Bukkit

@NateN34

These "bypasses" do nothing but limit or deactivate whatever the hacks do to stick to the limits that NoCheat sets up (by default).

E.g. for forcefield the "nocheat" safe version would be that their hack attacks at most 14 times per second, only attacks when the enemy is within 4.25 blocks radius, turns the player around to face his enemies (aimbot), and perfectly fakes a normal attack by first swinging the arm, then sending the attack packet. Technically these "bypasses" are the hack developers way to protect their users from being stupid and trying to do things that NoCheat will catch anyway. So it's not that the hack clients get around the limits set up by NoCheat, but rather giving up immediatly.

Which has the funny sideeffect that they'll many times limit what their hacked clients can do, even if the corresponding part of NoCheat isn't even activated at all. Just the name "NoCheat" in the plugin list is enough for most such clients to switch in the NoCheat safe mode.

@cvxx7q

I think I could do that.

@asofold

In what form would you have the blacklists available and where would you get them?

Someone on Hackforums gave me a nice idea on how to easily identify and block spam bots (people joining your server with lots of different accounts over public proxy servers at the same time). People requested that from me for some time, but I couldn't really come up with a good way of deciding if the connecting players used a proxy and if it is a public proxy or not. (most such spam tools use a list of public proxies)

So here's what I plan to do: I'll optionally lookup the ip adresses of the players on DNSBL (you will be able to configure which of them you want to query and how many of them need to list the IP) and if players join that are on the list(s) but don't have a special permission node (that grants them free entry), and they try to spam (here you could set the limits really low, like 3 messages per minute or similar), they'll get kicked immediatly or whatever you want. I'll probably make that like with all other things configurable. E.g. you could tempban or mute them for 5 minutes or similar things.

I think this should be doable and would really help people out that don't want to use McBans (which, to my knowledge, uses a similar feature already). As said, it will be opt-in (deactivated by default), because not everybody may like that NoCheat goes online to look dns records up like that.

@HarcX

no

@pimsserver

cvxx7q said most things. Because Hawkeye didn't record anything, it has to be someone who got access to a high permission account to shut it down. Maybe someone guessed/stole your password or similar.

@predawnia

Many of them, yes. For Nodus specifically it prevents or severely limits:

speedhacking; flying; "kill-aura" by limiting number of attacks, attack distance, forcing the player to move his arm and forcing the player to look at his target; "instant bow" (the firing of full speed arrows without pulling the string first); "nuker" by forcing the player to look at the blocks he breaks and swing his arm; the latest version also detects people using a known method to get some kind of "god mode" in pvp or pve situations and prevents that.

@predawnia

Not sure I understand the question the right way. I don't stop people from using any specific client (that's impossible), I prevent them from doing things that should be impossible to do for a player that uses the original Minecraft client.

@Ferkswe

In NoCheat's configuration, creative flying speed is about 50-60 I believe. But no matter what you put in there, NoCheat will always use 60 (= 0.6 blocks per tick) for players in creative mode if you enter a lower value, simply because the normal client allows flying at that speed in creative mode (and I won't block stuff that the game itself intentionally allows).