Techno_Master
BBattleMetrics
•Created by Techno_Master on 12/29/2023 in #support-forum
Concealing address for security?
Are there any plans or thoughts to enhance security by concealing server IPs and ports, perhaps utilizing the Steam Connect protocol (steam://run/APP_ID//+connect SERVER_IP:SERVER_GAME_PORT) or implementing a validation mechanism before disclosing the IPs?
While displaying IPs is essential for players to join, it also presents a vulnerability for malicious attacks.
For example, other servers aiming to climb in rankings could launch network attacks against other servers ranked above them.
I have a low rank server, a high rank server, and a server not listed on the BM. Interestingly, neither the low-rank nor the server not in BM experienced any malicious attacks, while the higher-ranking server consistently encountered malicious network attacks.
And another example is that players could easily target both main and query ports for malicious network attacks dealing double damage. In some games, query ports are not revealed straightforwardly to the user unless they try to debug and find it. So revealing these information outright may invite malicious users to exploit these vulnerabilities.
8 replies