Question: is it possible for a player to lag another player?

[craij]

I know AG and Dyn says no, but the answer is yes. You can get all client IPs from the console. I do not remember what the command is tho.

Trip, do you have time to test this? To see if you can grab client IPs from console?

I just have a hard time believing that one would not be able to retrieve client IPs.

[AG]

why?

[SD]

You cant see connected clients IP's from the console unless you have admin access. Which as dyn mentioned, is password reliant. He also told you the command is /rcon status
Which it is.
Try /rcon status in the console, see what happens.

[dyn]

Craij, smart choice to ask someone who is spreading FUD to test it, hehe.

Again, there is SOURCE CODE available for both, original Q3 and ioquake3. If you have any doubts and security concerns then feel free to email id Software directly and ioquake3 team. Security hole like that would be patched right away, and i am sure many developers and other people would talk about it.

And finally, you can check all console commands and source code for yourself, because maybe this is some evil conspiracy and you can't trust us, since we may be involved. Asking AG to reveal our secrets is useless. You really can't trust no one! Perhaps even id Software is on our side, and will provide you with false information, if you really contact them.

[craij]

why?

well, not that i don't believe you, but i don't believe you

[AG]

hey, like dyn said -- you can check the code yourself.

[Tripredacus]

Well i'm not spreading this "FUD" you speak of. I remember being able to do it but it may have been in a version previous to final. I have never had rcon access to a server before, except my old dedicated which obvious is totally different.

Then again, I can't even get online with Q3 to test anyways so it makes no difference. I might be able to get online with my Win98 PC which I just rebuilt today. I may try it sometime but currently it has no internet access.

[dyn]

Well maybe it was some beta version, so we are all right. It surely doesn't work for 1.32 and 1.2x. There may be something else which permits that, maybe you got config with rcon password in it, or maybe some mod allowed extended access. While this may be true, it is not good to tell people someone can just see their ip, because that's not true.

If this was possible you can be sure a lot of people would talk about it, and id Software or Activision would fix it immediately, even when they don't care about the game anymore. Good example is 1.32c patch, released 4 years after 1.32b, addressing only one security issue and nothing else, despite all the other bug reports.

Also, you can contact id Software directly. They still are answering to questions about Q3, but only if they are about something important, which security surely is. Alternatively you can try reinstalling your OS and Q3 and test it one more time.

[AG]

i can get on the internet and get to this forum but still have absolutely nothing to back up my claims regarding q3 hackability...

i think it's safe to say this myth is busted.

...uuuuuhhhhh maybe it was an old version uuuuuuuuuuhhhhhhhhh.... lolz.

again the source is available, so plz come back with proof.

[dyn]

I mentioned old version, because there was some beta/test for QW where you could actually see player IPs on the scoreboard. AFAIK there is no source available, it was QW 1.05 or something like that. 1.2x-1.3x, 1.50 and 1.64 didn't have that anymore, server code and client-server design was changed. Early QW versions reported all scores/stats to global stats server, but later this idea was abandoned. Now they re-realized it with QuakeLive, which failed already.

Then there was something around Quake 2 and player ips, which was quickly patched. But i never heard of any ip-revealing exploit in Q3, from 1.05 Q3Test on.

[inspectorjimb]

However - there IS such a thing as artificial lag - sometimes referred to as a lag-bot. It's where a player deliberately (by whatever means) lags his connection, purpose being it makes them VERY hard to hit, I had some demos of a player who I banned for it, if I still have them I will post them here for you to have a look.

What's the best way to demo someone using artificial lag? There is someone on named camel using it right now and I was trying to make a demo of it but then I realized it's hard to demo someone using it. If you are specing through their perspective all you see is a very laggy connection. If you are specing through someone else or through a general map view it's often hard to see the person in question, but from this view you can show that everyone else in the map is flowing very fluently vs the person with the artifical lag.

[SD]

Personally Jimb, when I want to record an artificial lag demo, I do both. Spec and follow the player in question, and also float in the map and try to keep up with them, you should see them disappearing/reappearing and skitting around the place. It's also good to get the players ping in the demo (drop console and use /serverstatus )
Sometimes it's genuine lag for a genuine reason, but then you have to ask your self why would they even want to play with a connection like that. Deliberate lag is not tolerated, it's unfair not to mention infuriating for other players. Keep us posted.

[AG]

However - there IS such a thing as artificial lag - sometimes referred to as a lag-bot. It's where a player deliberately (by whatever means) lags his connection, purpose being it makes them VERY hard to hit, I had some demos of a player who I banned for it, if I still have them I will post them here for you to have a look.

What's the best way to demo someone using artificial lag? There is someone on named camel using it right now and I was trying to make a demo of it but then I realized it's hard to demo someone using it. If you are specing through their perspective all you see is a very laggy connection. If you are specing through someone else or through a general map view it's often hard to see the person in question, but from this view you can show that everyone else in the map is flowing very fluently vs the person with the artifical lag.

it can be tricky. sometimes it's hard to tell if it's network problems of your own, the other player, or true artificial lag. i look for a few things:

- consistent flickering
- the player's ping
- see how well they are playing
- spec them and watch the lagometer
- demo them then watch back and check for the same consistent flickering

[craij]

I would think the best demo would be to record yourself chasing him 'in play'. As best you can of course.