| Author |
Message |
DM Ridgerunner
Dungeon Master (NWN 2)
Gender: 
Joined: 23 Mar 2007
|
 Posted:
Mon Apr 16, 2007 9:35 pm |
  |
WARNING TO EXPLOITERS
Exploiting is not welcome here. If you can not handle competition without cheating and decide that you must resort to exploiting, then you will eventually get caught, be punished, possibly permanently banned, and likely shamed by your peers. If your ego outweighs your tolerance for humiliation, then you will only increase your emotional stress to epic levels.
Last Edit: Feb 17, 2008
The top post of this thread will be edited from time to time in order to provide players with the most current information about exploits, how to protect yourself from being a victim of exploiters, and policy enhancements.
Our stance is simple... no exploiting, no teaching others to exploit, no testing exploits without the consent or under the supervision of a DM or Developer.
| Seed wrote: | | We need to take exploiters very seriously or we'll end up with a bunch of hacker-kiddies who exploit every nook and cranny. |
| Seed wrote: | | Currently DEX2 is the wild west and needs some taming. |
Regarding Exploits:
At DEX2, we take exploits very seriously. Exploiting is one of the most significant threats against a healthy player base. It disappoints veterans and new players alike and we have suffered the loss of players because of it. Most players are ethical enough not to use them, though in a competitive, heavy pvp environment, the temptation is there. If we allow the unethical players to continue to get away with exploits, that may encourage more players to start participating in exploiting as well. Thus, exploiting is like a self perpetuating disease that can and does lead to server death.
Thus, our goal is to eliminate exploits on DEX2.
How we attempt to reach our goal is to identify all significant exploits, and research them on a case by case basis in order to figure out:
Is there some way to automatically prevent the exploit? Auto prevention would be our optimal solution. In cases where there is some way to automatically prevent them, we will invest some Development team resources towards creating and implementing that solution.
If not, then is there at least some way to automatically detect the exploit? At least if we can automatically detect them every time they are used, then we have a strong deterrent against them, and can take appropriate actions against the offending player.
In cases where we can not either automatically prevent, or automatically detect, then there is only manual monitoring. Up until now, this manual monitoring has been a tremendous time sink for our DMs. Our DMs also serve as our Dev resources, so when we spend time monitoring for exploits, this slows or stagnates module expansion and enhancements, which also serves to decrease our player-base in the way of veteran players growing bored of the module.
Stand up for Yourselves; Help Us Help You
So at this point, we must appeal to our player base for support. Each one of you can help us by providing the monitoring service for us. Many of those exploits which are non-automatically-preventable and non-automatically-detectable are easily detectable via a video. We've finally researched applications and developed methods and comprehensive instructions on how you can capture and encode (compress) video:
Video Recording: FRAPS Instructions here:
http://www.dungeoneternal.com/phpBB2/sutra106492.php
Video Encoding: TMPEGEnc Instructions here:
http://www.dungeoneternal.com/phpBB2/sutra106493.php
VIDEO PRESENTATION
In order to make your videos available to the entire DM staff, please do not email them. The preferred method will be for you to host your videos at a remote file-share site. There are many free remote file-share sites available. You may already have your own fileshare site that you prefer to use, that’s fine provided DMs can download from it. If you are not aware of what a file-share site is, here is one that we recommend. Its free and easy to use:
http://www.4shared.com/signup.jsp
DM REVIEW
As DMs, we are responsible to download and review your videos within a timely manner and provide some written feedback to the sender. The DM staff has always worked consensually, and we diligently record all such events and decisions within the DEX2 DM forums. Your video must show proof of the exploit, and in the event that it does, we will take action against the perpetrator.
_____________________________________________________________________________
The DEX Code of Laws was written to support DEX1. It will be copied and edited, tailored to support DEX2. We don't have an estimated date of completion for that task yet. But in the mean time, refer to the DEX(1) Code of Laws, as it will be the basis for DEX2 Code of Laws: http://www.dungeoneternal.com/phpBB2/code_of_laws.php#2 |
_________________
Last edited by DM Ridgerunner on Sun Jun 10, 2007 11:08 pm; edited 3 times in total |
|
  |
|
DM Hatred
Dungeon Master (NWN 2)
Gender:
Age: 27
Joined: 10 Apr 2007
|
| Posted:
Thu Aug 30, 2007 7:40 am |
|
Wanted to bump this subject to bring it to the front of everyone's attention again. There remain ways for players to exploit for which we have no automated fix for yet, but most can be monitored for, some can be discovered via database queries, and some we can find while watching players. Bottom line is, exploiting has to stop. Be fair to your fellow players.
The "Bullet Casting" post Seed put up yesterday shows an example of what we can find via a db query. Or if a DM is online, the same message will be displayed to him instantly in a bright highlighted font.
If you notice your HP climbing above its maximum amount, then you should be able to account for how it got to that condition; If you don't know where the extra HP are coming from, then don't just keep it a secret, send us a bug report (preferably via PM).
The one I've been told is common right now is that players are double dipping on constitution bonus HPs. If you have an item that's already giving you +4 or more consitution, don't drink or cast additional bear's endurance, thats common sense. |
|
|
| |
|
Seed
Head Case
Gender:
Joined: 26 Dec 2005
Location: Philadelphia PA USA
|
| Posted:
Thu Aug 30, 2007 10:02 am |
|
We do try to fix all bugs that we find. Some we can't fix and some just cost me more time to script around that I care to divert from other resources. If we can't or won't fix a bug, we make a determination on the DM forums to either let it go and not punish for it, or announce that it is illegal and punish for it.
Inflating your Temp HP above your max was announced as an exploit long ago and has long been known to be a bannable offense. Don't do it. And if you find a way that causes it to occur unintentionally, report it to a DM or Me. Not reporting it only sets up this situation where bans get passes around because we don't know any better.
A Word on how Banning Works:
When a Temporary Ban is applied to a PC in game, it records the ACCOUNT and the CDKEY of the player in the TB table.
When any PC logs into DEX2, a list of every CDKEY that has logged into that PC's Account is generated. The Temp Ban table is then checked against this list of CDKEY's. If any of the CDKEY's that have ever accessed that Account are found in the TB table, then the Account currently logging in is also considered banned.
This is the way it has to be. It is guilt by association, but it keeps someone from simply changing CDKEYs and skirting the ban.
FOR EXAMPLE:
So If you give your Account password to JoeBlow and he logs into your account, a link is established between your Account and JoeBlow's CDKEY.
If JoeBlow later gets himself banned and his Account and CDKEY are entered into the Temp Ban table.
Now you come along and try to log in. The db is searched and a list every CDKEY that ever accessed the Account your are logging into is created (Your CDKEY and JoeBlow's CDKEY in this case). This CDKEY list is then compared against the TB Table. Since JoeBlow's CDKEY appears in the list of CDKEYs accessing your Account and JoeBlow's CDKEY also appears in the Temp Ban table, your account is considered one of JoeBlow's accounts and your login attempt is rejected.
Understand? It is BAD to share your Account Password and you do so at your own peril. |
_________________
 
I ain't the world's best writer ain't the world's best speller but when I believe in something I'm the loudest yeller
If we fix it so you can't make no money on war well we'll all forget what we was killing folks for |
|
| |
|
DM Hatred
Dungeon Master (NWN 2)
Gender:
Age: 27
Joined: 10 Apr 2007
|
| Posted:
Thu Aug 30, 2007 11:44 am |
|
Those who have already shared their login account passwords, I'd suggest you start a new account to build up your future builds in and don't give out the password to anyone.
Tranquility, you are partially correct, they normally wont stack. If someone is stacking extra con bonus HP, they need to do more than just wear an item and hit babba yaga. They have to plan on exploiting to realize the inflated hp (of course we don't want to give all the details as to how its done here). |
|
|
| |
|
Seed
Head Case
Gender:
Joined: 26 Dec 2005
Location: Philadelphia PA USA
|
| Posted:
Thu Aug 30, 2007 12:00 pm |
|
FYI - all the Accounts, CDKeys, and the links between them will be cleared once we do the wipe for MotB. So if you have shared your account password, change it (if possible) and don't let anyone know the new one.
Another FYI - Shared Faction Accounts can be a real problem for the Faction. If someone in the Faction that has EVER accessed a shared account gets Banned, then so will every one else that has EVER access that shared account. |
_________________
I ain't the world's best writer ain't the world's best speller but when I believe in something I'm the loudest yeller
If we fix it so you can't make no money on war well we'll all forget what we was killing folks for |
|
| |
|
DM Hatred
Dungeon Master (NWN 2)
Gender:
Age: 27
Joined: 10 Apr 2007
|
| Posted:
Fri Nov 16, 2007 3:27 pm |
|
Time to bump this thread, everyone please read the initial post at your earliest convenience, including the link to the code of laws. Now granted this top post and code of laws both need some revising for clarity. If there is any particular part you're not sure whether you might be in danger of violating, post it here (will give me some indication of where editing is needed at least) and I'll answer asap.
I have to bring this up because the amount of reports of people breaking these rules and using various exploits is about overwhelming right now. We don't have automatic solutions in place on every exploit and to investigate can be very time consuming. I'd rather be doing something more productive than gathering evidence against someone who feels they need to cheat to be competative. I'm running short on patience, so when I do find someone abusing a bug or in violation of a code of law, they can probably expect a pretty heavy penalty. Consider this your warning. |
|
|
| |
|
DM Hatred
Dungeon Master (NWN 2)
Gender:
Age: 27
Joined: 10 Apr 2007
|
| Posted:
Sun Feb 17, 2008 5:50 am |
|
Latest Update, February 17, 2008
New information is available in the top post of this thread, including information on how we can all help to prevent exploits. Please read at your convenience. Thanks |
|
|
| |
|
Ozymondius
Stranger
Joined: 22 Apr 2008
|
| Posted:
Fri Apr 25, 2008 3:33 pm |
|
I have accidentally found an exploit, where do I report it? |
|
|
| |
|
pain
1000+ PM an admin for a custom rank...
Gender:
Age: 37
Joined: 20 Oct 2007
|
| Posted:
Fri Apr 25, 2008 3:43 pm |
|
You can report exploits and bugs you find to myself or DM Hatred. |
|
|
| |
|
|
|
|
View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum
|
Powered by phpBB
© 2001/3 phpBB Group :: FI Theme ::
All times are GMT - 4 Hours
|
Calendar
