CSHP
Client Side Hack Protection
Release 4f - Version 01.03.17

(c) 2000, 2001, Creative Carnage, LLC

What have you just installed?

CSHP is a mod that will monitor clients that connect to your server and keep a look out for illegal hacks such as aimbots, radars and the works.  CSHP represents the best line of defense against people looking to have fun by ruining yours.  This package is designed for server-admins.  Clients should not be installing it on their system, instead you should allow CSHP to auto-replicate to you when you connect to your first CSHP server.

About Previous Versions?

People, it's a whole new world.  Disregard any previous version of CSHP.  Your best bet is to completely uninstall any previous versions and upgrade to 4e. You can do this by following these steps:

Step 1: Delete CSHP*.* in your UnrealTournament directory.


Step 2: Edit any .INI files associated with your server(s) and remove all ServerPackages and ServerActor Entires pertaining to CSHP.


Step 3: Remove and [Section] entries from these INI files pertaining to CSHP.

You have now removed CSHP!

Installing from a .ZIP

Man, this was gonna be a big huge section.  Then it turns out there is a problem with the Linux server-side stuff on some linux platforms.  So while Mongo is off fixing that, I guess I'll just post the old standby instructions.  But take heart, CSHP4f was created to work hand in hand with CSHPServer.  Due to this, some things you're used to are no longer there (like the AllowablePacks).  This should be resolved very shortly.

Anyway, to make a rather long story short.. here is the install instructions:

To install CSHP, you will want to unzip the contents of the distribution zip in to your UnrealTournament directory.  The zip file contains additional directories so make sure you expand with pathnames.  Once installed, you will need to load up UNREALTOURAMENT.INI in to a text editor.  Multiple Servers Note: You will have to do this step for each .ini file you use to run your servers.

Find the section labeled [Engine.GameEngine].  This section contains all of the server actors and packages for UT.  You will need to make 2 changes and they can be anywhere within this section.  Add these 2 lines:

ServerPackages=CSHP4f
ServerActors=CSHP4f.CSHPServerActor

Once you have made these 2 changes, CSHP is ready to go.  If you need to force additional packages to be approved, see "ADDITIONAL PACKAGES" below.

Running CSHP?

Once the above is installed, start your server as you always would.  Simple as that.  When it first starts, CSHP will make the following entry in to your log file:

ScriptLog: ###############################
ScriptLog: # Client Side Hack Protection #
ScriptLog: # Revision 4e #
ScriptLog: # version 01.03.16 #
ScriptLog: ###############################
ScriptLog: Security Level is.............. 1
ScriptLog: Clean up Rogue Objects......... True
ScriptLog: Tracking FOV................... False
ScriptLog: Only Admin Kick................ True
ScriptLog: Kick on TimeOut ............... True
ScriptLog: Use Numeric IP ................ False
ScriptLog: NGStat Players Only ........... False

Players will be able to tell they are connected to a CSHP server by a graphic that displays when they first connect.

 

Setting up CSHP

We have completely revamped the options available to server admins.  If you are upgrading from a previous version of CSHP, please read the next section.  If this is the your first install, you can skip it.

Previous versions of CSHP have an "AllowablePacks" setup section.  This is no longer the case.  All future versions of CSHP will utilize your ServerPackages to tell the client what is legal.   We moved to using your ServerPackages as (a) it's closer to how UT works and (b) in the future, we will be improving on our server-side hacked packages detection (the ground work for which is in this release).

Unlike previous versions, CSHP now only has 1 operating mode.  Currently there are 8 different options you can add to your INT setup file.  They are explained here:

SecurityLevel=<0-2>

The SecuirtyLevel tells CSHP how to react when someone is caught cheating.  Here is how the different security levels work.  Each level includes all the protection of the previous levels.

ecurity Level Description
0 At level 0, no direct action is taken against the cheater.  Their name and information is outputted to the log for the server admin to act upon later.  At any time, the users can perform a mutate cheatshow command to see if there are cheaters online.
1 At level 1, any cheaters are also kicked from the system
2 At level 2, after the cheater is kicked, a ban is added to your IP Policies in your servers ini file.

*No matter what security level you are running, CSHP will send cheat reports to the CSHP cheat server as well as make cheat log notations in your NGStats logs.  Currently, no direct action is being taken with this information but that will change soon.  For more information on what we have planned here, head to our web site!

We suggest server admins use security level 1 for public servers.  Level 0 is really for password protected servers where cheating is almost non-existant (such as SwineOnline, or some of the MyUnreal servers).  Level 2 should be used very sparingly, however I do understand the need to keep the cheaters out.

When a cheater is caught, CSHP will display a message to the user via their console.

Advertise=<0-2>

This option will cause CSHP to add the [CSHP] tag to your server name.  This was a requested feature from you guys so you have it.   The different settings are:

Settings Description
0 Do no append [CSHP] to the server name
1 Place the [CSHP] at the start of the server name (ie: "[CSHP] House of SIN"
2 Place the [CSHP] at the end of the server name (ie: "House of SiN [CSHP]")

*Remember that changing your server name does effect your NGStats so please keep that in mind when using this option.

If there are any additional advertise setting you would like me to consider, please feel free to email.

bOnlyAdminKick=<True|False>

This variable allows you to limit the use of the "Mutate CheatKick" command to just people with Admin Access.

bKickOnTimeOut=<True|False>

It is possible for users with heavy packet loss to lose important packets created by CSHP.  When this happens, the security system will time out.  If this option is set to TRUE, CSHP will kick the server when that happens.  If set to false, CSHP will keep attempting to reauthorize the client.  This could possibly be a drain on the server.

We strongly suggest leaving this to true.  

bCleanUpRogues=<True|False>

This option deals with the "Rogue Actors" (see the section ROGUE ACTORS later in this document).  When set to true, CSHP will first attempt to clean up rogue actors.  Only when the Rogue actor keeps reappearing will CSHP consider it a cheat.  If set to false, CSHP will act as it used to and log any rogue actors as hacks.

So why allow the option.  It's conceivable that deleting a rogue actor could cause a system crash.  It shouldn't but since I don't have control over what's happening, it could.  I have tested CSHP with several client side mods (both legit and hacks) and the cleanup did nothing but disable the mod.  But I wanted to be on the safe side.

bNGStatsOnly=<True|False>

This option is another user request option.  When set to TRUE, your server will politely reject any player not participating in the NGWorldStats Ranking system.  I'm probably going to regret this option, so please if you use, make it known in your Server name!

bUseNumericIP=<True|False>

This option is for the some people in Linux crowd.  Seems the DNS work needed to resolve the ip for the cheat server was creating some ghost processes.  Setting this to True will cause CSHP to just use the current numeric IP.

bTrackFOV=<True|False>

This variable tells CSHP to watch for people using the FOV zoom cheat.  See the section on FOV cheating below for more information.

AllowablePacks=|<package>|<etc>|

The AllowablePacks string let's server admins to set what packages to allow on the server.  CSHPServer will in time take over this role, but until we have Linux support finished, I've added this instead.   It works much like previous versions of AllowablePacks but instead of an array, it's just a big string.  You enter names in to this string (all capitals please) and CSHP will use it (in addition to what is on the running in the level and what CSHPServer finds).

You must make sure each package has no extra spaces and is surrounded by | and | and do not include the .U extenstion!  For example, to add CSHP4f you would have "|CSHP4F|"  without the quotes.  When adding more than 1 pack, use the following format:

|PACK1|PACK2|PACK3|

 

ADDITIONAL PACKAGES

CSHP4f is designed to work with CSHPServer.  However until the linux .SO is finished, you will want to use the AllowablePacks string in your CSHP4f.int file.  See above for the format.  This is how CSHP works in this regard:

First it looks for CSHPServer.  If it finds it, it will load all of the ServerPackages.  If it doesn't find it, it will setup a set of default packages.  It then loads in the AllowablePAcks and adds it to whatever is there.  Finally, CSHP scans the level (on the server) and adds any new packages it finds there.  This should make mods work again.

CONSOLE COMMANDS!

CSHP has 4 mutate commands available.  To perform one of these commands open your console while connected to the server and type the command.  Some of them may require Admin access.

Command Description
MUTATE CHEATINFO This command will display information about the version of CSHP currently running.
MUTATE CHEATSHOW If CSHP is running with security level 0, it's possible that cheaters will be online and playing.  Any user can execute the CheatShow command and receive a list of cheaters currently playing.
MUTATE CHEATKICK This command can be used to kick players who are cheating (with security level 0).  Admins can limit this command by requiring the user have admin access by setting bOnlyAdminKick to true in your int.
MUTATE CHEATTEST This command ABSOLUTELY requires Admin access.  When enabled, it will cause CSHP to stop making reports to our server and NGSTATS for the remainder of the map, FOR THE IP THAT SENT IT.  This is to allow Server Admins to test out cheats on their servers without sending in Cheat info to us.  Cheats are still sent to the local logs and acted upon accordingly.  Only 1 admin may have this ability at one time.  

*Using the CheatTest command sends additional data to the log about who activated it.

What does a Cheat Report Look Like

Anytime CSHP logs a cheater, it will create a cheat report.  This report has information about the person how has cheat, when it occurred and what type of cheat it was.  The following is a sample Cheat Report:

#### -------------------------------- ####
#### HACKED CLIENT DETECTED ####
#### -------------------------------- ####
#### - Player Name : Mr. Cheater 
#### - NG Password : I am Lame
#### - Player IP : 24.1.1.2
#### - Method : Illegal (AA) Aiming Device Found
#### - Action : Kicked
#### - Auth. Code : 1093565
#### - Date/Time: 03-16-00@10:42am
#### -------------------------------- ####

The following is a list of "Methods"

Method Description
Illegal (**) Draw Device Found If you receive this in your logs someone was trying to play on your server using an unauthorized device that was displaying additional information (such as radars).  
Illegal (**) Aiming Device Found This is an aimbot, pure and simple.
Illegal Console: Doesn't Exist This is more of an error code than a cheat.  At all times the player's console should exist.  However it might be possible for a player to hide or remove his console in an attempt to avoid detection
Illegal SpeechWindow If the player has altered their speechwindow, you will receive this message.
Illegal Hud If the player has altered their hud, you will receive this message.
Illegal Mutator If the player has a client-side mutator loaded that is processing data illegally, you will receive this message.
Illegal Level/Entry Level Actor If an illegal actor re-appears in either the normal level or the entry level, you will get this message.

*The portion of the method that is ** is a device code that we can use to identify the hack.  You can ignore it.

Rogue Actors

Sometimes mods or even models and sound packs can leave garbage in the Entry level.  CSHP detects these and flags them.  In most cases, it just removes the errant actor and give the user a warning.  However something these actors might get reactivated.  This is not allowed in CSHP and when it happens the user is considered cheating.  Sorry, no way around it.

Using CSHP on multiple servers

Multiple servers are a bitch.  You admins love them, we coders have to deal with them :)

CSHP should be fairly multiple server friendly.  Each server will have a separate log created by CSHP.  It uses the following naming convention: CSHP-<server name>.log.  It will be located in your \System directory.  At the current time, the CSHP logs are written in Unicode.  

The only restriction right now is that all servers share the same CSHP4f.int file.  This is annoying, but with the latest version of CSHP using the server packages, it's not nearly as annoying as before.

Reporting Bugs | Suggestions

I'm no longer answering CSHP questions at my normal email address and I'm also only answering questions/bugs from server ops and admins.  If you fit in to this group, join the CSHP mailing list.  Details can be found at http://www.creativecarnage.com/CSHP!  I can also sometimes be found on #unrealscript on GamesLink.