7 replies to this topic

[Crown]

Good evening my fellow Hawken followers!

Today I am here to bring light to an issue, not just present in Hawken but in many new multiplayer games! However, let me start with the beginning of my story which started with a brief foray into DnDO:
I downloaded the client and launched it... It didn't work, but I'm used to this you see; I unlike many of your do not use a desktop firewall!

I use something called an external firewall and as such; the software available to me is very different but much more secure; personally my choice of software is IPCop. With this added security however, comes greater management, for instance: it will not just open a port on my network the second my computer makes a request (Because this would jepoardise security). To open a port for instance, I must use a variety of tools to troubleshoot a blocked outgoing packet on the program and open it manually on the firewall myself.

So that's what I did! And so the journey continues, the launcher started working and before I knew it the game was downloading, and in preparation of such a moment I already did a Google search to find out what ports the game uses. You would think just as I did then that the journey would end when I discovered that DnDO is a Pay-2-Win micro-transaction mess, but you'd be wrong.

The game launcher wouldn't connect to the server! I'm also sure many of you know that this would mean it wouldn't launch either! I wasn't fazed though, I was going to solve this problem and discover whether the game was worth my time or not. So I revised the required ports to be open and fixed any inadequacies  did extra troubleshooting but to no end. I was stumped.

It's at a moment like this when the usefulness of Google comes into it's own. Forum through forum, website through website I ploughed on undeterred.

Now, on said firewall I have a Proxy activated. Many of you are probably wondering: "Crown, just what is a proxy anyway_"
We-hell son, I'm here to tell you that a proxy is something like an intermediary, the proxy server will take a request from your PC, the request will read in layman's terms like this: Get this info from this location and send it back to me.

This form of communication can have many benefits depending on your setup. I have many PC users in my household, sharing YouTube videos and whatnot. Being an Australian resident, our internet is restricted to a quota each month, for instance: I cannot download more than 100gB at my household. with more than 7 computers using the internet a day and using a lot of the same content, the bandwidth usage can rack up which is one of the few reasons I use an HTTP proxy specifically. They are also good for security as they can host an IP filter and even block ads.

What's the catch_ You cannot move anything through port 80 using anything but an HTTP protocol, the HTTP proxy absolutely cannot handle it. This in my opinion isn't a bad thing however, because there are tens of thousands of different ports to choose from.

Now where was I_ Ah, yes, DnDO... The problem was that the launcher was expecting information to move through port 80 without using an HTTP protocol, it simply wouldn't work unless I turned the proxy off or redirected connections using BlockOutTraffic (Making the proxy redundant). Now, I can play other video games be it WoW, Guild Wars 2, Call of Duty, Counter Strike, TF2 etc. Not because I have added any special rules but because these games do not operate entirely on port 80 and when they do they use it for HTTP, WoW for example will connect to Battle.Net using port 3724 on TCP, Guild Wars 2 will use 6112 on TCP, Call of Duty doesn't host their own servers but the companies that do will host on port ranges over UDP (One server will use 55100, another will use 55101 and there could be 15 hosted at once).

Hawken as far as I can tell (Through netmon) attempts to operate Match Making servers through port 80 on TCP, and as I've explained above, it's unethical to do so and it's bad business practice. I and many others I'm sure have been forced to either compromise their network setup up just to play one game or put it down.

Please dev's, please fix this. ;*~*;

(If you want a netmon log, just ask.)

Edited by Crown, December 06 2012 - 08:18 AM.

[SunshineSloth]

This is an intense level of security. Not that I can talk since everything in my house runs through the linux-box dead zone.

The simplest solution would be to find a proxy that allows all protocol traffic through port 80. Given your strict stance on security though this is probably not an option.

I understand your concern about the your bandwidth limit however I don't see what the proxy has to do with that unless it monitors usage. (even uploads_) Why are you not with TPG or another Unlimited plan_

Have you ever tried League of Legends_

Just curious.

[Elix]

Crown, on December 06 2012 - 08:14 AM, said:

I and many others I'm sure have been forced to either compromise their network setup up just to play one game or put it down.

Given your thorough and strict security arrangements, you won't be surprised that what's happening is that you're being bitten by the dillema of computer security:

Security or convenience, choose only one.

[Crown]

SunshineSloth, on December 06 2012 - 08:47 AM, said:

This is an intense level of security. Not that I can talk since everything in my house runs through the linux-box dead zone.

The simplest solution would be to find a proxy that allows all protocol traffic through port 80. Given your strict stance on security though this is probably not an option.

I understand your concern about the your bandwidth limit however I don't see what the proxy has to do with that unless it monitors usage. (even uploads_) Why are you not with TPG or another Unlimited plan_

Have you ever tried League of Legends_

Just curious.

IPCop measures internet usage, and because of that proxy I save on 5gB per month which might not seem like much but it means a lot to me. I'm also not living in an area where any unlimited plans are available to me.

Yea, I've tried League of Legends before and it seemed to play just fine but that was a year ago.

Elix, on December 06 2012 - 11:13 AM, said:

Crown, on December 06 2012 - 08:14 AM, said:

I and many others I'm sure have been forced to either compromise their network setup up just to play one game or put it down.

Given your thorough and strict security arrangements, you won't be surprised that what's happening is that you're being bitten by the dillema of computer security:

Security or convenience, choose only one.

Well, that's a moot point since the devs would barely have to lift a finger to change it; not to mention as I said before it's bad practice in the first place. So convenience, whether for me or for them doesn't matter. I've never come across a good argument for running ANYTHING but HTTP traffic through 80 and for good reason.

The number one excuse I hear however is: "Proxy's are there for a reason."

This is true, they are indeed there for a reason, but that reason is dictated solely by the operator of that proxy since a proxy has many functions

EDIT: Also, the security I'm using really isn't that hardcore. Sure: it might be better than some business solutions but in my experience there's a severe lack of care for security in all walks of IT.

Edited by Crown, December 06 2012 - 09:27 PM.

[JuiceBox]

There is secure then there is excessive security.

Those who use excessive means to be secure.. well don't blame a game or a developer if you can't play its your sillyness.

[Crown]

JuiceBox, on December 06 2012 - 10:13 PM, said:

There is secure then there is excessive security.

Those who use excessive means to be secure.. well don't blame a game or a developer if you can't play its your sillyness.

So wait, do you mean to tell me, assuming that your opinion is shared by most people on the internet; that my setup is excessive_

It's in my opinion then, that you and everyone who agrees with you has highly delusional views about computer security.

EDIT: I should also add that me using this kind of security pales in comparison to the sillyness of Meteor Entertainment for this lack of insight as it's against professional standards in IT to run a program like this. I don't want to come off as if I'm giving them a hard time or anything though, if anything I'm making a sensible suggestion as one IT professional to another.

Edited by Crown, December 07 2012 - 01:57 AM.

[VertoPrime]

I don't see any grounds for bad business practice or the need for your high level of security the problem I see is your ISP,   you are trying saving money any which way but loose because your ISP is a bandwidth rip off so you are bottle necking your internet usage.  Meteor has no fault in this matter.   Simple solutions, change your bandwidth arm and leg ISP, ask Meteor nicely, wait till Hawken uses dedicated servers or web-based browser MMO, or deal with the cost of using bandwidth which a lot of my Aussie friends have to endure.

As mentioned above excessive Internet Security causes more management which in turn causes more paranoia but in your case, it is just used for cost management there is no lack of insight on Meteor's part ohh and by the way...Hawken ports are 7777, 7787, and 7797.  

The rules and regulations for Australia's telecommunication is outrageous but the good news is companies are competing.    http://bc.whirlpool...._action=search

Edited by VertoPrime, December 07 2012 - 04:19 PM.

[Crown]

VertoPrime, on December 07 2012 - 09:50 AM, said:

I don't see any grounds for bad business practice or the need for your high level of security the problem I see is your ISP,   you are trying saving money any which way but loose because your ISP is a bandwidth rip off so you are bottle necking your internet usage.  Meteor has no fault in this matter.   Simple solutions, change your bandwidth arm and leg ISP, ask Meteor nicely, wait till Hawken uses dedicated servers or web-based browser MMO, or deal with the cost of using bandwidth which a lot of my Aussie friends have to endure.

As mentioned above excessive Internet Security causes more management which in turn causes more paranoia but in your case, it is just used for cost management there is no lack of insight on Meteor's part ohh and by the way...Hawken ports are 7777, 7787, and 7797.  

The rules and regulations for Australia's telecommunication is outrageous but the good news is companies are competing.    http://bc.whirlpool...._action=search

I've been in many software projects in my time, many of which were internet orientated; I am a professional.

Me and many colleagues of mine who have been in this field of IT for sometime all agree on this point. I'm not asking, I'm telling: it's bad practice. It's almost textbook: only designate a data stream over port 80 when for HTTP.

Also, I don't understand what this is about high security. I've never had trouble making anything work before other than few software applications like this one, and I've just pointed out that it's not a client side issue so why is there any doubt or argument_