Many of the tactics today used by Game Masters, specifically in game to remove potential threats to server security, such as hackers, crackers, keyloggers, botters and account information phishers is generally a full time job. Not to mention requires a great deal of experience, and for the most part the way to fight game cheating is not well known, especially by the majority of Online Game companies out there.
Here in this blog page... I will try to explain how botters think and work, both as an application and as a person on the bot application. No, I do not have personal experience using one of these applications. However, after observation of banning thousands of bots, and researching the topic in order to better my own effectiveness against bots, I have learned a number of tactics specifically do's and do nots when bot hunting.
We will start with the do nots since these are common mistakes made by many GMs attempting to bot hunt, remember that GMs that are part of a larger online gaming community may have far more experience with the issue of botters and can even train other GMs on how to catch these vicious little cheaters.
The Do NOTs of Bot Hunting
Almost Never Talk to a Potential Botter
- The most common mistake a GM can do is resorting to a chat spar with a Botter or potential botter. Please remember, that botters are people running applications. These applications can be programmed to alert the bot user if they are being messaged, and even alert the player if a person with a "GM" tag is showing up, yes even if the GM is in invisible mode.
More times than not the botter will message the GM, and ultimately ruin the element of surprise the GM would of normally had had she/he not messaged them to begin with. Remember, botters bot because they are to lazy to work themselves and they want to do other things while botting, so this is your opening to catch them.
Bots can also be set to stop their automation immediately upon receiving a message, even sign off if they detect another player in range or are receiving messages, or even when detecting a GM. They can also auto-reply to various messages. "I'm not a bot" "Hello" Use the chat function only unless you are completely uncertain about the person you are dealing with and only as a last resort. I will be posting bot hunting tips to help reduce the chances of needing the chat function and ultimately help you become a more effective botter.
- It is also a mistake to assume that the person botting is not going to be there at the computer. The hardest type of botters to catch, are the botters that are frequently at the computer, running multiple bots keeping an eye on all of them. More often than not this type of botter will not be catchable unless you can prove it through server only data. Verifying the potential botter's Client Version ID's if available. Which has a tendency to be outdated.
- While it may be far more effective on catching botters, often enough GMs check all to often. Sometimes this can lead to a player or player(s) feeling harassed by the GM(s) because of to frequent of bot checks. To reduce the amount of times you bot check the same person, try to memorize who you check for botting and only bot check if absolutely necessary.
- While it is common to receive faulty reports from valid players, never forget that maybe the player or player(s) may be correct on an issue. It becomes far more self evident if the player is more experienced with the game they are playing. So if you have a veteran player telling you they believe someone is a bot, you should always check this reported player frequently.
- While it is probably a bad idea to talk with a botter, please remember that if you are checking them, never let them know that you are checking them for, this exposes your suspicions and ultimately puts the potential botter into hiding, just long enough for you to lose interest and they will then return and continue their botting activities.
- More times than not game companies think they can rely entirely on their client side anti-hack or even server side anti hack applications to prevent hackers and botters. This is a flawed method of thinking as these programs are more than often enough bypassed by experienced programmers, and even inexperienced ones.
While client side anti-hack applications such as nProtect's "GameGuard" may seem effective, they are more often met with skepticism due to their bulky resource consumption and confliction with other legitimate PC applications.
Create Bot Hunting Techniques
- Best ways to hunt for botters is developing methods to catch them. Many games offer special commands to GMs that can help them be a more effective GM. While these commands are often designed for other purposes, they can be used and applied to catch bots. However, not all games have the necessary commands to effectively catch bots on a GM account. To view various methods please ( Click Here ) to check out my other blog post.
While catching hackers is probably best VIA server applications, the server side application needs to be programmed with the data of that particular cheating program. Which often means that if it is an uncommon or custom program by the botter themselves, then the server anti-hack system will most likely not detect it.
- Yes, while some GMs/Game Companies may not see them as a direct threat. They do cause an imbalance in the server, whether it be through in-game economy or through game's ranking or PvP systems. Botters are quite possibly the hidden devastation of an online video game. They make a game that was originally fair to an unfair practice and ultimately make an uncontrollable situation.
- While everyone thinks of bots as an automated program, the people using them are often dishonest, have no respect for the rules and other people and generally are trouble makers throughout the server. It is always a good idea to keep track of players that are particularly troublesome on the server. Especially ones well known for harassing players for no actual reason except to harass. Also known for creating phishing websites, or trying to scam/harass players on alts. There is more on trolls on my separate blog post ( Click Here )
- As a GM, I have always made suggestions to game developers and game CEO's, while some developers are GMs ( a concept I disagree with ) they are often to busy to comprehend the trouble some players can cause. So make suggestions on commands, updates, and other various things that can help you be a more effective GM.
- Checking a botters IP. Keeping note of the IP(s) in a list of banned botters, will assist you in catching future botters. While most people have dynamic IP addresses, you can often enough track who is who by checking their current locations, rural areas generally have a lower chance of having multiple legitimate users. So if you have a known botter from a rural area, and you find another botter from the same rural area, it is possible that they are the same person botting.
- For problematic botters/hackers or players, the IP Range Ban is more often than not the last resort to fighting these kind of players. When doing an IP Range, always check with a website the location of the specific IP address to avoid IP banning major cities which may have potential or old members on your server. If you do IP range a specific area, it is best to wait a week-2 weeks and then remove that IP range ban. Generally botters have lost interest in the game they are cheating on and have moved on.
- Contacting an ISP and complaining about the user causing problems on your server ( giving the IP information available ) and then suggesting that they be placed on a static IP ( an IP address that doesn't change ) will greatly help your situation on fighting that particular botter. It is generally only necessary to do this if the player is a serial botter. Sometimes the first bot banned, is the last bot banned for that particular user. However, the ISP may not be willing to solve the issue. Formal letters may be more effective than a phone call or email though.
