AntiMulti
This is AntiMulti. It is a plugin designed to prevent the use of alternate accounts from the same IP address. To put it simply, a player cannot use multiple accounts on the same IP address and likewise, will not be able to use a ton of IPs.
Download: Download
AntiMulti is a plugin which has undergone multiple changes from its original intent to be a simple plugin to prevent alternate accounts from being used on a server by blocking too many accounts from sharing an IP to a plugin which can also prevent session stealing using this same concept and also supporting admin protection. This is done simply by using an IP system to prevent the unauthorized use of an account by using IPs to prevent session stealing from working in the first place. All of this is completely toggle-able in the configuration file in case one does not use want to use certain features or not.
There are a few things you must understand when using this plugin. This is not a one-hit wonder in that it can stop all alternate accounts, as proxies would be able to get around this system, however common proxies would eventually be blocked after they are used enough. This does its best though to stop a member from simply using 2 accounts to gain an advantage over another player.
There are 2 groups this plugin will understand: Players and Admins. Players are normal players and are not forced to use the protection system as strictly as admins. Players are more loosely held initially by allowing more connections per name and IP, however this can be changed. Admins are more protected to prevent the taking of the account to cause problems by forcing registration and using a smaller range of names and IPs that can those accounts can share. This is all permission based in that there is a perm that designates whether the player is an admin or a player, which is just antimulti.admin, which if given, marks the player as an admin and handles them accordingly.
We do have Metrics with this plugin, so stats will be sent to our mcstats page if you are opt-ed in, where that config is located in the PluginMetrics folder.
If you have any issues, please create a ticket here with the log file and as much information as you can provide so the issue can be investigated and handled. If you have a question, feel free to ask here but please read everything first before you ask since your question may have already been answered elsewhere.
Comments
-
Lord_Ralex Owner
-
View User Profile
-
Send Message
Posted Jan 15, 2012@Lord_Ralex
great :) I am waiting..
-
View User Profile
-
Send Message
Posted Jan 15, 2012Just had a revelation, I have determined how to effectively make the search run very fast, and also informed of a config bug that I will have to fix as well.
As for the login system, I am working on resolving a few bugs with it and making sure all of the other features work as they should.
-
View User Profile
-
Send Message
Posted Jan 13, 2012@Waizujin
I assume you are not using PEX, since that error is saying it is. What build are you using for both AM and bukkit? Because I believe I have that fixed in 1.7 to not need PEX
And if you are using 1.7, do you have the error file? 1.7 has the error reporter that helps with debugging
-
View User Profile
-
Send Message
Posted Jan 13, 2012My config files are all empty and I get this error
"2012-01-13 11:02:56 [SEVERE] Could not pass event PLAYER_LOGIN to AntiMulti java.lang.NoClassDefFoundError: ru/tehkode/permissions/PermissionManager at AntiMulti.AntiMultiPlayerListener.onPlayerLogin(AntiMultiPlayerListener.java:41) at org.bukkit.plugin.java.JavaPluginLoader$13.execute(JavaPluginLoader.java:352) at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62) at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:340) at net.minecraft.server.ServerConfigurationManager.attemptLogin(ServerConfigurationManager.java:202) at net.minecraft.server.NetLoginHandler.b(NetLoginHandler.java:88) at net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:80) at net.minecraft.server.Packet1Login.a(SourceFile:72) at net.minecraft.server.NetworkManager.b(NetworkManager.java:226) at net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:46) at net.minecraft.server.NetworkListenThread.a(SourceFile:94) at net.minecraft.server.MinecraftServer.w(MinecraftServer.java:534) at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:432) at net.minecraft.server.ThreadServerApplication.run(SourceFile:465) Caused by: java.lang.ClassNotFoundException: ru.tehkode.permissions.PermissionManager at java.net.URLClassLoader$1.run(URLClassLoader.java:366) at java.net.URLClassLoader$1.run(URLClassLoader.java:355) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:354) at org.bukkit.plugin.java.PluginClassLoader.findClass(PluginClassLoader.java:36) at org.bukkit.plugin.java.PluginClassLoader.findClass(PluginClassLoader.java:24) at java.lang.ClassLoader.loadClass(ClassLoader.java:423) at java.lang.ClassLoader.loadClass(ClassLoader.java:356) ... 14 more"
-
View User Profile
-
Send Message
Posted Jan 12, 2012Okay, I was just informed by Bukkit that I can use the existing API for the plugin so I don't need to make 2. Working on the login aspect and have it not have the login issue that xAuth has, I hope to have it done this week for testing. Also determining how to make it work alot better on the protection details. 1.8 will have the login system and the new file system, but the pre-release will only have the login system. Expect it soon.
Also, does anyone using it have anything to mention on how it runs? I need stats from it and I dont have a feature to gather usage data.
-
View User Profile
-
Send Message
Posted Jan 12, 2012@Lord_Ralex
I think so too there werent many changes.. please just make it fast :D I really want it :) btw. do you want to be something like an official dev. for my server? =)
-
View User Profile
-
Send Message
Posted Jan 12, 2012Okay, bukkit has a 1.1 dev build, but I will still be using 1.0 to test and run this on. I will get a second jar going with 1.1 but I expect this to work on either without much of an issue.
-
View User Profile
-
Send Message
Posted Jan 11, 2012Probably I will have 1.8 have the log in system, 1.9 get the mySQL completely set up, then in 2.0 get the full converter in and run that thru a separate jar.
Plans, 1.8 maybe this week depending on if I can get over this cold I have
-
View User Profile
-
Send Message
Posted Jan 11, 2012@Lord_Ralex
okay :) but I think many will switch to your plugin if you have something like a converter (command)
-
View User Profile
-
Send Message
Posted Jan 11, 2012Not yet, because I have yet to sift thru all of the code to see how it works completely and to get it to give me all the info. If you have to, the command for my login is going to be /am register and /am login so you can have both in use and they cant move unless both are successful (that should work like that)
-
View User Profile
-
Send Message
Posted Jan 11, 2012@Lord_Ralex
okay, I'll donate when u have a button and a (test) version of your login plugin. :)
I'll be able to use my old xauth (with the temp fix version from _Robert) database?
-
View User Profile
-
Send Message
Posted Jan 11, 2012Also, wait on donating, because donations cause issue, best to wait until i get the completed version out, that is why I don't have a donate button, causes problems
-
View User Profile
-
Send Message
Posted Jan 11, 2012@Lord_Ralex
thank you :) I think it will make many owners happy :)
-
View User Profile
-
Send Message
Posted Jan 11, 2012@mcheaven
Oh great, okay, I will focus on getting the login system done and get a pre-release for *testing* uploaded. Hoped to get a better file system to reduce memory use in... but I will get it done as soon as possible.
-
View User Profile
-
Send Message
Posted Jan 11, 2012@Lord_Ralex
hi, could you please speed up your work? I will donate.. One guy just tried to destroy my server (he opped his account using my account with the bug we told you..) We need this plugin :/
-
View User Profile
-
Send Message
Posted Jan 10, 2012Okay, just realized I will have to release 1.7.1 in order to get a few things taken care of. I did not make the plugin store the passwords and the error reporter needs a few tweaks to it, along with a new config setup.
-
View User Profile
-
Send Message
Posted Jan 9, 2012The example that you threw out was not a logical choice i think since that is only the internal IP that you chose. Right now you will not, and I don't plan on having it lock like that with no way out. I will get a design that will have a "home" IP which is the original IP they used, and unless they use the /register, then they cannot use any other IP. And it is based on external IPs, so in your case, only local servers would have that issue if it does become one.
-
View User Profile
-
Send Message
Posted Jan 9, 2012Question: Example: my IP is 127.0.0.1 and its registred to crysis992. The next day i have 92.92.92.92 (dynamic ip), would that mean i get blocked?
Every player with a dynamic ip would get a problem, or not?
-
View User Profile
-
Send Message
Posted Jan 9, 2012@kozzy68
The IP thing is not as protective as I have hoped, but I will be changing that system when I get 1.8 done. The way it works currently is that when an account logs in with IP X, no other account can use IP X to get on the server, unless they are added manually using the add command. However, this does mean that if a player can change their name, and that they have not logged on the server before at all, then they can login as someone else. I have a fix for that in 1.8 to have it so that if they have not registered a password, then they cannot use any other IP to enter the server as a protection. Once they register, they can then use the original IP to change the password and can login using other IPs.With the other plugins, I am planning on using those passwords already made so they don't have to create a new one, but the entire setup for that is still in the works.
I was going to have an info command that would list, depending on the input, what names are allowed thru that IP and what IPs they have used.
Since I am still in beta, I am still working everything out. I have alot of setups to still add, but thanks for all the info on this.
-
View User Profile
-
Send Message
Posted Jan 9, 2012How exactly does this prevents duped accounts ? Once I show up on server my ip/name pair gets binded together and from that moment I cant get in to server from other ip ? I gues it wont work with authme or xauth /register thats why you are panning to add such function yourself. It would be logical to alow logins from other ips but not /register. Its not easy to make auth plugin safe you know. In case you guys are IT pros that have idea what it takes do it right we can expect great plugin. There is quite gap in auth plugins now. I hope it will have feature that will prevent kicking out players by spoofed names and such things.
Also here are some other feature ideas: Search for related acoounts (like old dead ipNofity or easy ban) and track multiple ips used by accounts. Adding ips list or ranged permited to connect to protect admin accounts or users. Tracking time loged in per ip for each account if you alow logins from other ips.