609d72a38efdf/mp/src/public/steam/isteamgameserver.h#L149-L153

So it should be able to use this information to report if there are bots on the server, but only if the engine actually uses this function. Custom engines may be modified to not create a connection for bots to counter this, which along with my previous notes about reporting 0 bots leaves Steam in the dark about this.

From what i can tell this would result in the server browser not reporting the bots, so it should show up as empty if there are no bots. That might be an acceptable solution here i guess?

Beyond that, is there any else that needs dealing with regarding fake servers?

from halflife.

@SamVanheer first of all i think it MS problem and must be fixed on it. And as for me this servers must be remove because legitimate servers can't get traffic. Thousands fake servers are on top of results as I said before. And I agree with @afwn90cj93201nixr2e1re. Token system can prevent this. But it can't guaranteed that they will not registry a lot of accounts to take a token.

from halflife.

I'm assuming you mean MicroSoft? Because they don't have anything to do with this.

Also because servers can be hosted using anonymous login there's no way to make any kind of token or key system that will prevent any of this.

Forcing server operators to register new Steam accounts just to host servers will create more problems (hosting multiple servers on the same physical server for one) and will probably also cause problems for other games since the master server is shared with all games.

The second problem can be avoided by making the master server apply anonymous account restrictions on an app-by-app basis but there is a reason why anonymous login exists.

Edit:
I found that newer Valve games use a system to solve this problem: https://steamcommunity.com/dev/managegameservers

I assume this is what you were referring to before? It sounds like it should solve this problem in some fashion, if one server is found to be fake all other servers tied to the account that the token was created with can be investigated/removed/banned/etc. I don't know how this works though, i'll look into it a bit more.

Edit 2:
From what i can tell this feature relies on the existing API for logging in using an account: https://github.com/ValveSoftware/source-sdk-2013/blob/0d8dceea4310fde5706b3ce1c70609d72a38efdf/mp/src/public/steam/isteamgameserver.h#L53-L59

So the engine could be updated to require this without needing a SteamWorks SDK update.

The account requirements should curb fake servers once the first batch of fake servers get banned, since the associated accounts will likely be community banned as a result.

The only question would be how fake servers should be reported, since if that's not possible then all of this would be a waste of time.

from halflife.

The only question would be how fake servers should be reported, since if that's not possible then all of this would be a waste of time.

Current fake servers only want to redirect client to another server. They mostly send connect ip, motdfile, motd_write when client connecting to the server.
https://gist.github.com/Mistrick/fd3bc8071f2fcf103c17663681883fd5

from halflife.

I'm assuming you mean MicroSoft? Because they don't have anything to do with this.
No. I mean the official Valve master server

Also because servers can be hosted using anonymous login there's no way to make any kind of token or key system that will prevent any of this.

I know. And one of suggestions is to disallow anonymous login.

I found that newer Valve games use a system to solve this problem: https://steamcommunity.com/dev/managegameservers
This is was we talked about. Make the same principle

from halflife.

The only question would be how fake servers should be reported, since if that's not possible then all of this would be a waste of time.

Current fake servers only want to redirect client to another server. They mostly send connect ip, motdfile, motd_write when client connecting to the server.
https://gist.github.com/Mistrick/fd3bc8071f2fcf103c17663681883fd5

Slowhacking through the director message command is fixed in beta, but only for official games. Mods are still susceptible to them since they're out of date.

Hopefully that should put a stop to fake servers in official games like CS, but if it still happens once the beta is pushed to public then definitely report that.

@mikela-valve This is something that should be enabled if possible. I read through the SteamWorks documentation and found no references to enabling GSLT specifically, but it does mention being able to configure dedicated server apps as anonymous or requiring specific accounts, so i assume GSLT is generally available to all apps and not just the Source engine games that use it.

I also found web API calls for banning/unbanning GSLT servers but those require a publisher API key so i assume GSLT server bans are intended to be managed by the developer and developer sanctioned moderators.

from halflife.

Hopefully that should put a stop to fake servers in official games like CS,

Fixed in april but 50+% servers in master server are still fake.

from halflife.

Hopefully that should put a stop to fake servers in official games like CS,

Fixed in april but 50+% servers in master server are still fake.

Because it's still in beta.

from halflife.

Correct, i was wrong about that.

Are servers able to force a redirect still? Or are they solely reliant on the fixed director message?

from halflife.

We need answers from Valve.

from halflife.

That's not Microsoft problem at all. We start report fake servers since 2010. And nothing.

P.s MS in this case == MasterServer.

from halflife.

From what i can tell this basically filters out all dedicated servers hosted with anonymous login which for CS is the majority.

This does filter out the servers that are trying to fake the player count using the game name with trailing number trick.

from halflife.

Thanks @SamVanheer I was just typing that up. That's why I didn't set that filter as the default, I figured there are many valid servers using anonymous login. Is the downside to logging in to Steam that it doesn't make it possible to host with older client/server versions or are there other issues as well?

from halflife.

@mikela-valve AFAIK there seems to be some login issues and how <appid> packages are being download through SteamCMD when logged to it (mostly download issues, corrupt files) login anonymous is also being added as a step on SteamCMD - Valve Developer site (https://developer.valvesoftware.com/wiki/SteamCMD) when trying to setup a Dedicated Server.

You need to use app_update 90 validate multiple times to make SteamCMD recognize it correctly and get the entire package download without any corrupt files on it.

from halflife.

I don't think it's possible to host multiple dedicated servers at once when using account login, but i've never tried that. I did just try to launch the HLDS downloaded through the Steam client multiple times through Steam, it looks like HLDS itself just defers to the first launched instance.

I don't know if the same happens when using SteamCMD.

I don't know if logging in to host causes problems with older clients, i've certainly never heard of anything like that.

from halflife.

@SamVanheer No, it is not possible to host more than one server using the same Steam Account.

People is not using Steam Tools to download official HLDS that is being advertised on Steam because there is no way to host more than one server plus you don't need Steam at all to open your server.

from halflife.

@mikela-valve Filtering seems to not be catching properly the entire servers that are logged to Steam correctly.

I got it listed correctly on my Favorites list and filter seems to be working.

Internet tab is not showing that server with the new filter enabled, weird.

You need to refresh filters and moving some things to get the entire list to be released properly.

Internet server list being updated correctly after touching some filters back and forth.

from halflife.

@basuritashka I think the weirdness you're seeing is just that the server's Steam ID isn't necessarily received in the first info response for the game server, it's filled in later and initially marked as anonymous until it gets that information so it's being filtered out. Did the server you were checking eventually show up after you'd refreshed again?

from halflife.

@mikela-valve Yes, it got filtered correctly after many refresh and touching certain filters. Always the first request when launching CS seems to not be catching the entire internet list.

This is happening regardless using Has associated Steam account or not, Internet list is not being sent completely sometimes and has been like that for years now.

from halflife.

Everything is fine now. But write some article bout assigning a steam account to the server. And that's all.

It's just udp problems, not related to fake servers.

@mikela-valve

from halflife.

But...
Has associated steam account, emmm, so, lemme explain why it's bad option at all agains fake servers, and token(web-tokens) as i described above it's only one solution for this.

Game hosting which provide some space(resources) for hosting game server, for example hl1/cs1.6
User push install button, game hosting script's start steamcmd/or unarchive exists depot's to user dir's.

So, by default there no access to root dir(in this case where hlds_run placed).

And the main problem in this case steamcmd installing way. Then we got 1000 server's on one hosting which can be banned when one server using for spread malicious files.

Simple;
3000 users.
Steps:

1. User 1 installing server, getting server with CSteamID sturcture on gameserveritem_t based on hosting steamcmd login/password's(community id).
2. User 2....
3. User 3...
   ...
4. user 3000 ...

User 2500 spreading some kind of malicious files.

Moderator come and ban this CSteamID on masterserver, all 3000 server's get ban.

Did you even read our posts?
I highlighted in the form of a h1 the only right decision that you can come to.

#2064 (comment)

I don't know why you making crappy fixes, where normal fixes exists. We loose some server's? Many of server owner's gonna create topic's (Oh my gush, why my server not on steam master server after august update) and we can write response, where gonna describe that they must add their steam api web token's for adding server's to MS.

This can't be fixed in ServerBrowser, alo, garaj.
It's general Steam MasterServer issue right now. And tokens(which already used in Source games, just check it) is the only right solution which can be done. Just update some steam interfaces(steam_api). It's not breakable for mod's.

#2064 (comment)
#2064 (comment)

Can you call someone from Valve who is currently involved in Master Server development?
Coz there many bug's with UDP answers too.
So, we can fix them both.

from halflife.

@afwn90cj93201nixr2e1re If by "Steam API key" you mean "Steam Web API key", it won't work because the key can be regenerated differently for the same domain.

1. Generate a key for the domain (I used mydomain.com as example).
2. You get your key (let's call it "A").
3. You do the naughty stuff with your server(s) and you get it (them) banned from the master server.
4. You revoke the key "A" because it's banned.
5. You generate a key for the same domain as before (mydomain.com).
6. You get a fresh new key ("B").
7. You repeat step 3 until you get bored.

Many of server owner's gonna create topic's (Oh my gush, why my server not on steam master server after august update) and we can write response, where gonna describe that they must add their steam api web token's for adding server's to MS.

If Valve (and/or the community) explicitely announce any change like that, then it's up to the servers operators to read that announcement, stay informed and take the necessary precautions if needed.

from halflife.

If by "Steam API key" you mean "Steam Web API key",

No, i don't.
Special for you i logged into my steam account on PC and found this, xD.
https://steamcommunity.com/dev/managegameservers

After updating steam api (steamclient) interface's we gonna get more feature, like auto server ip updating on changes and other stuff like that.

If Valve (and/or the community) explicitely announce any change like that, then it's up to the servers operators to read that announcement, stay informed and take the necessary precautions if needed.

So, i don't get why you just replied same thing with diff. word's, im talking about:

there are many valid servers using anonymous login. Is the downside to logging in to Steam that it doesn't make it possible to host with older client/server versions

OLD server's and server's with non-steam support.

from halflife.

I think someone dont see this is about FAKE SERVERS not about what type of server are you run...lmao...

Cheers

from halflife.

I think someone dont see this is about FAKE SERVERS not about what type of server are you run...lmao...

Cheers

At least read the comments...

from halflife.

You understand what i trying to say? I think you confused...
Well... Dont waste your time reply my stupid comment...

from halflife.

already discussed before.
just scroll.

from halflife.

In China, servers are flooded with fake servers, approximately 7,000 of them.

Some of these fake servers:

https://prnt.sc/3UnDtff_7Cqh
https://prnt.sc/mrF3VX33xJE9
https://prnt.sc/djGlwDEFItVp
https://prnt.sc/bgwrCBvoL8dw

from halflife.

After enabling has associated steam account, there are still about 7000+ fake servers.

https://prnt.sc/m_-aOrHRQXGD

some fake ips:

1.12.53.144
1.13.178.246
1.14.18.133
42.193.246.235
43.138.11.227
43.138.12.87
43.138.30.81
43.138.124.80
43.138.238.138
43.139.10.24
43.139.101.40
43.139.137.72
43.139.151.119
43.139.254.12
43.248.186.168
43.248.188.107
47.108.255.232
49.233.9.8
49.233.54.254
49.233.248.129
81.69.248.101
81.70.149.211
81.71.97.214
81.71.140.144
82.156.250.39
82.157.120.235
101.34.59.112
101.34.59.218
101.34.67.196
101.34.79.10
101.34.79.165
101.34.80.168
101.34.83.127
101.34.87.16
101.34.248.109
101.42.151.253
101.42.153.198
101.42.170.34
101.42.237.170
101.43.85.127
101.43.134.81
101.43.161.24
101.43.193.98
101.43.207.27
106.54.217.162
106.55.102.141
110.40.129.174
110.40.137.194
110.40.141.85
110.40.141.91
111.229.17.8
111.229.34.6
114.132.91.230
118.195.255.12
119.23.242.140
124.220.70.16
124.220.70.141
124.220.79.43
124.221.142.80
124.221.187.162
124.222.34.227
124.222.103.233
124.223.55.27
124.223.60.118
124.223.64.38
124.223.64.47
124.223.64.124
124.248.64.51
129.28.192.68
139.186.223.150
139.199.227.25
150.138.83.229
152.136.51.20
152.136.219.223
175.178.46.203
175.178.105.204
175.178.128.138
175.178.242.233
203.135.101.252
223.13.93.22

In total, these IPs provide approximately 7,000 fake servers.

from halflife.

fake servers in the internet tab still going, has anything been done since 2013?

from halflife.

Sorry for dead thread posting but are any valve employees finally gonna fix the fake virus servers? especially the ones with keyloggers.
The recent 25th Anniversary Half Life update came with a change that lets you host through the Create Server in the menu which makes the need of port forwarding in most GoldSrc engines gone which is pretty good
the servers with "[Player name]'s Server" are the ones that are hosted through Create Server with Steam Networking checked and I've been playing on them since they're the safest servers to join in.
But the people I've been playing with in those steam
servers are mostly noobs and it scares me to think about the other noobs who chose to join servers and the high chance they might join a fake server and get infected.

from halflife.

join a fake server and get infected.

These are just fake servers to redirect to the target game server. This fake servers do not exploit any vulnerabilities in the game client. Also, all known RCE vulnerabilities were fixed in the engine's anniversary update.

from halflife.

join a fake server and get infected.

These are just fake servers to redirect to the target game server. This fake servers do not exploit any vulnerabilities in the game client. Also, all known RCE vulnerabilities were fixed in the engine's anniversary update.

Either we (or valve) like it or not, the majority of players still play the game thru pirated versions, this fake servers are to target those people more than real steam users, this issue should continue to be a priority to fix if we really care about the longevity of the game.

from halflife.

no its a steam problem.

first of all there is a difference in counting legit steam players in internet and favorites tab.
internet (usually) counts only steam players as legit players.
favorites counts steam+no-steam+bots as legit players.

• there is a bug (or a feature?) that sometimes, the internet tab behaves the same as the favorites tab.
• since the hl25 there seems to be a new hack to make no-steam players counted as steam players, as can be seen in my screenshot above
• why does this tab difference exist at all, and why has valve not changed it in years?

from halflife.

this fake servers are to target those people more than real steam users

On the contrary, new fake servers that appeared last year are aimed at Steam players. Because these servers are able to replace the number of players not only in the connectionless S2A_INFO message, but also in the output from the master server (for example, in the Internet tab in the server browser).

Look at the master server output:

<addr>5.189.221.188:27021</addr>
<gameport>27021</gameport>
<steamid>90179517129874437</steamid>
<name>Develop Server</name>
<appid>10</appid>
<gamedir>cstrike</gamedir>
<version>1.1.2.7/Stdio</version>
<product>cstrike</product>
<region>255</region>
<players>30</players>
<max_players>32</max_players>
<bots>0</bots>
<map>de_dust2</map>
<secure>false</secure>
<dedicated>true</dedicated>
<os>l</os>

As you can see, the master server thinks that there are 30 players on the server, because these fake servers use Steam account farms to authorize these accounts on the fake servers (in order to be counted in the master server).

The problem is quite fundamental. Currently, registration of a game server in the master server is free (servers are issued a steamid with the account type "AnonGameServer"). I would suggest making GSLT (Game Server Login Token, https://steamcommunity.com/dev/managegameservers) registration mandatory, as well as a server cvar for GSLT sv_setsteamaccount, as was done in csgo. This will somewhat complicate the registration of fake servers in the master server, but will not solve the problem completely.

from halflife.

• there is a bug (or a feature?) that sometimes, the internet tab behaves the same as the favorites tab.
• since the hl25 there seems to be a new hack to make no-steam players counted as steam players, as can be seen in my screenshot above
• why does this tab difference exist at all, and why has valve not changed it in years?

1. This is a bug that has been observed for many years, but it has not yet been determined exactly why it works.
2. This thing existed before the engine's anniversary update. It was just used before in CSGO/TF2. These fake servers fill player slots using Steam accounts farm authorization into fake game servers, so that its counted in the master server.
3. In the Favorites/History/Lan server tabs, the game client browser takes information about the number of players only from the S2A_INFO message from the game server (unreliable data source).

In the Internet/Spectate server tabs, the browser first obtains information about game servers from the Steam master server (a reliable source), and then queries each server using A2S_INFO messages. So in these tabs the game client displays information about players from a reliable source (Steam master server), but sometimes a bug occurs and information is displayed from an unreliable source (S2A_INFO from game server).

I believe this difference in tabs is made so that Favs/Hist/Lan can work offline, that is, without an Internet connection.

from halflife.

@kisak-valve @alfred-valve when will you clean up the Internet tab fake servers?

from halflife.