Finding Network-based Exploits

Finding Network-based Exploits

on |

Recently, I had an email conversation with a Gears of War fan about the differences in networking quality between each of the three games in the series. One thing that we can point to in terms of increasing the quality of the networking experience is our use of the Unreal Engine’s built in network simulation features. With those features, we could test both cooperative and competitive multiplayer under a series of different network quality scenarios. The goal was to make sure the game could provide as good an experience as possible under adverse conditions and to find network related exploits in our QA lab before release instead of reacting to them as the community found them post release.

Here are the settings that we have available in the engine:

Setting

Description

PktLag

Delays the sending of a packet by the amount of time specified in milliseconds

PktLagVariance

Provides some randomness to the amount of time a packet is delayed, +/- the amount specified in milliseconds

PktLoss

Specifies a percentage chance of an outbound packet being discarded to simulate packet loss

PktDup

Specifies a percentage chance to send a duplicate packet

PktOrder

Sends packets out of order when enabled (1 = enabled, 0 = disabled)

There are three ways to configure these settings: commandline arguments, in game exec in the console, and via the engine INI file. From the commandline, specify the setting using:

<SettingName>=<Value>

From the console, use:

Net <SettingName>=<Value>

To set these via your DefaultEngine.ini file, add the following section to your INI and change the values to the ones you want tested:

[PacketSimulationSettings]

PktLag=0

PktLagVariance=0

PktLoss=0

PktOrder=0

PktDup=0

During the development of Gears of War 3, we made the simulation settings part of our daily builds, so that each LAN-based playtest had real-world network conditions. We also used extreme settings (500 round trip ping, 10+% packet loss, etc.) for programmer only cooperative and competitive playtests. These tests were not to play the game for enjoyment, but to find bugs and exploits that would only show up in the harshest of conditions. Even if you think those conditions might not occur naturally, it’s best to test for them to prevent cheaters from using network tampering to execute exploits.

Your community will find and share any network exploits for you, but it is much better to be proactive instead of reactive for these types of issues. Your PR and Community Management teams will thank you.

Happy exploit hunting!

Comments

!

Previous Next
  • Edit
  • Preview
  • Help
Enter
Please login to place a comment
X Report this Comment
Report
X Attention


close
X Edit this Comment
  • Edit
  • Preview
  • Help
Update
X Remove this Comment

Are you sure you want to remove this comment?

Remove
X Attention