CSHP Client Side Hack Protection

CSHP
Client Side Hack Protection

Release 40 - Version 01.07.29

What have you just installed?

CSHP is a mod that will monitor clients that connect to your server and keep a look out for illegal hacks such as aimbots, radars and the works. CSHP represents the best line of defense against people looking to have fun by ruining yours. This package is designed for server-admins. Clients should not be installing it on their system, instead you should allow CSHP to auto-replicate to you when you connect to your first CSHP server.

CSHP4n marks a change in direction for the project. We have split the CSHP off in to 2 separate mods. This portion will remain named CSHP and is designed to be run on Public Servers. UTPure will be released shortly and is designed for leagues, clans and tournament play. Unlike previous versions of CSHP, 40 is very forgiving and should work out of the box with 99.9% of all mods out there. UTPure will be very restrictive and support very few mods.

CSHP40 offers good protection and can stop any known public bot. This is why we suggest it for public servers. It does not have the in-depth scanning and tracking code as UTPure.

What is new in this version?

Here is a list of the latest changes, additions and fixes:

Fixed: Bug where armor could go over 150. It is not possible anymore.
Fixed: Console Command history will now be valid on next map.
Fixed: TimeDemo setting will be correct on next map.
Fixed: Bug where one could be in a state to always pickup the same item when the item respawned.
Added: Possible fix to the fake flag carrier bug. (Seeing regular player carrying a flag)

About Previous Versions?

People, it's a whole new world. Disregard any previous version of CSHP. Your best bet is to completely uninstall any previous versions and upgrade to 40. You can do this by following these steps:

Step 1: Delete CSHP*.* in your UnrealTournament directory.

Step 2: Edit any .INI files associated with your server(s) and remove all ServerPackages and ServerActor Entries pertaining to CSHP.

Step 3: Remove any [Section] entries from these INI files pertaining to CSHP.

You have now removed CSHP!

Installing from a .ZIP

Man, this was gonna be a big huge section. Then it turns out there is a problem with the Linux server-side stuff on some linux platforms. So while Mongo is off fixing that, I guess I'll just post the old standby instructions. But take heart, CSHP40 was created to work hand in hand with CSHPServer.

Anyway, to make a rather long story short.. here is the install instructions:

To install CSHP, you will want to unzip the contents of the distribution zip in to your UnrealTournament directory. The zip file contains additional directories so make sure you expand with pathnames. Once installed, you will need to load up UNREALTOURAMENT.INI in to a text editor. Multiple Servers Note: You will have to do this step for each .ini file you use to run your servers.

Find the section labeled [Engine.GameEngine]. This section contains all of the server actors and packages for UT. You will need to make 2 changes and they can be anywhere within this section. Add these 2 lines:

ServerPackages=CSHP40
ServerActors=CSHP40.CSHPServerActor

Once you have made these 2 changes, CSHP is ready to go. If you need to force additional packages to be approved, see "ADDITIONAL PACKAGES" below.

Running CSHP?

Once the above is installed, start your server as you always would. Simple as that. When it first starts, CSHP will make the following entry in to your log file:

ScriptLog: __________________________________________
ScriptLog:
ScriptLog: #### #### # # ####
ScriptLog: #    #    # # # #
ScriptLog: #    #### #### ####
ScriptLog: #       # # # #
ScriptLog: #### #### # # #
ScriptLog: __________________________________________
ScriptLog:
ScriptLog: Version ....................... CSHP40 (1.7.29)
ScriptLog: Security Level is ............. 1
ScriptLog: Security Frequency is ......... 2.000000
ScriptLog: Security Tolerance is ......... 20.000000
ScriptLog: Tracking FOV .................. 1
ScriptLog: Only Admin Kick ............... True
ScriptLog: Use Numeric IP ................ False
ScriptLog: NGStat Players Only ........... False
ScriptLog: Allow NoSmoke ................. True
ScriptLog: Use CSHP Log .................. True
ScriptLog: Fast Teams .................... True
ScriptLog: MaxInitTries .................. 15
ScriptLog:
ScriptLog: __________________________________________

Players will be able to tell they are connected to a CSHP server by a graphic that displays when they first connect.

Setting up CSHP

We have completely revamped the options available to server admins. If you are upgrading from a previous version of CSHP, please read the next section. If this is the your first install, you can skip it.

Unlike previous versions, CSHP now only has 1 operating mode. Currently there are 8 different options you can add to your INT setup file. They are explained here:

SecurityLevel=<0-2>

The SecuirtyLevel tells CSHP how to react when someone is caught cheating. Here is how the different security levels work. Each level includes all the protection of the previous levels.

ecurity Level	Description
0	At level 0, no direct action is taken against the cheater. Their name and information is outputted to the log for the server admin to act upon later. At any time, the users can perform a mutate cheatshow command to see if there are cheaters online.
1	At level 1, any cheaters are also kicked from the system
2	At level 2, after the cheater is kicked, a ban is added to your IP Policies in your servers ini file.

*No matter what security level you are running, CSHP will send cheat reports to the CSHP cheat server as well as make cheat log notations in your NGStats logs. Currently, no direct action is being taken with this information but that will change soon. For more information on what we have planned here, head to our web site!

We suggest server admins use security level 1 for public servers. Level 0 is really for password protected servers where cheating is almost non-existant (such as SwineOnline, or some of the MyUnreal servers). Level 2 should be used very sparingly, however I do understand the need to keep the cheaters out.

When a cheater is caught, CSHP will display a message to the user via their console.

SecurityFrequency=<1-32767>

The SecuirtyFrequency allows you to adjust how often the server will request updates from the client. WE STRONGLY RECOMMENDED YOU DO NOT CHANGE THIS OPTION unless we tell you to. The number represents the frequency in seconds. The default is 2 seconds.

SecurityTolerance=<1-32767>

The SecuirtyTolerance defines how long the server will wait for an update from the client before declaring the client overdue and kicking them. WE STRONGLY RECOMMENDED YOU DO NOT CHANGE THIS OPTION unless we tell you to. The number represents the length in seconds. The default is 20 seconds.

Advertise=<0-2>

This option will cause CSHP to add the [CSHP] tag to your server name. This was a requested feature from you guys so you have it. The different settings are:

Settings	Description
0	Do no append [CSHP] to the server name
1	Place the [CSHP] at the start of the server name (ie: "[CSHP] House of SIN"
2	Place the [CSHP] at the end of the server name (ie: "House of SiN [CSHP]")

*Remember that changing your server name does effect your NGStats so please keep that in mind when using this option.

Starting with version 4r, the [CSHP] tag will be added only if it cannot be found in your server name. If there are any additional advertise setting you would like me to consider, please feel free to email.

bOnlyAdminKick=<True|False>

This variable allows you to limit the use of the "Mutate CheatKick" command to just people with Admin Access.

bNGStatsOnly=<True|False>

This option is another user request option. When set to TRUE, your server will politely reject any player not participating in the NGWorldStats Ranking system. I'm probably going to regret this option, so please if you use, make it known in your Server name!

bUseNumericIP=<True|False>

This option is for the some people in Linux crowd. Seems the DNS work needed to resolve the ip for the cheat server was creating some ghost processes. Setting this to True will cause CSHP to just use the current numeric IP.

TrackFOV=<0|1|2>

This variable tells CSHP to watch for people using the FOV zoom cheat. Setting 0 will disable the check, setting 1 will make it strict and will hold the FOV you had when you entered. Setting 2 will be loose and will just prevent zooming under FOV 80. We recommend setting 1 for normal server and setting 2 for Tactical Ops servers.

bAllowNoSmoke=<True|False>

CSHP40 has the ability to detect the client side mod No Smoke. Some people consider this a legal mod as it can be used to increase their framerate. However, do not be confused. NoSmoke alters the play mechanics of the rocket launcher by removing the smoke. This allows the player to see clearly, even when launching 6 rockets.

Any Client-Side hack should be considered a cheat as it removes the ability for a server admin to decide what the rules of his server are. CSHP40 gives that choice back to the admin.

bUseCSHPLog=<True|False>

This variable tells CSHP that the server administrator wants to have logging from CSHP to also appear in a separate file. As of version 4r, CSHP will create 1 log file per server per game. Server admins should clean the log files on a regular basis. Unlike the server log file, we cannot keep the CSHP log file opened at all time, it is reset at map change.

bFastTeams=<True|False>

This variable tells CSHP that the server administrator wants to Allow the users to make use of the team changing mutate commands (mutate FixTeams, NextTeam and ChangeTeam).

MaxInitTries=1-32767

When a client connects to a CSHP server, the server will try to authroize the client. MaxInitTries sets a limit on how many times the server will try and open communication before timing out. We suggest setting this to 15. The server will attempt to contact the client once every 2 seconds until the connection is made. Setting it to 15 gives it a 30 second window. In testing, even a client pinging 1500ms with 80% packet loss could connect in that time.

WE STRONGLY RECOMMENDED YOU DO NOT CHANGE THIS OPTION unless we tell you to!

ADDITIONAL PACKAGES

CSHP40 no longer requires any type of Allowable Packs.

CONSOLE COMMANDS!

CSHP has 4 mutate commands available. To perform one of these commands open your console while connected to the server and type the command. Some of them may require Admin access.

Command	Description
MUTATE CHEATINFO	This command will display information about the version of CSHP currently running.
MUTATE CHEATSHOW	If CSHP is running with security level 0, it's possible that cheaters will be online and playing. Any user can execute the CheatShow command and receive a list of cheaters currently playing.
MUTATE CHEATKICK	This command can be used to kick players who are cheating (with security level 0). Admins can limit this command by requiring the user have admin access by setting bOnlyAdminKick to true in your int.
MUTATE CHEATTEST	This command ABSOLUTELY requires Admin access. When enabled, it will cause CSHP to stop making reports to our server and NGSTATS for the remainder of the map, FOR THE IP THAT SENT IT. This is to allow Server Admins to test out cheats on their servers without sending in Cheat info to us. Cheats are still sent to the local logs and acted upon accordingly. Only 1 admin may have this ability at one time.
MUTATE FIXTEAMS	If teams ever become uneven, like 4 red vs 2 blue, any player in the biggest team can use this command to become blue and make odds more even by having a 3 vs 3 match. If 2 red players were to use this command, only 1 of them would actually be switched to the smallest team. The other advantage of this command is that the switching player is not penalized for the change. If the match was started, he will die, but it won't be accounted for.
MUTATE NEXTTEAM	This command Allows you to quickly switch team. This can become useful when joining a tournament match and you are in the wrong team. Note however that if the match has already started, you will be penalized and lose the usual 1 frag. When you change team using any of the team commands, there will be a delay of 60 seconds before you can change team again. If the match has not started yet, this delay is 5 seconds.
MUTATE CHANGETEAM <team>	This command Allows you to quickly select your team. The parameter <team> can be any one of Red, Blue, Green or Gold, or their numeric values, 0, 1, 2, 3. Note however that if the match has already started, you will be penalized and lose the usual 1 frag. When you change team using any of the team commands, there will be a delay of 60 seconds before you can change team again. If the match has not started yet, this delay is 5 seconds.

*Using the CheatTest command sends additional data to the log about who activated it.

What does a Cheat Report Look Like

Anytime CSHP logs a cheater, it will create a cheat report. This report has information about the person who has cheated, when it occurred and what type of cheat it was. The following is a sample Cheat Report:

#### -------------------------------- ####
#### HACKED CLIENT DETECTED ####
#### -------------------------------- ####
#### - Player Name : Mr. Cheater
#### - Player IP : 24.1.1.2
#### - Method : Illegal (AA) Aiming Device Found
#### - Action : Kicked
#### - Auth. Code : 1093565
#### - Date/Time: 03-16-00@10:43am
#### -------------------------------- ####

The following is a list of "Methods"

Method	Description
Illegal (**) Access to the Canvas	If you receive this in your logs someone was trying to play on your server using an unauthorized device that was displaying additional information (such as radars).
Illegal (**) Aiming Device Found	This is an aimbot, pure and simple.
Illegal Console: Doesn't Exist	This is more of an error code than a cheat. At all times the player's console should exist. However it might be possible for a player to hide or remove his console in an attempt to avoid detection

*The portion of the method that is ** is a device code that we can use to identify the hack. You can ignore it.

As you can see, the number of things CSHP checks for has decreased. UTPure will be release shortly to take up the slack.

Rogue Actors

With some exception, CSHP will no longer check rogue actors. We will update it from time to time as new bots become available.

Package Validation

CSHP will now validate system packages on the client. If you find yourself having problems logging on a server, try re-applying the latest patch. This should solve your problem.

Skins

The choice of skins will now be limited to what's available on the ServerPackages list. This should solve the situations where one has black skins and such. If you find any combination where this is still faulty, just tell us and we will gladly improve the code.

Dying as a spectator

Spectators were able to die when reaching killing zones of certain maps. This should not be the case anymore. Administrators logging out should be fixed too.

Using CSHP on multiple servers

Multiple servers are a bitch. You admins love them, we coders have to deal with them :)

CSHP should be fairly multiple server friendly. Each server will have a separate log created by CSHP. It uses the following naming convention: CSHP-<server name>.<datetime>.log. It will be located in your \System directory. This means that more than one log file will be created during a time span. Please, make sure you clean these files regularly. At the current time, the CSHP logs are written in Unicode.

The only restriction right now is that all servers share the same CSHP40.int file. This is annoying, but with the latest version of CSHP using the server packages, it's not nearly as annoying as before.

UDPServerQuery Fix

For protective reason as much as for fixing broken code, we have decided to implement our updated UPDServerQuery actor. And to be sport about it, we even included the code from BDB for seeing teams score in UTWatcher but it is optional and off by default.

To setup the fixed UDPServerQuery, you need to find the line that says ServerActors=IpServer.UdpServerQuery in the [Engine.GameEngine] section of UnrealTournament.ini (or whatever name you gave to your server ini file) and replace it with the following:

ServerActors=CSHPIpServer.CSHPUdpServerQuery

If you want to support UTWatcher (created by El Muerte[TDS]) you will need to add a config section to your server ini file (usually UnrealTournament.ini) as shown here:

[CSHPIpServer.CSHPUdpServerQuery]
bSendTeamInfo=true

Reporting Bugs | Suggestions

I'm no longer answering CSHP questions at my normal email address and I'm also only answering questions/bugs from server ops and admins. If you fit in to this group, join the CSHP mailing list. Details can be found at http://www.midnightinteractive.com/HOS/CSHP.htm! I can also sometimes be found on #CSHP on inc.EnterTheGame.com!