Welcome
Download
Accounts
ScreenShots
Appendix



   appendix

 cheating

 security

 code of conduct
 stock ships
 races

 faq

 site map

 credits



Contact Us




Security

Since the May 2003 attack on the Shadowbane servers at UBISoft, many people have asked us about security.

Security is the single most important part of the game. People are often surprised at how seriously we take security. Why are they surprised? We don't know... after all, who wants to play an online game if hackers can simply have their way with you in the game.

Obviously we can't discuss all our security measures, and we will not reveal specific hardware, software, or third party security companies we work with. But our security measures do include the following:

  • Dumb ClientThe client is never given information not intended for the player's use. If there's cloaked ship behind you which you can't see, the client software isn't told. trainers, packet sniffers, and memory hacks won't be a help to cheaters. The client is literally an interface for the server, nothing more.
  • Server Side Logic: The game client also has no logic on it. How many weapons you have, your ships abilities and power are all stored server side. Cloaking, skill calculations, weapon hits and so on are all done server side.
  • Legal Remedies: When you buy a game off the shelf, like Shadowbane or Ultima Online, legally you own that copy of the software. Legally you can reverse engineer it, modify it, or distribute information about it. However our client is not sold. We rent our client, like a cable box or credit card. This makes any decompilation, even for information purposes only, illegal. We prosecute any case of decompilation or decimination of server information.
  • Hardware Firewalls: Every computer on our network is connected to an independent, state of the art firewall with virus protection and logging.
  • Independent Software Firewalls: In addition to the hardware firewalls, our servers all have software firewalls running on the OS.
  • Hacker ID Program: An extensive contract with a major internet security firm for the tracing, identifying and reporting of hack attempts.
  • No Cheat Codes: Many games use cheat codes for testing which are (in theory) removed for the commercial release. We have alternate testing methods, and have never programmed in a single cheat code.
  • No God Clients: Often "God clients" are used by developers to modify a game. To prevent the accidental release of a God client, or the hacking of a standard client to god mode, no god clients were ever created or enabled. Even the administrators use the same clients as players.
  • Stripped OS: The OS on each server computer is stripped of all non-essential services, and updated daily with any and all security updates.
  • Isolated Database and Servers: The database, and most of the server machines, can not be reached from the internet, and reside solely on stand-alone systems. Only the primary login server can be accessed from the internet.
  • Full Password Protections: All passwords for all systems, from administrative accounts to mail and maintenance programs, have 8+ digit passwords with non-alphanumeric characters.
  • DoS Countermeasures: Systems to detect, trace, and report Denial of Service attacks.




All contents copyright ©2001-2007 Aepox Games.