Forum

Page 1 of 4 123 ... LastLast
Results 1 to 15 of 54
  1. #1
    Join Date
    December 2009
    Location
    england
    Posts
    11

    Smile Stealing nicknames

    Well people are stealing other peoples nicknames how can i stop either name changes or register nicknames to clients?

    Thanks

  2. #2
    Join Date
    December 2009
    Location
    Vancouver, BC
    Posts
    89
    I'd like this feature too please.

  3. #3
    Join Date
    December 2009
    Location
    Livingston, Scotland
    Posts
    9
    Well people's tokens are unique so if you add them to your friends then you should know who is fake and if they are fake and are stealin nicknames then just ban them.

    Easy

  4. #4
    Join Date
    December 2009
    Location
    Vancouver, BC
    Posts
    89
    Quote Originally Posted by psychokilla View Post
    Well people's tokens are unique so if you add them to your friends then you should know who is fake and if they are fake and are stealin nicknames then just ban them.

    Easy
    What if they're on a different machine then they usually use, and didn't bring their identity with them? This is why a username / password system would be useful as well. In cases where the person forgets to backup their identity before they format their computer, or they use multiple computers and don't want to transfer their identity to them, like at an internet cafe or something.

    The unique_id thing is great, if you only ever use TS3 on one system, and you don't need to worry about someone using your TS3 identity on it. But if you're using a shared pc, or public pc, the unique_id thing suddenly becomes not such a great idea. Having the option of registering usernames / passwords to members so that when they login with that info, the server recognizes them would be great.

    Now I see that the server client database and the client bookmark have the ability to put a username and password in, but how this feature works is not known to me. In my client table, the only user with a username and password is "serveradmin". So I'm guessing this is for the Server Query login only, and not an actual client connection login.

  5. #5
    Join Date
    December 2009
    Location
    Germany
    Posts
    6
    I would prefer a Username/Password system too.
    The token thing may be a good idea, but the old system was much more comfortable.

  6. #6
    Join Date
    May 2006
    Location
    USA
    Posts
    172
    I kinda agree that the old system seemed more secure. Outside of passwording your server, you seem wideopen to nothing but problems with problem people coming in.. ban them.. minutes later they return with a new unique ID and new IP.

  7. #7
    Join Date
    December 2009
    Location
    Hessen - Germany
    Posts
    6
    Hm, are the other identities i create serverbound? If they were, it would last longer to get a new unique ID...
    But it think the chance that problem persons will not nerve u any longer after one ban is little bit higher.

  8. #8
    Join Date
    December 2009
    Location
    AZ
    Posts
    14
    Quote Originally Posted by MaXXimus View Post
    I kinda agree that the old system seemed more secure. Outside of passwording your server, you seem wideopen to nothing but problems with problem people coming in.. ban them.. minutes later they return with a new unique ID and new IP.
    Well, if it's someone who wasn't supposed to connect in the first place, you can still password the server. If you leave it with new users in guest group, then someone who is admin will have to raise them to user. they just need to make sure who the person is before raising them to user. If all the other channels require user level to access, that will keep them pend in to the entry way until they can be identified properly.

  9. #9
    Join Date
    December 2009
    Location
    Malta
    Posts
    4
    Well in my opinion the username/password is better and also a ban will be banned the account too not only ip.... so if the server get hacked or something... they won't just change the ip but they need to create other server admin account....

  10. #10
    Join Date
    December 2009
    Location
    Hessen - Germany
    Posts
    6
    Sure, thats when the ppl on the TS are authed with the server. When they are not, they need a new IP after u banned them only. On TS3 u have to create a new identity (AND u need a new IP). One identity is like one account in my eyes.

    I will try it without passwords on the channels first.

  11. #11
    Join Date
    December 2009
    Location
    X
    Posts
    35
    Quote Originally Posted by MaXXimus View Post
    I kinda agree that the old system seemed more secure. Outside of passwording your server, you seem wideopen to nothing but problems with problem people coming in.. ban them.. minutes later they return with a new unique ID and new IP.
    If I'm not mistaken, the Security Level system is supposed to help with the problem of generating free accounts for ban avoiding. It takes awhile to level accounts, meaning that troublemakers have to spend a lot of time to generate accounts to enter higher level servers. If I'm not mistaken, I thought for sure I read that IPs can be banned currently as well, but if not, oh well.

    On a side note, while many people appreciate the username-password solution, I would like to comment on the design of the GUID-token system. This newer concept has a number of improvements over the former system used by TS2. First and foremost, passwords are always a potential problem. Some people use insecure passwords, or else they use the same password for multiple systems, allowing the security and safety of entire systems to be brought into jeopardy by poor practices.

    Separate from this issue, this new model allows all servers to recognize people instantly based on their unique ID. This takes out the entire issue of forcing users to authenticate themselves. It's done for them, and all changes can be retained as access is granted (or even revoked).

    The fact that tokens only exist for one-shot usages makes them much safer. Knowing a username, you can work on guessing a password (depending on a number of factors, it could be quite easy or difficult). You can't quite bruteforce tokens nearly as easily, however, since they aren't supposed to be created until they need to be used, and they are quite temporary. This makes them much safer in general, since a username and password combo is always in existence and can always be attacked (although the success rate is another story).

    Quote Originally Posted by Arterio View Post
    What if they're on a different machine then they usually use, and didn't bring their identity with them? This is why a username / password system would be useful as well. In cases where the person forgets to backup their identity before they format their computer, or they use multiple computers and don't want to transfer their identity to them, like at an internet cafe or something.

    The unique_id thing is great, if you only ever use TS3 on one system, and you don't need to worry about someone using your TS3 identity on it. But if you're using a shared pc, or public pc, the unique_id thing suddenly becomes not such a great idea. Having the option of registering usernames / passwords to members so that when they login with that info, the server recognizes them would be great.
    In terms of using public or shared computers, if you use passwords on those systems, you could be in danger just as well. Computers used by unknown individuals could very well have keyloggers or other types of malware. You always run a risk by doing anything requiring thought for security on a machine accessed by others than just yourself. It's just part of the nature of these things, although the risk varies depending on your situation.

    Otherwise, backing up a profile is rather trivial.

  12. #12
    Join Date
    May 2006
    Location
    USA
    Posts
    172
    Well a lot of my members aren't able or willing to leave their systems on for hours or days to get the permission raised. And I almost kinda feel the whole security level idea is a major waste. I honestly don't even see a practical use for it what so ever. Like what real use does it have?

    Say I want the "max" security... so I raise it to 100. So now what? Wait a couple years before anyone can connect? If you want to keep out idiots, then putting a password on the server seems more logical.

  13. #13
    Join Date
    December 2009
    Location
    X
    Posts
    35
    Quote Originally Posted by MaXXimus View Post
    Well a lot of my members aren't able or willing to leave their systems on for hours or days to get the permission raised. And I almost kinda feel the whole security level idea is a major waste. I honestly don't even see a practical use for it what so ever. Like what real use does it have?
    My understanding is that it is for keeping out newer accounts. Practical example: Joe Moron wants to join a public server and be a jerk. So he gets banned, and decides he wants to come back and harass the server. He makes a new identity with a new GUID -- but he can't enter because the server requires a higher level than the base entry. Joe has to sit there leveling his profiles to get back inside. This takes time. Meanwhile, the public server gets a break from Joe's idiocy until he can find the time to level up.

    Quote Originally Posted by MaXXimus View Post
    Say I want the "max" security... so I raise it to 100. So now what? Wait a couple years before anyone can connect? If you want to keep out idiots, then putting a password on the server seems more logical.
    Requiring the maximum security level is probably not what you want. Of course a password is more appropriate for a private server. This feature is more for public servers that want to keep idiots out. A password won't work.

  14. #14
    Join Date
    December 2009
    Location
    Hessen - Germany
    Posts
    6
    He makes a new identity with a new GUID -- but he can't enter because the server requires a higher level than the base entry. Joe has to sit there leveling his profiles to get back inside. This takes time.
    Well, first time i hear of this. I found the option to request a higher level but how does this work? What is the highest level?
    And when Joe Moron could join the server with identity 1 i am sure he is able to join with 2 too cause all identities have security level 9, arent they?

  15. #15
    Join Date
    May 2006
    Location
    USA
    Posts
    172
    DavidC99 makes a somewhat valid point that some servers are public and I think by default most servers are security level 8... or at least the one's I have been in. So if Joe Moron comes into my public server and causes a problem, I can raise the required security level to 9 and now Joe Moron has to take the few seconds required to level up before he can come back in.

    But this is where I think the security level is somewhat moot across the board, because if the server gets hammered by a group of Joe Morons and they keep increasing the security level... at some point the users that frequent that public server are gonna say "to heck with this" because I have to keep raising my security level each and every time this happens, plus my buds who want to come here for the first time need to take 10x the amount of time to level up.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Nicknames: Anyone can use yours
    By stalker34 in forum Permission System
    Replies: 26
    Last Post: August 29th, 2013, 12:49 PM
  2. Stealing License
    By SawyerJ in forum Server Support
    Replies: 1
    Last Post: March 5th, 2013, 03:19 PM
  3. Nicknames
    By AnEliteSoldier in forum General Questions
    Replies: 1
    Last Post: December 24th, 2011, 07:24 PM
  4. Colored nicknames
    By bpksdevilz in forum Suggestions and Feedback
    Replies: 3
    Last Post: July 18th, 2011, 06:11 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •