Country on "who" / Should player ip be hidden?

[Avion]

I see no reason why the IP shouldn't be visible to players - there is no security issues behind that point.

I think that there could be security issues - player information such as IP should be only available for the server admin to restrict access to the application in the case of abuse.
A player or even a DM with a grudge can use an IP to make trouble for another player (or more likely the other player's ISP). I also just think it is just good policy not to make this type of information available to other users in a shared application.

[dark.schneider]

I see no reason why the IP shouldn't be visible to players - there is no security issues behind that point.

Besides that, I'm against something displaying your country, either. If you want to know that, just ask the player. We shouldn't start promoting such nationalist aspects into Crossfire - it doesn't bring anything to the gaming fun, and has nothing to do with gameplay.

I deeply agree with you here.
Ip isn't a security reason really, maybe for windows users it is. But that's a OS flaw not ip related, so I still agree to have pubblic ip, but no, no country!

SuMo: Your "pubblic ip fear" come from your insecure os philosopy, better you forgot about that.
lol! Imagine if the internet was run by your OS where if someone knows your ip (and he must know to make anything with you) you must fear dor a DoS. LOL
Be realistic, Wintendo can't win in the long run.

About the play aspect I agree that diplaying country don't bring anything good and maybe only a bad and stupid nationalism...
and france ppl know what I'm talking about

[Avion]

Security is not an OS issue, unix type systems are more secure by design, but this does not make them *secure*. Security is more about good practices. The average 'nix system would probably stand up a bit longer to a directed attack than the average windows system, but both would not stand up to a directed attack for long.
I would say a large proportion of linux users do not have secure systems, they may be more vunerable than careful windows users who maintain good security since they assume they do have secure systems and do nothing. How many linux users have a good firewall? - probably not enough...
I am sure the BSD people would scoff at the average linux user the same way you are scoffing at the windows people. Ironically, you would each be doing nothing to help the problem.
Perhaps you have hardened your system for deal with DOS and other annoying attacks (not to mention people using your IP to narrow down your physical identity), but has your ISP? Do they appreciate having to deal with the spazz (and his spazz buddies) you ticked off in the game who is now shitting all over their block of addresses?
The best security policy is not to provide access to any informataion that isn't required to anyone who does not need to know it, and to try to extend that good security policy to all your users through information (like don't give out your passwords people..., here is a security issue we have identified..).

Whatever OS players use, crossfire is a game and most people just want to play it. They should not have to wear a condom and pray they dont get screwed.

[dark.schneider]

Avion i agree with you about the BSD->Linux->Win security order, and yes for sure you can switch the order by comparing a very carefuly cured system with an avarage one from anotother system.
As you state nothing is secure, but say that security is the reciprocal of the number of users that can violate your system.
With this realistic definition of security you can easy say that you hadrly switch the order of them, becase for sure, windows is an order of magnitude more insecure.
ISP security is not an issure since you cannot fix it.

The approach of basing security on information denial is very inefficent as open source is demoustering in those current days.
Stupidity is another great issure, but persoanly proposeing a solution to it will just place me in the group.

[Avion]

The approach of basing security on information denial is very inefficent as open source is demoustering in those current days.

Not true, that is a totally different thing altogether and a misrepresentation of the meaning of open source.
Withholding a users IP from other users is not information denial, it is privacy protection - other players have no business knowing your IP just like they have no business knowing your phone number or real name if you choose not to divulge it. Freely available source code has nothing to do with this.
A server admin might personally choose to run a game server and expose the personal information of players to other players or DMs with features or scripts or such - that is not disputed and it is the choice of the server admin, but I do not think that this sort of personal information exposure should be default behaviour (or even optional behaviour) in Crossfire. It should be confined to the server logs. It is in my opinion, a bad design decision to allow this sort of information to be automatically exposed to either the DMs or the other players.
If a server admin were to expose this sort of information about players I would hope that a disclaimer to this effect was clearly posted for the users that this was the practice. I would be willing to bet that there could be legal repurcussions to not doing this in certain jurisdictions...

ISP security is not an issure since you cannot fix it.

Well I cannot guarentee your security walking down the street either but this does not give me personally the right to drive on the sidewalk. Good behaviour is everyone's obligation on the internet and I think handing out other peoples IPs is not good behaviour. Also ISPs can take actions against both their users and other users on other ISPs and although it is unlikely a game server admin could get into direct trouble over an incident between two players, there have been, I believe, games which lost a lot of respect/ and players over such incidents.

Anyway this has gotten way to heavy. I am such a troll magnet aren't I...

[Leaf]

It is in my opinion, a bad design decision to allow this sort of information to be automatically exposed to either the DMs or the other players.

Making player IP addresses readily available to other players - yes, that is some cause for concern.

But, I think player IP addresses need to be viewable for DM's for rule enforcement reasons.

[Avion]

But, I think player IP addresses need to be viewable for DM's for rule enforcement reasons.

It may be, but I would say that that should be hammered out as a specific server practice (along with ftp access or other house admin/Dm type roles and scripts.) and not hardwired into the game code. DM's can't even read the logs by default which is good IMHO, but it is likely you might give *some* DMs FTP or shell access on a crossfire server...
I am not saying DM's shouldn't ever see user IPs, just that that functionality should not be in the game automatically.

On that topic, it would be nice having a forum somewhere for server admins to post scripts and techniques and recommendations for running a server (from securing shell access for your DMs to hammering out good server rules to post.). The admin mailing list comes to mind - although it is pretty barren.

[hoxu]

Dms don't need to see ips of the players if they can ban them without seeing their ip.. right?

Suggestion: new command banip [player]

[Avion]

Ya, Dm's should still be able to kick players, no disputing that - but they don't really need access to IPs except if there are more serious problems (then either they contact the server admin or another DM with a shell account. Currently there is no ban command for DMs to use (another issue in itself - should DM's be allowed to ban player - maybe a temporary (1 hour?) lockout of a player and their IP?), but if there were, the command could ban an IP without the DM having to know the IP.
Anyway, as mentioned (maybe elsewhere...) blocking IPs isn't a great way to ban players anyway since most people have dynamic IP's (although for most cases I'd think a temporary lockout would be ok - they would have to reconnect to their ISP to get a new IP - that would cool them off a bit...). Most of the IP's you are going to be banning/blocking are not going to be players anyway, they'll be direct hits on the server or the game port from people not even playing crossfire. Anyway if there is a need to ban a player you can have a command that suspends the player *and* their IP.

[achost]

another issue in itself - should DM's be allowed to ban player - maybe a temporary (1 hour?) lockout of a player and their IP?

I think a temporary IP lockout would be useless, and for a temporary player lockout, just use the goal.