This post comes after I asked /r/ArmADev for suggestions and subsequently got down voted to hell for what, in my opinion, is a fair dislike towards me in the community.
I will be responding to the suggestion posted by /u/otherworldlyBuffoon
Here is the post.
So what kind of attacks do cheaters use on arma 3 servers? What are servers often vulnerable too? I am going to break this down into a few categories and cover each separately while providing a few examples directly from my own work. (Warning: I am only going to be covering scripts in this post. Memory cheats are more complicated and I will do another post covering those in the near future)
Self Boosting Scripts
These are the most basic cheats, the “No Recoil”, “Unlimited Ammo”, and “God Mode” type cheats. These are detected with anticheats and scripts.txt filters.
To start off I will cover no recoil. InfiSTAR anticheat blocks this so any server running it won’t need to worry about this.
Some mods, such as desolation mod, modify the units recoil to create a more realistic effect. Cheaters will use this to gain a very unfair edge on the other players in combat.
Unlimited ammo is much more difficult to detect. InfiSTAR does a decent job of detecting it but with a slight delay added to the loop infiSTAR becomes ineffective.
In my personal opinion, using scripts.txt is the most effective way to ban for this. Adding the line “5 setVehicleAmmo” would detect a majority of the cheats currently available.
God mode is something that is also very difficult to detect. There are many ways to do it. Here is a few ordered from most effective to least effective.
all of these really have no easy way to detect. The most effective method for banning is, once again, a scripts.txt filter.
These are still pretty basic, but the goal of these is to mess with other players. Scripts like “Teleport all” and “Explode All” are included in this category.
Teleport all is quite common and can be achieved several ways. I use the following method to teleport everyone.
BattlEye hoped that the implementation of the setpos count restriction would stop these kind of scripts. They were wrong. the line “uiSleep 0.1;” solves all issues with the restriction. Once again it is the servers job to stop this. Teleport all is pretty detrimental to the community. If this keeps happening to a server players will eventually just stop playing on the server.
Explode all can also be achieved multiple ways. There are a lot of explosive objects and arma has this wonderful networking bug that causes local explosions to damage remote units. Here is an example of an explode all.
This is actually so dumb on Bohemia Interactive’s part. This is not logged by createVehicle.txt and therefore the best measure against this is, once again, scripts.txt
Remote Execution Scripts
These are some of the most complex scripts as they use a networking vulnerability in servers to run code on other players and the server. These include “Kill Target, “Freeze Target”, and “Admin Disabler”.
Remote executions are created from flaws in a servers networking and its battleye filters. There are far to many different ways to cover so I will only cover the one way that has been the most common. CreateUnit remote execution. Using the remoteexec.txt filters can patch this. Without strong remotexec.txt filters a server is pretty much doomed to have these kind of scripts run on it.
Server Destruction Scripts
These are some of the nastiest scripts for you server. They range anywhere from “Crash Server” to “Database Injection”. They cover a broad range but all have one goal. To ruin the server and make it unplayable.
Crash server can be done a few ways. Mass desync is by far the most common way. Desyncing can be achieved through so many different ways that it is VERY difficult to detect. If a combination of createVehicle and scripts filters are used then most cheaters who would use something like this would be detected and banned for other features in their cheat.
Database Injection was originally a proof of concept I made for altis life. When it’s used it can take down entire servers for weeks on end. This stuff is nasty. If you notice the same script running on your server every time you play, check your database.
So these are the scripts that every arma 3 server is going to be subjected to the most often. Knowing what cheaters use is VERY important when you go to stop their attacks.