Below you will find the email that started this whole methoid a year ago. This does not stop all the aimbots and cheats by today aimbot standards. The new MD5 system found in UT2003 does not stop them either. I know cause I have tested it and used it for a year. I cant run UTPure becuase it takes away the hud for my Rocket-X.
Plus, be warned you will have some clients who will not be able to join the server and the quickest option I have found is to have them reload the game and copy over only the necessary files.
The lastest aimbots get in and there is nothing you can do about it. But you can stop 75 percent of them, plus if your server can handle UTPure you have a good chance of stopping most of them. I have sent my findings to a few people in the UT community who have the power to correct these problems but I know for a fact that its not just a black and white solution. Meaning that it is not a symple fix. Also I wanted to say Thank you to all the people who code for the game.
I posted my original email sent to me by a friend who found out about this methoid.
----- Original Message -----
From: "Edward Hayes" <
[email protected]>
To: <
[email protected]>
Sent: Friday, May 24, 2002 10:35 AM
Subject: FW: Removal of the 'ServerSideOnly' backdoor within Unreal
Tournament
>
>
> -----Original Message-----
> From: }»F®èékßøÿG«{ [mailto:
[email protected]]
> Sent: Friday, April 12, 2002 2:18 AM
> To:
> Subject: FW: Removal of the 'ServerSideOnly' backdoor within Unreal
> Tournament
>
>
>
>
> -----Original Message-----
> From: Ed Nabisco [mailto:
[email protected]]
> Sent: Wednesday, April 10, 2002 12:00 AM
> To:
> Subject: Removal of the 'ServerSideOnly' backdoor within Unreal
> Tournament
>
> So, are you guys doing this to protect the server from people
> cheating
> This procedure looks interesting, but it seems to have a few down sides
> that
> people are complaining about. It seems that Mac and Linux users are
> screwed
> in this and won't be able to join. OK, so a few people won't be able to
>
> join, but at least it seems to stop some cheating. In addition to this,
> I
> guess you could use a CSHP. I might have some more information on that
> for
> you later. I am not sure they can be used and still allow Mods to be
> used.
>
> I just gave you the necessary info. The full article is here:
>
http://pub88.ezboard.com/fosxmacutme...sage?topicID=2
> 7.topic
> .
> .
> .
> Removal of the 'ServerSideOnly' backdoor within Unreal Tournament
>
> This explanation merely describes one solution for "fixing" the most
> common
> security holes used by cheats at the moment.
>
> This information will provide server admins with an opportunity to close
> one
> of the largest security holes that Unreal Tournament currently has, and
> will
> give mod authors the chance to close another one using some simple
> script
> changes.
>
> This fix will work with any standard Unreal Tournament server and every
> mod,
> such as Infiltration, Tactical Ops or Strike Force, just to name a few.
>
> Server admins should read the following instructions carefully, because
> it
> takes only about 5 minutes to change. Common AimBots are using a changed
>
> version of the UTMenu.u file. This package is already listed in the
> ServerPackages= list, however it is flagged as 'ServerSideOnly' due to
> backwards compatibility issues of former versions of Unreal Tournament.
> Well, today all servers and clients out there have version 436
> installed,
> and so the need of backwards compatibility is no longer an issue. The
> 'ServerSideOnly' flag is responsible for not allowing the check between
> client and server that normally takes place for all packages within the
> ServerPackages= list. So, different versions of these files slip between
> the
> cracks, and AimBots and other cheats can be used without anyone knowing
> any
> better. Removing the 'ServerSideOnly' flag is very easy to achieve and
> thankfully, the package integrity remains the same. This means that the
> package is still the "same" for the Unreal Tournament engine and a
> client-server check will not result in a "file mismatch" warning as some
>
> might come to expect. So servers can use files with the 'ServerSideOnly'
>
> flag removed and clients do not need to download a changed package or do
>
> anything else for that matter.
>
> The following describes one possible way to change this flag. It
> basically
> describes the correct usage of the ucc.exe file for removing the flag,
> and
> how to setup the server's INI file correctly so that the new file(s) are
>
> checked. It should be said that the UTMenu.u file is not the only one
> that
> can be modified for cheating, so the procedure should be performed on a
> group of files that are listed below.
>
> How to remove the ServerSideOnly flag from the UTMenu.u package:
>
> open a command.com or cmd.exe (also known as DOS box or window)
> change the path to your UnrealTournament\System folder
> type in the following and hit enter (case sensitive if needed
> ucc packageflag UTMenu.u UTMenu2.u -ServerSideOnly
> wait until ucc has saved the new UTMenu2.u file
> make a new folder .... i.e. UnrealTournament\ServerFiles
> copy the new UTMenu2.u file into this folder
> rename it back to UTMenu.u
> open the server's ini file (ie. UnrealTournament.ini or the one from the
> mod
> you are hosting)
> search for [Core.System]
> below you will see the Paths= list entries, such as Paths=../System/*.u
> add the folder you just created at the top of the list like this:
> Paths=../ServerFiles/*.u
> ... then the original ones should follow
>
> search for [Engine.GameEngine]
> below you will see the ServerPackages= list entries, such as
> ServerPackages=Botpack
> make sure that ServerPackages=UTMenu is listed there as well. If not,
> simply
> add it
> That's it! Now clients using a modified version of the UTMenu.u file
> will
> automatically be rejected by your server.
>
> Here's a list of common packages that are using the ServerSideOnly flag
> and
> can be abused:
>
> UBrowser.u
> UTBrowser.u
> UWindow.u
> UMenu.u
> UTMenu.u (like described above)
> Remove the ServerSideOnly flag for these packages as well, copy them to
> your
> new "ServerFiles" folder, and add them to your ServerPackages= list, if
> not
> already included.
>
> Feel free to let us know if you have additional questions or comments.
>
>
>
>
>
> __________________________________________________ _______________
> Send and receive Hotmail on your mobile device:
http://mobile.msn.com