I am currently working on Nerve a current project of mine, and I am attempting to create a system for linking bot's to share necessary information (such as a Global Ban Queue, "shitlist", etc.). After speaking to numerous people about the best method in which to link the bot's (IP > IP, Server, IRC, etc.), I have decided to have all bot's connect to a mutual server which would hold for example a Global Ban Queue, where each bot would add to the list for whichever reason (detected a load, loadbanning command, etc.), the Server would be sure to check for dupes of names as it received it. Each bot would request periodic updates to their local banQueue where they would specify an amount of user's to update by each time (locally set), at which time the server would automatically remove each name from the banQueue believing they have been banned. The server will also use a callback to start banning among all bot's for example:

If Bot1 was to request an update, but the server returned null, because it's banQueue was empty at that instance, the bot wouldn't request again as it would assume the banning is done, but if Bot2 was to detect a load and add users a second later, the server would initialize banning the second it starts receiving new additions to the banQueue ;).

Example Coding:
[code]
        public Dictionary<string, int> Access = new Dictionary<string, int>();
        public List<string> banQueue = new List<string>();

        public Form1()
        {
            InitializeComponent();
        }

        public string[] getNext(int Amount)
        {
            List<string> temp = new List<string>();
            for (int i = 0; i <= Amount; i++)
            {
                temp.Add(banQueue[i]);
                banQueue.RemoveAt(i);
            }
            return temp.ToArray();
        }

        public void addUser(string user)
        {
            if (!banQueue.Contains(user))
            {
                banQueue.Add(user);
                //Call banMe Callback.
            }
        }
    }
[/code]

What i'm looking for is any comments/suggestions that would make this system more secure and efficient? :-D

uhm.... so basicly same thing as botnet, n have differnt passworded databases. duh.

No, this is a private server, to link groups of bots, not all bots? It would be packaged with the Bot's exe.

thats why botnet has seperate databases? private server? how would you and someone else link your bots then?

you build one server, have certain bots login to a certain database with the supplied password.

Why would I be so nice as to host one big server for anyone who uses the bot to use, this bot is actually made for personal reasons lol but I'm going to release it, and I don't want to take the time to code databases and all that shit, so it's easier to let people run local servers and link just the bot's they wish together ;).

yay for C# servers ::)

[quote author=l2k-Shadow link=topic=17206.msg175259#msg175259 date=1196815735]
yay for C# servers ::)
[/quote]

What's wrong with that?

Why not try a remote SQL server? One that runs on a 24/7 Web Server? Unless im going in the wrong direction...

[quote author=BaDaSs link=topic=17206.msg175267#msg175267 date=1196832379]
Why not try a remote SQL server? One that runs on a 24/7 Web Server? Unless im going in the wrong direction...
[/quote]

that'd work for like a bot database user list or somthing, but he wants his server to alse parse cmds, Uhm, Hmm, i think that should be done client side.

This is a basic shared state problem.

Just have a networked shared SQL (MySQL, Postgres, MSSQL, Oracle etc) database server that all the bots connect to and use. Instant shared state and guaranteed integrity. Also allows you to duplicate standalone functionality without changing your code. If you really want, wrap it in a web service.

If you need to push messages to different bots (to send announcements and the like), go with a message queue (http://en.wikipedia.org/wiki/Message_queue). If that functionality is too advanced/annoying, go with XMPP (Jabber, which is very similar to IRC). Keep in mind that if you go with Jabber you won't have any guarantees that your messages will be received if a connection fails (with a message queue server, you get this guarantee). http://www.foo.be/mqs/ looks interesting, though I haven't used it.

That could work too, but what would be faster, MySQL Server (getting CONSTANT updates), or a server program?

Using non-prepared statements against any SQL database will probably be slower than a custom solution.

It's certainly possible that you could fuck it up, though.

MySQL Server would be the way to go since the data ain't static so a server application is going to be not so good performance wise.

[quote author=Smarter link=topic=17206.msg175271#msg175271 date=1196838914]
That could work too, but what would be faster, MySQL Server (getting CONSTANT updates), or a server program?
[/quote]

Depends. Probably a custom solution would be faster. I dunno how fast MySQL's network protocol is or code...but probably faster than C# and probably pretty concise, however MySQL does a lot of stuff that your solution may not need.

However, I HIGHLY doubt you are going to be able to implement a foolproof ACID solution that is reasonably efficient in your spare time. If you don't know what ACID means:

Atomicity - each transaction (a conceptual block of statements that execute together, aka a group of create, read, update, and delete commands) either executes all at once, or none at all. You can have two writes, and if the first write concludes successfully but the second one fails, you are guaranteed that the database will roll back the previous write, and the database will look like nothing had happened (and be in a consistent state).

Consistency - one can set criteria that absolutely cannot be violated, ever.

Isolation - one transaction will never see the intermediate state of the database while another transaction is executing. That is, if  transaction writes to table X at time 1, and later writes to table X again at time 3, any transaction will not be able to access the data in table X at time 2 (row level locking may apply for maximal concurrency).

Durability - once the application has been notified that the transaction completed successfully, you are guaranteed that the data is actually there and is resilient to any subsequent system failures.

If you can do all of that while maximizing concurrency (aka not naively locking out more people than you need to), go for it. I'd suggest you have your bots directly talk to the database or wrap the database in XML-RPC calls or something similar.

Tangent:

In my albeit limited experience in the CS field, I've found that when presented with a problem it's best to,

a) avoid real concurrency if you don't need to use it. sometimes problems are better solved using conceptual concurrency rather than real concurrency; in that case, use cooperative "concurrency" (coroutines)
b) avoid sharing data among separate concurrent processes as much as possible (queues are your friend)
c) use message passing when you need different processes to communicate
d) when you need to share data, either you better be really fucking careful, or let someone else deal with the problem and put it in a RDBMS (if your application supports it).

See the Wikipedia entry on ACID.

Well the custom solution idea I think is much more efficent than an MySQL server, also because the amount of data being transfered would overload a SQL DB, for example:

Bot1 Detects Load
Bot1 > Server: user1
Bot1 > Server: user2
Bot1 > Server: user3
Bot2 Dectects Same Load
Bot2 > Server: user1
Bot2 > Server: user2
Bot2 > Server: user3
etc. for each bot in the channel, each bot would be sending all these names to the server. The server of course would check for duplicate entrys and discard them, then each bot would at the same instance begin requesting queue:
Bot1 > Server: get(10)
Server > Bot1: user1, user2, user3, etc (to 10)
Bot2 > Server: get(15)
etc.

At which point the server would be removing these names from the queue as they are sent out, now thinking of the amount of data being sent at that speed, none of these solutions are sounding very efficient, although this is SMALL amounts of information that is being sent, so now you got me thinking lol.... hmm Anyone have an alternate solution?

Then use a message queue or XMPP like I said.

Here's an idea, maybe I could remove the need for remote linking altogether, by having the bot parse BNet Messages (I.E Banned Messages), and have each bot randomize it's ban selection:
[code]
        public List<string> banQueue = new List<string>();
        Random r = new Random();

        public void banNext()
        {
            Ban(banQueue[r.Next(banQueue.Count)]);
        }

        public void Ban(string username)
        {
            bot.addQueue("/squelch " + username);
            bot.addQueue("/ban " + username);
            banQueue.Remove(username);
        }
[/code]

Something along those lines, each bot would take a random name out of the queue to ban, and have it parse the banned messages, and continue to remove the names?

You could eliminate the whole problem by just having one application that can handle multiple connections to Battle.net ("multi profile bot"). The one application could have a Global Ban Queue array or whatever you prefer.

i would update the database's ban list, then push a message over xmpp telling everyone that the banlist has been updated, and they would issue a select something like

select * from banlist where username in ('list','of','users','in','channel')

[quote author=Yegg link=topic=17206.msg175282#msg175282 date=1196868250]
You could eliminate the whole problem by just having one application that can handle multiple connections to Battle.net ("multi profile bot"). The one application could have a Global Ban Queue array or whatever you prefer.
[/quote]

uh, i'd think hes talkin about having bots on seperate computers working to geather hence the whole botnet type idea.

[quote author=MyStiCaL link=topic=17206.msg175301#msg175301 date=1196931833]
[quote author=Yegg link=topic=17206.msg175282#msg175282 date=1196868250]
You could eliminate the whole problem by just having one application that can handle multiple connections to Battle.net ("multi profile bot"). The one application could have a Global Ban Queue array or whatever you prefer.
[/quote]

uh, i'd think hes talkin about having bots on seperate computers working to geather hence the whole botnet type idea.
[/quote]

You're right, I don't know how in the world I missed that either.

[quote author=Smarter link=topic=17206.msg175275#msg175275 date=1196851977]
Bot1 Detects Load
Bot1 > Server: user1
Bot1 > Server: user2
Bot1 > Server: user3
Bot2 Dectects Same Load
Bot2 > Server: user1
Bot2 > Server: user2
Bot2 > Server: user3
etc. for each bot in the channel, each bot would be sending all these names to the server. The server of course would check for duplicate entrys and discard them, then each bot would at the same instance begin requesting queue:
Bot1 > Server: get(10)
Server > Bot1: user1, user2, user3, etc (to 10)
Bot2 > Server: get(15)
etc.
[/quote]

Why not vice versa? Server > Client: get(10) therefore the server manages what bots to be banned. Unless that's what you mean when you say "Server > Bot1: user1, etc...".

Perhaps instead of spamming the server, have some sort of third-party program that updates the server with a list of bots to be banned instead of all of the operators sending the same user. Just a suggestions =]

why dont u just implment a set of protocol based interface like that of BNET or BNLS, since im sure u are already familiar with BNET style protocol formats, its perfect for exchanging info with ur botnet as well perhaps other bot developers. coz recently i just done a similar thing with my bot, i only got the structure down by basing upon the BNET protocol so that other bot can get info from my bot http://laineth.googlepages.com/lenp.html

wouldn't the existing botnet work for this?

[quote author=UserLoser link=topic=17206.msg175450#msg175450 date=1198136905]
wouldn't the existing botnet work for this?
[/quote]

?? don't you know that inventing old ideas is cooler?

[quote author=l2k-Shadow link=topic=17206.msg175453#msg175453 date=1198182576]
[quote author=UserLoser link=topic=17206.msg175450#msg175450 date=1198136905]
wouldn't the existing botnet work for this?
[/quote]

?? don't you know that inventing old ideas is cooler?
[/quote]

save time/money/troubleshooting why things dont work like they should

do you pay your self or other people to let you program things?
i sure dont... therefor im pritty sure that me or anyone else who doesn't pay other people to let them code... is saving money either way...

[quote author=Leaky link=topic=17206.msg175456#msg175456 date=1198196562]
do you pay your self or other people to let you program things?
i sure dont... therefor im pritty sure that me or anyone else who doesn't pay other people to let them code... is saving money either way...
[/quote]
I am pretty sure he is talking about when you get out in the working world. Why would a company pay time and resources for something that is already out there and it already works, like he said everything always runs into problems so why would you waste the time on something and try to reinvent the wheel.

Leaky: that post does not make much sense.  Any given programmer only has a finite amount of time to devote to working on the code.  If you can save hours by reusing an existing and perfectly functional piece of technology, then you can use those hours to work on a new feature or socialize with friends.

In the corporate world, programmer positions are typically exempt.  As such, you get paid the same amount whether it takes you five minutes or two hours to do something.  I would rather spend the five minutes doing it so that I can go home at the end of the day, instead of staying into the night debugging a new version of the wheel.

[quote author=Kp link=topic=17206.msg175460#msg175460 date=1198198797]
Leaky: that post does not make much sense.  Any given programmer only has a finite amount of time to devote to working on the code.  If you can save hours by reusing an existing and perfectly functional piece of technology, then you can use those hours to work on a new feature or socialize with friends.

In the corporate world, programmer positions are typically exempt.  As such, you get paid the same amount whether it takes you five minutes or two hours to do something.  I would rather spend the five minutes doing it so that I can go home at the end of the day, instead of staying into the night debugging a new version of the wheel.
[/quote]

Very well put.

i guess i just have alot more free time than you people.... even tho i work in the corporate world and all... you guys should learn to find time for your self...

[quote author=Leaky link=topic=17206.msg175466#msg175466 date=1198292530]i guess i just have alot more free time than you people.... even tho i work in the corporate world and all... you guys should learn to find time for your self...[/quote]So basically you don't use your time effectively because you have plenty of time to waste.

[quote author=Leaky link=topic=17206.msg175466#msg175466 date=1198292530]
i guess i just have alot more free time than you people.... even tho i work in the corporate world and all... you guys should learn to find time for your self...
[/quote]

With that kind of philosophy why bother using anything made by anyone else since you have so much time? Forget using programming languages and their corresponding softwares which were made by people far more intelligent than you are. Write your own language. Write your own assembler for use with the compiler of your language. I would begin with this. Next, I would start creating all the other necessities one by one. Make a GUI framework of some sort with your language and get to work on a web browser, word processor, etc. Before long, you'll be attempting menuetos.net only you won't accomplish anything. Somewhere along the line, you'll realize you NEED the existing code and existing software of others. I don't see how you could be so ignorant to some of the other posts in this thread, notably the last one by Kp.

Leaky,

Write your own operating system.

If you refuse this challenge, or you give up before it's more widely used than any individual linux distribution, you lose this argument.

There is certainly a fantastic reason to reinvent the wheel: if you want to learn exactly how it works.

Go ahead and write your own botnet. It'll be a great learning experience. Extra points if it's fully peer to peer :)

[quote author=Leaky link=topic=17206.msg175456#msg175456 date=1198196562]therefor im pritty sure[/quote]

LOL ITS "PRETTY" YOU DUMBASS LOLL HAHAH RUDUMB?

[quote author=betawarz link=topic=17206.msg175473#msg175473 date=1198318403]
[quote author=Leaky link=topic=17206.msg175456#msg175456 date=1198196562]therefor im pritty sure[/quote]

LOL ITS "PRETTY" YOU DUMBASS LOLL HAHAH RUDUMB?
[/quote]

HERE COMES THE ROFLCOPTER!!!!!!!!

[quote author=Banana fanna fo fanna link=topic=17206.msg175472#msg175472 date=1198317148]
There is certainly a fantastic reason to reinvent the wheel: if you want to learn exactly how it works.

Go ahead and write your own botnet. It'll be a great learning experience. Extra points if it's fully peer to peer :)
[/quote]

True, but with Leaky's knowledge I'm sure that he already knows exactly how it works considering it also isn't really that advanced of a topic.

[quote author=Yegg link=topic=17206.msg175475#msg175475 date=1198325750]
[quote author=Banana fanna fo fanna link=topic=17206.msg175472#msg175472 date=1198317148]
There is certainly a fantastic reason to reinvent the wheel: if you want to learn exactly how it works.

Go ahead and write your own botnet. It'll be a great learning experience. Extra points if it's fully peer to peer :)
[/quote]

True, but with Leaky's knowledge I'm sure that he already knows exactly how it works considering it also isn't really that advanced of a topic.
[/quote]

Leaky's knowledge? I don't know, but he isn't sounding too hot in this topic thus far.

[quote author=Yegg link=topic=17206.msg175469#msg175469 date=1198301939]
[quote author=Leaky link=topic=17206.msg175466#msg175466 date=1198292530]
i guess i just have alot more free time than you people.... even tho i work in the corporate world and all... you guys should learn to find time for your self...
[/quote]

With that kind of philosophy why bother using anything made by anyone else since you have so much time? Forget using programming languages and their corresponding softwares which were made by people far more intelligent than you are. Write your own language. Write your own assembler for use with the compiler of your language. I would begin with this. Next, I would start creating all the other necessities one by one. Make a GUI framework of some sort with your language and get to work on a web browser, word processor, etc. Before long, you'll be attempting menuetos.net only you won't accomplish anything. Somewhere along the line, you'll realize you NEED the existing code and existing software of others. I don't see how you could be so ignorant to some of the other posts in this thread, notably the last one by Kp.
[/quote]

silly simpleton! i've already started on these things!!!!! i was planning on mixing LOLCODE with PHP :D then making an operating system out of it!!!

[quote author=Warrior link=topic=17206.msg175480#msg175480 date=1198368095]
[quote author=Yegg link=topic=17206.msg175475#msg175475 date=1198325750]
[quote author=Banana fanna fo fanna link=topic=17206.msg175472#msg175472 date=1198317148]
There is certainly a fantastic reason to reinvent the wheel: if you want to learn exactly how it works.

Go ahead and write your own botnet. It'll be a great learning experience. Extra points if it's fully peer to peer :)
[/quote]

True, but with Leaky's knowledge I'm sure that he already knows exactly how it works considering it also isn't really that advanced of a topic.
[/quote]

Leaky's knowledge? I don't know, but he isn't sounding too hot in this topic thus far.
[/quote]

Either what I said spiraled right over your head or you caught it nicely.

[quote author=Kp link=topic=17206.msg175460#msg175460 date=1198198797]
Leaky: that post does not make much sense.  Any given programmer only has a finite amount of time to devote to working on the code.  If you can save hours by reusing an existing and perfectly functional piece of technology, then you can use those hours to work on a new feature or socialize with friends.

In the corporate world, programmer positions are typically exempt.  As such, you get paid the same amount whether it takes you five minutes or two hours to do something.  I would rather spend the five minutes doing it so that I can go home at the end of the day, instead of staying into the night debugging a new version of the wheel.
[/quote]

I don't think you realize, but you just gave Cuphead your seal of approval for making CleanSlateBot. :P

[quote author=Joe[x86] link=topic=17206.msg175485#msg175485 date=1198399893]
[quote author=Kp link=topic=17206.msg175460#msg175460 date=1198198797]
Leaky: that post does not make much sense.  Any given programmer only has a finite amount of time to devote to working on the code.  If you can save hours by reusing an existing and perfectly functional piece of technology, then you can use those hours to work on a new feature or socialize with friends.

In the corporate world, programmer positions are typically exempt.  As such, you get paid the same amount whether it takes you five minutes or two hours to do something.  I would rather spend the five minutes doing it so that I can go home at the end of the day, instead of staying into the night debugging a new version of the wheel.
[/quote]

I don't think you realize, but you just gave Cuphead your seal of approval for making CleanSlateBot. :P
[/quote]

But think of all the time a CSB user is saving when he uses that instead of reinventing the wheel! *We can use these hours to work on a new feature or socialize with friends.*
Joe is right. This is what's happening to the quality of our propetiary software.

You guys are getting mixed up between reinventing the wheel, and reinventing the car.

Reinventing the wheel is defined as implementing something that already exists and your implementation holds no or marginal improvements over the existing solution. Implementing for the sake of implementing, in a sense.

Then there's innovation, in which you see a problem with an existing solution and you implement your own thing. That's not bad at all, but there's a very fine line between innovation and a waste of time.

[quote author=Joe[x86] link=topic=17206.msg175485#msg175485 date=1198399893]
I don't think you realize, but you just gave Cuphead your seal of approval for making CleanSlateBot. :P
[/quote]

The idea behind CleanSlateBot is not inherently a bad one.  However, good ideas are not always implemented well.  The main problem with CSB was that it made the task of creating a bot seem much easier than it really was, so we had people who had no business writing any sort of bot picking up CSB and then whining for help when it turned out to be harder than they expected.

It did not help that CleanSlateBot had some nasty bugs that were not caught before release.  To this day, BNLS reserves a flag because CSB randomly set or cleared that flag without otherwise changing the message.  If BNLS defined a purpose for that flag, CSB users would sometimes advertise support/use of the associated feature even though they did not support it.

[quote author=brew link=topic=17206.msg175486#msg175486 date=1198416864]
But think of all the time a CSB user is saving when he uses that instead of reinventing the wheel! *We can use these hours to work on a new feature or socialize with friends.*
[/quote]

We also had a lot of copycat bots where people would stick a thin layer on CSB and release it without any original or interesting functionality.

[quote author=brew link=topic=17206.msg175486#msg175486 date=1198416864]
But think of all the time a CSB user is saving when he uses that instead of reinventing the wheel! *We can use these hours to work on a new feature or socialize with friends.*
Joe is right. This is what's happening to the quality of our propetiary software.
[/quote]

...this is bad?

What I don't understand is how a topic about how best to remotely link bot's turned into an argument about how innovative everyones ideas, if someone wishes to as you say "re-invent the wheel" then why not? To each their own?

On another note, i'd like to get back on topic, so far the other suggestions i've picked up on, besides my original idea of a custom server, are:
Coding my own BotNet-like Protocol.
Using the existing BotNet.

Neither of them sound promising, and seem overly complex for a simple problem. I believe having a remote server that each bot sends updates too, while still acting as an independent entitiy, but still acting out any commands sent from the server will be best, as to how I could have the bots be partially independant but still work together is the delima i'm facing currently. I want each bot to use the server to stop double banning, and improve the overall banning efficieny, but I don't want the bots to rely solely on the server for ban commands, espically considering if for some reason the connection between the server and client is degraded messages may take too long to recieve, as well as the possibility of a break in connection and the server believeing that certain users are banned when the client never recieved the command to ban... Help?

i wonder how using a server for double banning is gonna be efficient. say you're banning a load, and bot A bans loadbot X, if bot B bans at the same interval as bot A, bot B will not get the message from the server telling i that loadbot X has been banned. Using a server to relay these messages in between bots will generate even more inaccuracy.  You should consider some techniques client-side to stop double banning even if not all bots are loaded from 1 executable. My bot uses such a technique and it works quite well.  Now if you wish to implement such features as a global shitlist, safelist and etc... then using a mysql database would probably be your best bet, or you could implement a protocol for your bot which could relay the shitlist, safelist, and so on through whispers or even a peer-to-peer connection between the bots, you have countless options.

With that said, if you put [size=16pt]ALL[/size] your ideas down on paper, you could then decide what would be the best way to handle them. Don't just guess and start coding random things which won't guarantee any efficiency.

That's not how I planned the server to work, what I planned was for each bot to send constant updates to the server, telling it bots that must be banned, the server would then decree the ban commands to each bot, in a balanced manner, ordering each bot to ban a specific list of users.

[quote author=Smarter link=topic=17206.msg175648#msg175648 date=1199603126]
That's not how I planned the server to work, what I planned was for each bot to send constant updates to the server, telling it bots that must be banned, the server would then decree the ban commands to each bot, in a balanced manner, ordering each bot to ban a specific list of users.
[/quote]

And why do you need a server for this? If I assume that you are banning a load in this manner and that load is restricted to 1 channel, bots can make their own lists of users to be banned, also you should take into account that some load bots will drop before being banned. imho waste of time

well since you don't like any of the right ideas why don't you just go have the bots add usersnames to a webserver XML and let them gather names off of there n delete as they ban sounds newb but simple, other wise i'd stick to what i said before botnet.

Well, to be honest, I don't really like the idea of a server either, but I was arguing with everyone in hR about using a simple direct connection between the bots, each bot having a list of IP's/Passwords that it would connect to on start (would be even easier to use a No-Ip.org), but everyone insisted that was insecure and a server is the best bet, so what is your guys opinion on a direct connection?

once the bot connects, i would exchange encrypted whispered handshakes with the operators in the channel to check that they are bots which support the feature, then initiate a direct connection in between them to exchange extensive lists and such.. if you want to get technical, of course this could be insecure as you are exposing your I.P. address and your bot could be exploited through the direct connection by a clever hacker through means of buffer overflows and such.. but cmon it's battle.net.

Establishing direct connections requires that at least one member of every pair be able to accept connections coming from the Internet.  This does not play well with NAT devices, and may cause problems with on-board firewalls blocking the connections as well.  If you have a centralized server, then only the server needs the ability to accept connections from the Internet.  All the bots will only be clients to external servers, which should avoid most firewall problems.

Hmmm, that was my orignal idea shadow, to have the bot's reconize usernames as a list, then get the required information through encrypted whispers, but everyone in hR said that I would be using your idea and that it was even more insecure to do it that way, and that the connection would be opening a port, and if I didn't make it correctly, people would enjoy exploiting anyone who uses it, I'm just brainstorming to figure out how to make it both secure and efficient, and Direct Connection seems to be the best manner, I could even go as far as to have the bot authenticate to one another before direct connection information is passed, but that still leaves the problem of the vulnrability with the open port...

both direct connection and server have their advantages and disadvantages. Like Kp said, direct connection will be hard to implement efficiently due to routers and firewalls... then again server will be slower, you'll have to upkeep a running computer and a running program, and knowing battle.net someone will probably try to ddos it... also again the open port thing wouldn't be insecure if you have an authentication to make sure that the person connecting is the person you want to connect. lol.

Well that's my plan, but what about things like Buffer overflow like you said, people could easily use my bot against other copies of it, by massing requests to a known copy of my bot, and dropping it...

[quote author=Smarter link=topic=17206.msg175698#msg175698 date=1199717725]
Well that's my plan, but what about things like Buffer overflow like you said, people could easily use my bot against other copies of it, by massing requests to a known copy of my bot, and dropping it...
[/quote]

well if you're not a shitty programmer you'll implement ways to guard against that.

[quote author=l2k-Shadow link=topic=17206.msg175704#msg175704 date=1199745982]
[quote author=Smarter link=topic=17206.msg175698#msg175698 date=1199717725]
Well that's my plan, but what about things like Buffer overflow like you said, people could easily use my bot against other copies of it, by massing requests to a known copy of my bot, and dropping it...
[/quote]

well if you're not a shitty programmer you'll implement ways to guard against that.
[/quote]

My method: Make the first parameter the hInstance or something on that order, then right before the return, show an error message and terminate the process immediately if the parameter doesn't equal GetModuleHandle(NULL) (the value could be anything, really, just try to make it a random on a per-instance basis).

EDIT** Oh wait, doesn't C# have built in buffer overflow protection?

[quote author=brew link=topic=17206.msg175707#msg175707 date=1199751801]
EDIT** Oh wait, doesn't C# have built in buffer overflow protection?
[/quote]
Yes, it does.

Nice, so then there's the solution, P2P connection, with authentication ;).

You say that like it's simple.

[quote author=MyndFyre[vL] link=topic=17206.msg175709#msg175709 date=1199753295]
[quote author=brew link=topic=17206.msg175707#msg175707 date=1199751801]
EDIT** Oh wait, doesn't C# have built in buffer overflow protection?
[/quote]
Yes, it does.
[/quote]

that makes it a shitty language, right?

[quote author=Camel link=topic=17206.msg175714#msg175714 date=1199774313]
You say that like it's simple.
[/quote]

Well of course it's not simple, but the idea is simple, implementation is the challenge.

[quote author=Banana fanna fo fanna link=topic=17206.msg175715#msg175715 date=1199777674]
[quote author=MyndFyre[vL] link=topic=17206.msg175709#msg175709 date=1199753295]
[quote author=brew link=topic=17206.msg175707#msg175707 date=1199751801]
EDIT** Oh wait, doesn't C# have built in buffer overflow protection?
[/quote]
Yes, it does.
[/quote]

that makes it a shitty language, right?
[/quote]
It helps makes it a slow one.

[quote author=brew link=topic=17206.msg175721#msg175721 date=1199823066]
[quote author=Banana fanna fo fanna link=topic=17206.msg175715#msg175715 date=1199777674]
[quote author=MyndFyre[vL] link=topic=17206.msg175709#msg175709 date=1199753295]
[quote author=brew link=topic=17206.msg175707#msg175707 date=1199751801]
EDIT** Oh wait, doesn't C# have built in buffer overflow protection?
[/quote]
Yes, it does.
[/quote]

that makes it a shitty language, right?
[/quote]
It helps makes it a slow one.
[/quote]

yeah performance is way more important than security in a network setting, especially when the application is i/o bound.

[quote author=Banana fanna fo fanna link=topic=17206.msg175723#msg175723 date=1199830501]
[quote author=brew link=topic=17206.msg175721#msg175721 date=1199823066]
[quote author=Banana fanna fo fanna link=topic=17206.msg175715#msg175715 date=1199777674]
[quote author=MyndFyre[vL] link=topic=17206.msg175709#msg175709 date=1199753295]
[quote author=brew link=topic=17206.msg175707#msg175707 date=1199751801]
EDIT** Oh wait, doesn't C# have built in buffer overflow protection?
[/quote]
Yes, it does.
[/quote]

that makes it a shitty language, right?
[/quote]
It helps makes it a slow one.
[/quote]

yeah performance is way more important than security in a network setting, especially when the application is i/o bound.
[/quote]

What about the functions etc that don't need buffer overflow checks? ...

Any function which manipulates a buffer needs to have a buffer overflow check, in case dangerous data is passed to it.  Any function which doesn't manipulate a buffer generally doesn't receive the code for a buffer overflow check, although this varies a bit by language, compiler, and compiler options.  I'd be surprised if Microsoft didn't take the opportunity to ensure that every buffer access in C# has an associated overflow check.

Back to the topic,

Have you heard of the interbot protocol? I haven't seen it used in a very long time - it seemed to be a pretty tacky protocol that was only used by CHAT bots way back in the day. It was a pseudo-binary protocol for background communication between bots. I wouldn't suggest using it specifically, but you could learn something by researching how it works.

www.subbot.net

I think decentralization is key here, take a page from platforms like OpenId. You should be able to define which service provider you wish to associate your banlists with.

I would hope we learned from mistakes BNLS made without its open implementations.

In fact, I think it would be interesting to create open, decentralized net interface of sorts to share anything between to bots. Develop a protocol for sharing and let the clients decide what they think they should share. Banlists and such seem rather limited. I am not sure if there's a need since battle.net is a rather limited population but who knows maybe the implementation could be versatile to adjust to any network: Battle.net, IRC, etc.

[quote author=Networks link=topic=17206.msg175766#msg175766 date=1200173816]
I would hope we learned from mistakes BNLS made without its open implementations.
[/quote]

There were open implementations of BNLS clients.  The server was kept closed on purpose.  Remember that it was a long time after BNLS came out before anyone else could do NLS calculations.

[quote author=brew link=topic=17206.msg175707#msg175707 date=1199751801]
My method: Make the first parameter the hInstance or something on that order, then right before the return, show an error message and terminate the process immediately if the parameter doesn't equal GetModuleHandle(NULL) (the value could be anything, really, just try to make it a random on a per-instance basis).
[/quote]

If anyone's interested, I've got the ASM from when BreW implemented this in IX86verXX.dll.

[quote author=Joe[x86] link=topic=17206.msg175805#msg175805 date=1200332632]
[quote author=brew link=topic=17206.msg175707#msg175707 date=1199751801]
My method: Make the first parameter the hInstance or something on that order, then right before the return, show an error message and terminate the process immediately if the parameter doesn't equal GetModuleHandle(NULL) (the value could be anything, really, just try to make it a random on a per-instance basis).
[/quote]

If anyone's interested, I've got the ASM from when BreW implemented this in IX86verXX.dll.
[/quote]
What are you talking about?