You are an unregistered user, you can register here
Navigation

Information

Site

Donations
If you wish to make a donation you can by clicking the image below.


BeyondUnreal News

 
Go Back   The Unreal Admins Page > Forums > Hosted Forums > Wormbos Area > General Chat

Reply
Thread Tools Display Modes
  #1  
Unread 28th September, 2010, 04:50 PM
[SM]NEGATIVE-O [SM]NEGATIVE-O is offline
Forum Newcomer
 
Join Date: Sep 2010
Posts: 3
Default Fasle Positives?

00066: [2009-12-12 12:36:38] - [INSECURE CLIENT] Flatch [ 7acd7f0e394de24774a0185e5263b07f ] IP: 76.237.93.166 Found disallowed file(s) 'SP_Cheater.uvx' Matching custom blacklist wildcard '*Cheat*' (Please check that there's actually a match, otherwise it's a false positive.)

[2010-09-27 20:46:28] - [Init] .:TUR:.Robozilla [ 41b884599f96df0a97148faed7245df9 ] IP: 174.26.57.153 Security ID: 15 using engine version 3369 on Windows with D3DRenderDevice
[2010-09-27 20:46:32] - [INSECURE CLIENT] .:TUR:.Robozilla [ 41b884599f96df0a97148faed7245df9 ] IP: 174.26.57.153 Security ID: 15 using v3369, security state: PerformingMD5Checks
[2010-09-27 20:46:32] - Found disallowed file(s) 'SeligAntiCheatV1G.u'
[2010-09-27 20:46:32] - Matching custom blacklist wildcard '*Cheat*'
[2010-09-27 20:46:32] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-09-27 20:47:02] - [INSECURE CLIENT] .:TUR:.Robozilla [ 41b884599f96df0a97148faed7245df9 ] IP: 174.26.57.153 Security ID: 15 using v3369, security state: SecureDefaultSkins
[2010-09-27 20:47:02] - Found disallowed prefetch file(s) 'WINJECT.EXE-8B5DEA66.pf'
[2010-09-27 20:47:02] - Matching custom prefetch blacklist wildcard 'WINJECT.EXE*-??.pf'
[2010-09-27 20:47:02] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-09-27 20:47:07] - [INSECURE CLIENT] .:TUR:.Robozilla [ 41b884599f96df0a97148faed7245df9 ] IP: 174.26.57.153 Security ID: 15 using v3369, security state: SecureDefaultSkins
[2010-09-27 20:47:07] - Found disallowed prefetch file(s) 'WINJECT.EXE-8B5DEA66.pf'
[2010-09-27 20:47:07] - Matching default prefetch blacklist wildcard '*winject*-??.pf'
[2010-09-27 20:47:07] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-09-27 20:47:08] - [Disconnect] .:TUR:.Robozilla [ 41b884599f96df0a97148faed7245df9 ] IP: 174.26.57.153 Security ID: 15 using v3369

[2010-09-27 20:40:10] - [INSECURE CLIENT] «IXGI»Mono_Jr [ 1e0a808a4ba0e52683b88f7153896dc2 ] IP: 76.105.58.140 Security ID: 6 using v3369, security state: PerformingMD5Checks
[2010-09-27 20:40:10] - Found disallowed file(s) 'CheatPickup.usx'
[2010-09-27 20:40:10] - Matching custom blacklist wildcard '*Cheat*'
[2010-09-27 20:40:10] - (Please check that there's actually a match, otherwise it's a false positive.)

[2009-12-12 02:19:24] - [INSECURE CLIENT] [sSs]StudMan [ 5c3614f567f3ff2c6494b7cf8edc7862 ] IP: 71.114.225.235 Found disallowed file(s) 'SeligAntiCheatV1E.u' Matching custom blacklist wildcard '*Cheat*' (Please check that there's actually a match, otherwise it's a false positive.)
[2009-12-12 02:19:26] - [INSECURE CLIENT] [sSs]StudMan [ 5c3614f567f3ff2c6494b7cf8edc7862 ] IP: 71.114.225.235 Found disallowed file(s) 'PWCPluginPack.u' Matching custom blacklist wildcard '*Plugin*' (Please check that there's actually a match, otherwise it's a false positive.)


[2010-09-15 16:52:29] - [INSECURE CLIENT] Insane-O-Man [ 71d5bc2350a20816a36b2cd2c7ee76ec ] IP: 173.27.159.168 Security ID: 7 using v3369, security state: PerformingMD5Checks
[2010-09-15 16:52:29] - Found disallowed file(s) 'SeligAntiCheatV1G.u'
[2010-09-15 16:52:29] - Matching custom blacklist wildcard '*Cheat*'
[2010-09-15 16:52:29] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-09-15 16:52:32] - [INSECURE CLIENT] Insane-O-Man [ 71d5bc2350a20816a36b2cd2c7ee76ec ] IP: 173.27.159.168 Security ID: 7 using v3369, security state: PerformingMD5Checks
[2010-09-15 16:52:32] - Found disallowed file(s) 'PWCPluginPack.u'
[2010-09-15 16:52:32] - Matching custom blacklist wildcard '*Plugin*'
[2010-09-15 16:52:32] - (Please check that there's actually a match, otherwise it's a false positive.)
[2010-09-15 16:52:39] - [INSECURE CLIENT] Insane-O-Man [ 71d5bc2350a20816a36b2cd2c7ee76ec ] IP: 173.27.159.168 Security ID: 7 using v3369, security state: CheckClientClasses
[2010-09-15 16:52:39] - Unknown Class: DA2.da_CameraTextureClient
[2010-09-15 16:52:39] - [INSECURE CLIENT] Insane-O-Man [ 71d5bc2350a20816a36b2cd2c7ee76ec ] IP: 173.27.159.168 Security ID: 7 using v3369, security state: CheckClientClasses
[2010-09-15 16:52:39] - Unknown Class: DA2.da_players_Hud
[2010-09-15 16:52:39] - [INSECURE CLIENT] Insane-O-Man [ 71d5bc2350a20816a36b2cd2c7ee76ec ] IP: 173.27.159.168 Security ID: 7 using v3369, security state: CheckClientClasses
[2010-09-15 16:52:39] - Unknown Class: DA2.da_turrets_Turret
[2010-09-15 16:52:40] - [INSECURE CLIENT] Insane-O-Man [ 71d5bc2350a20816a36b2cd2c7ee76ec ] IP: 173.27.159.168 Security ID: 7 using v3369, security state: CheckClientClasses
[2010-09-15 16:52:40] - Unknown Class: FarnsworthCore.ChairEffect
[2010-09-15 16:52:41] - [INSECURE CLIENT] Insane-O-Man [ 71d5bc2350a20816a36b2cd2c7ee76ec ] IP: 173.27.159.168 Security ID: 7 using v3369, security state: CheckClientClasses
[2010-09-15 16:52:41] - Unknown Class: ROGame.ROTreadCraft
[2010-09-15 16:52:41] - [INSECURE CLIENT] Insane-O-Man [ 71d5bc2350a20816a36b2cd2c7ee76ec ] IP: 173.27.159.168 Security ID: 7 using v3369, security state: CheckClientClasses
[2010-09-15 16:52:41] - Unknown Class: ROGame.ROVehicle
[2010-09-15 16:52:41] - [INSECURE CLIENT] Insane-O-Man [ 71d5bc2350a20816a36b2cd2c7ee76ec ] IP: 173.27.159.168 Security ID: 7 using v3369, security state: CheckClientClasses
[2010-09-15 16:52:41] - Unknown Class: ROGame.ROVehicleWeaponPawn
Reply With Quote
  #2  
Unread 28th September, 2010, 05:03 PM
[SM]NEGATIVE-O [SM]NEGATIVE-O is offline
Forum Newcomer
 
Join Date: Sep 2010
Posts: 3
Default

Also, I need to make sure my black list is updated. Just to make sure to eliminate the possible false positives. Anyone care to share their black list?
Reply With Quote
  #3  
Unread 29th September, 2010, 02:18 AM
»SZO«Moo »SZO«Moo is offline
Killing Spree
 
Join Date: Oct 2007
Posts: 47
Default

http://www.xraygaming.com/forums/showthread.php?t=9258
Reply With Quote
  #4  
Unread 29th September, 2010, 05:30 AM
[SM]NEGATIVE-O [SM]NEGATIVE-O is offline
Forum Newcomer
 
Join Date: Sep 2010
Posts: 3
Default

Good to see ya out and about there Moo. Thanks for the link.
Reply With Quote
  #5  
Unread 29th September, 2010, 07:47 AM
Wormbo's Avatar
Wormbo Wormbo is offline
out of order
 
Join Date: Sep 2003
Posts: 3,383
Default

Hmm, you may have already noticed that "*cheat*" and "*plugin*" will bring up false positives. There's a good reason those aren't in the default blacklist.

About the unknown classes: Those seem ok. Anti TCC just complains about any classes the server doesn't know. You can turn off those messages by adding MD5 checks for the corresponding packages.
__________________
Wormbo's UT/UT2004/UT3 mods | PlanetJailbreak | Unreal Wiki | Liandri Archives
Quote:
<@Mych|Lockdown> ...and the award for the most creative spelling of "Jailbreak" goes to ... "Gandis Jealbrake Server"
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 11:13 PM.


 

All pages are copyright The Unreal Admins Page.
You may not copy any pages without our express permission.