Popular Post Akinari Posted August 21, 2013 Group: Members Topic Count: 32 Topics Per Day: 0.01 Content Count: 247 Reputation: 207 Joined: 10/23/12 Last Seen: March 2, 2022 Popular Post Share Posted August 21, 2013 We here at rAthena believe that the users have the right to know what our team believes this project should be.rAthena Goals: Emulation AccuracyOur top priority of this project should be put towards creating an experience that matches that of the official servers. Right now, we are far from reaching that goal, but with focus on this particular issue, and with the help of people like you, we can close the gap between the official servers and ourselves. While this may never reach 100% accuracy due to constantly changing aspects in official servers, we could definitely do better than where we are right now. StabilityWhile we continue to fix bugs and add additional new content, it is extremely important that we remain focused on creating a project you can rely on to manage itself while you are away from your server. We want you to feel comfortable walking away knowing that you won't come back to a downed server. Resource ConsumptionCode speed and resource reduction should remain a lower priority as accuracy and stability are more important than saving some memory or process time. A successful project requires this understanding. Sometimes we may improve code that we come across during fixing other bugs or re-writing sections of code, but at this time, we should not focus on finding and fixing some of the more resource consuming portions of code. CustomizationWe're "core" developers. We develop a platform for people to build off of. Out of the box, we aim to maintain parity with AEGIS, and beyond that, we will provide tools and support (as long as it doesn't detract from the core!) for people aiming to customize beyond that. Anything our users make and wish to have added to the public source also needs to be approved and improved on an individual basis. If you're looking to start up a server project which follows the above principles, then rAthena is the project for you. 24 Quote Link to comment Share on other sites More sharing options...
Checkmate Posted August 21, 2013 Group: Members Topic Count: 96 Topics Per Day: 0.02 Content Count: 554 Reputation: 14 Joined: 09/24/12 Last Seen: May 19 Share Posted August 21, 2013 Awesome... ^ ^Keep it up sir... Quote Link to comment Share on other sites More sharing options...
lakasmonk Posted August 22, 2013 Group: Members Topic Count: 33 Topics Per Day: 0.01 Content Count: 231 Reputation: 24 Joined: 12/18/11 Last Seen: Monday at 03:38 PM Share Posted August 22, 2013 This is the reason why i keep learning about everything on RO but it takes time and patience you rA team are my motivation and inspiration thank you for providing us the emulator more power 1 1 Quote Link to comment Share on other sites More sharing options...
kangfredy Posted August 23, 2013 Group: Members Topic Count: 112 Topics Per Day: 0.02 Content Count: 388 Reputation: 4 Joined: 05/01/12 Last Seen: October 25, 2022 Share Posted August 23, 2013 keep spirit sir Quote Link to comment Share on other sites More sharing options...
Talaysen Posted August 23, 2013 Group: Members Topic Count: 27 Topics Per Day: 0.01 Content Count: 161 Reputation: 5 Joined: 02/07/13 Last Seen: March 25, 2016 Share Posted August 23, 2013 My server's goal matches this 100%. No customizations, no deviations from official behavior. If you (the rAthena devs) need a guinea pig server, we (my server/community) are willing to help anywhere possible. 1 Quote Link to comment Share on other sites More sharing options...
TheFinalEpisode Posted August 30, 2013 Group: Members Topic Count: 41 Topics Per Day: 0.01 Content Count: 237 Reputation: 19 Joined: 06/05/13 Last Seen: May 30, 2019 Share Posted August 30, 2013 +1B i like this line: we can close the gap between the official servers and ourselves. Quote Link to comment Share on other sites More sharing options...
anacondaq Posted August 30, 2013 Group: Members Topic Count: 42 Topics Per Day: 0.01 Content Count: 1096 Reputation: 346 Joined: 02/26/12 Last Seen: May 30, 2023 Share Posted August 30, 2013 How about SECURITY? As i see you start apply to much good features for emulator + optimizations. Rathena stable as never. But let's talk about another problem: SECURITY; Can are developers & community start&grow security part? I talking about server-side protection against 3rd party tools & problems: packet-flooding/spam; encrypting packets (like it do hercules with some 2012-13*.exe) Protecting against bots Maby now is the time start to think about this problems together and let's fight with it? What are you can say guys? Quote Link to comment Share on other sites More sharing options...
helvetica Posted August 31, 2013 Group: Members Topic Count: 9 Topics Per Day: 0.00 Content Count: 105 Reputation: 67 Joined: 04/05/13 Last Seen: April 25, 2019 Share Posted August 31, 2013 Bot detection is not within the scope of this project, as every server will have different requirements and tolerances when it comes to anti-bot systems. As for packet flooding/spam, that also depends. A general DDoS protection is impossible, this needs to be handled at the network level. Attacks that involve WPE or other packet crafting to induce undesired or abusive behaviors should definitely be reported and will be handled based on severity. As far as encrypting packets go, I'm not sure where we stand on this. Lighta is our main dev who handles the packet system. Quote Link to comment Share on other sites More sharing options...
anacondaq Posted August 31, 2013 Group: Members Topic Count: 42 Topics Per Day: 0.01 Content Count: 1096 Reputation: 346 Joined: 02/26/12 Last Seen: May 30, 2023 Share Posted August 31, 2013 I do not talk about DDoS. DDoS it's network problem, and #1 problem in internet. Against DDoS many services to solve it. I talking about packet-security, server-side delays, packet encryption by knowed algorythms. I do not talk about client-side protection. Try to understand me please. Quote Link to comment Share on other sites More sharing options...
helvetica Posted August 31, 2013 Group: Members Topic Count: 9 Topics Per Day: 0.00 Content Count: 105 Reputation: 67 Joined: 04/05/13 Last Seen: April 25, 2019 Share Posted August 31, 2013 If there's something that can be exploited from the client side, whether through client bugs/exploits or through crafted packets, that results in undesired or potentially dangerous server-side behavior, then it should be reported and will be handled based on severity. This has nothing to do with securing the client, but whether the server is hardened against input from the client that could lead to abuse. Packet obfuscation is a different story entirely, that's about potentially securing the communication between server and client. I'm not the one that handles the general packet routines so I couldn't tell you where we're at as far as implementing it. I mentioned the quip on DDoS because you mentioned "packet flooding" and I was responding in a general tone that handling such issues is impossible from the server end. There could still be specific denial of service attacks we can and should handle, but when people say "packet flooding" they generally mean distributed denial of service (the extra D) so I wanted to clarify a bit on that. And anti-bot I brought up because that's commonly referenced as part of "server security". I'm not sure how to make this any clearer. If you have any examples of potentially insecurity of any kind and are unsure about other people finding out about it, you can always PM me and I can make sure it gets listed as a private bug so it can't be actively exploited until it gets fixed. If it's something that we can't handle or is better handled outside the scope of this project, then we will let you know. But we will ALWAYS take reports of potential security flaws seriously. Security and stability go hand in hand, you can't have one without the other. A stable server is a secure server. Quote Link to comment Share on other sites More sharing options...
anacondaq Posted August 31, 2013 Group: Members Topic Count: 42 Topics Per Day: 0.01 Content Count: 1096 Reputation: 346 Joined: 02/26/12 Last Seen: May 30, 2023 Share Posted August 31, 2013 We with you have two different "security". I talking about server-side security against 3rd party software. You talking about server-side security against bugs/exploits/duplications etc. Do not teach me please, i am not newbie in security. If my language looks like it 13 years boy, is't it. I just say about next step feature of developing, but you wont to do anything, even understand of i talking about. I hope rAthena community & other developers understand how is important. Quote Link to comment Share on other sites More sharing options...
helvetica Posted August 31, 2013 Group: Members Topic Count: 9 Topics Per Day: 0.00 Content Count: 105 Reputation: 67 Joined: 04/05/13 Last Seen: April 25, 2019 Share Posted August 31, 2013 I'm not referring to just the official Ragnarok Online client when I say client. A client is anything that communicates to the server that isn't another server. A client can be anything from a legitimate player on an official client, a bot created to emulate a player, someone using WPE to craft packets, or someone simply sending garbage to the server on the ports it listens on. It doesn't matter what generates the packets or where they come from, what matters is how the server handles it. If the server can be induced to produce undesired behavior, whether that's something in game like bypassing restrictions or manipulating the server state, or something more severe like being able to crash the server or break out of the server and run arbitrary code, it needs to be fixed and we will put any and all resources into fixing it. The server must be able to handle legitimate input as well as be able to handle illegitimate input gracefully. When the latter doesn't occur is when potential security flaws occur. It doesn't matter how the input was generated or how it gets there. Quote Link to comment Share on other sites More sharing options...
Lighta Posted September 1, 2013 Group: Members Topic Count: 16 Topics Per Day: 0.00 Content Count: 737 Reputation: 216 Joined: 11/29/11 Last Seen: December 20, 2020 Share Posted September 1, 2013 keep it cool guys. So ya I do not believe is rA role to secure client side. Or at least not now. This may evolve as we standing on supporting only few client so we could build on it but it look more like a side project. Like helvetica said, whenever is a legitimate client, or simply a telnet you could still send a shitload packets to server to rnu arbytrary code or whatever, this is far more important imo then encrypt packets. Encrypt make it a little harder to edit and also cause they attach some id/time on it prevent to redo the action. So that help that player don't cheat IG but doesn't really increase security imo. To fix this I think we should work on fixing/review Wconversion branch in priority. Now how we stand on this. We could improve flushing some invalid data and add some tick check to prevent doing same action too fast. If you using a non legitimate client you wont have a valid session recorded on serv and will be flushed really fast so it's "better" to enter and send a big chunk after. Now for encryption is very simple to merge most of it, only issue is do we want to support many key at once ? Cause we currently support multiple-client at once (partially working, incoming 100% outgoing 60%), we would need to attach a key to each version, just like we attach a date anyway. 1 Quote Link to comment Share on other sites More sharing options...
chatterboy Posted September 6, 2013 Group: Members Topic Count: 8 Topics Per Day: 0.00 Content Count: 308 Reputation: 24 Joined: 11/26/12 Last Seen: August 17 Share Posted September 6, 2013 Dont argue if you know how then help. If not well just proud coz rathena is free wohooooo.... Nice work guyz!!! 1 Quote Link to comment Share on other sites More sharing options...
Azura Skyy Posted September 8, 2013 Group: Members Topic Count: 49 Topics Per Day: 0.01 Content Count: 545 Reputation: 220 Joined: 03/01/13 Last Seen: January 2, 2023 Share Posted September 8, 2013 Maybe I am ignorant, but I don't understand the bit about closing the gap between rAthena and Gravity official...We are talking about the emulator itself of course, right? What do you think could be fixed or changed to close that gap? It seems to me that any gaps in feel between Gravity and privately run are in the hands of the Administrators behind each server.I think the gap varies based on community interest too. PvP oriented servers aren't going to play like Gravity Official. Certain servers remove any sort of leveling or don't look into balancing enough (maybe they do, but they fail to balance as they increase the level/stat caps).Am I totally off base? If you meant something other than 'the feel,' please let me know.~Azura Skyy Quote Link to comment Share on other sites More sharing options...
Emistry Posted September 8, 2013 Group: Forum Moderator Topic Count: 93 Topics Per Day: 0.02 Content Count: 10015 Reputation: 2355 Joined: 10/28/11 Last Seen: Tuesday at 11:50 AM Share Posted September 8, 2013 the emulator isnt build to follow what other private server wanted to be ..... but following what the kRO have ... all the contents should be the same with kRO as many as possible ... the issue for balancing a server for other private ....most of the time it's their server problem ... rAthena will just adjust or implement everything based on kRO ..and not other private server ... rAthena main aim for following the same contents of kRO. Quote Link to comment Share on other sites More sharing options...
helvetica Posted September 8, 2013 Group: Members Topic Count: 9 Topics Per Day: 0.00 Content Count: 105 Reputation: 67 Joined: 04/05/13 Last Seen: April 25, 2019 Share Posted September 8, 2013 Maybe I am ignorant, but I don't understand the bit about closing the gap between rAthena and Gravity official... We are talking about the emulator itself of course, right? What do you think could be fixed or changed to close that gap? It seems to me that any gaps in feel between Gravity and privately run are in the hands of the Administrators behind each server. I think the gap varies based on community interest too. PvP oriented servers aren't going to play like Gravity Official. Certain servers remove any sort of leveling or don't look into balancing enough (maybe they do, but they fail to balance as they increase the level/stat caps). Am I totally off base? If you meant something other than 'the feel,' please let me know. ~Azura Skyy No you're right, the inevitable final product is wholly based on how the administration wants to run it. What our goal is here is that out of the box, our server should be a drop in replacement for Gravity's official servers. If you just pull from GIT and compile and load up the game you should get a 100% point for point accurate recreation of Ragnarok Online. And since this is a open source project, you are free to make modifications and extend it beyond the original gameplay Gravity envisioned, or maybe you just don't like Gravity did some things. That's totally up to you! As far as we the core developers are concerned though, our goal is lock-step emulation with the official servers. Anything custom beyond that is for the community to provide. We provide the base product for everyone to build the game they wish to play. Quote Link to comment Share on other sites More sharing options...
wall_cf Posted September 9, 2013 Group: Members Topic Count: 2 Topics Per Day: 0.00 Content Count: 19 Reputation: 0 Joined: 08/27/13 Last Seen: December 13, 2015 Share Posted September 9, 2013 (edited) I think that the db paste should be update, because monsters like bakonawa and bangungot are with its items outdated. Edited September 9, 2013 by wall_cf Quote Link to comment Share on other sites More sharing options...
Boom Posted October 17, 2013 Group: Members Topic Count: 21 Topics Per Day: 0.00 Content Count: 182 Reputation: 22 Joined: 12/30/12 Last Seen: February 20, 2017 Share Posted October 17, 2013 StabilityWhile we continue to fix bugs and add additional new content, it is extremely important that we remain focused on creating a project you can rely on to manage itself while you are away from your server. We want you to feel comfortable walking away knowing that you won't come back to a downed server This sets rAthena apart from any other out there. Stable and reliable. For what I'm seeing is, every update is really tested before implementing it. Updates might be a bit slow at some point but when the updates are out, it sure is gonna work reliably. Cheers to rAthena's great developers and community. /no1 Quote Link to comment Share on other sites More sharing options...
KaitoKid Posted October 28, 2013 Group: Members Topic Count: 9 Topics Per Day: 0.00 Content Count: 268 Reputation: 27 Joined: 12/06/11 Last Seen: March 13, 2015 Share Posted October 28, 2013 thumbs up! Quote Link to comment Share on other sites More sharing options...
joelolopez Posted October 28, 2013 Group: Members Topic Count: 154 Topics Per Day: 0.03 Content Count: 493 Reputation: 46 Joined: 01/24/12 Last Seen: August 25, 2022 Share Posted October 28, 2013 keep it up rathena!!! because of this ill be having my own release of my works for free soon!!! Quote Link to comment Share on other sites More sharing options...
Sharpienero Posted October 29, 2013 Group: Members Topic Count: 32 Topics Per Day: 0.01 Content Count: 386 Reputation: 28 Joined: 01/16/12 Last Seen: January 6, 2023 Share Posted October 29, 2013 Thanks a ton for this post, I'm happy to see the community moving forward as a whole. Quote Link to comment Share on other sites More sharing options...
Zeiyan Posted November 1, 2013 Group: Members Topic Count: 49 Topics Per Day: 0.01 Content Count: 275 Reputation: 23 Joined: 01/06/13 Last Seen: September 1 Share Posted November 1, 2013 Thanks a ton for this post, I'm happy to see the community moving forward as a whole. Hello mr Sharpienero! Your youtube videos helped me a lot when i was starting my server! 1 Quote Link to comment Share on other sites More sharing options...
Cydh Posted November 11, 2013 Group: Developer Topic Count: 153 Topics Per Day: 0.03 Content Count: 2285 Reputation: 746 Joined: 06/16/12 Last Seen: June 10 Share Posted November 11, 2013 rAthena Goals crash always XDDDDDcrash? Quote Link to comment Share on other sites More sharing options...
joelolopez Posted November 11, 2013 Group: Members Topic Count: 154 Topics Per Day: 0.03 Content Count: 493 Reputation: 46 Joined: 01/24/12 Last Seen: August 25, 2022 Share Posted November 11, 2013 rAthena Goals crash always XDDDDD instead of making unproductive criticsm, i recommend you to file a bug report on the bug tracker section regarding your issues in rathena.. 5 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.