I feel like I need to clear some things up here. While "hacking" in the minecraft sense is not typical of that used in the computing industry. It is just a term used to illustrate what can only be described as script kiddies using downloaded client side mods to intentionally act maliciously against a server and/or its community. While I have had multiple attempts at "real hacking" against my server network none of which have being successful, I still think that the term can be used to describe what is going on in the minecraft community.
Additionally some people seem to think that NoCheatPlus, which I use on every server on my network, is automatically banning players. This is not the case. Depending on toe configuration NoCheatPlus can only be used to prevent hacks and notify the moderation team in real time or in a log format on anything it detects. For my case I have real-time notifications to the mod team disabled as I find it to be a pain for all of the false positives that always crop up in the fast action PVP scenario that my servers run where 100+ people are simultaneously engaging in combat. Naturally some of these will be false positives, we only ban on my server with proof of the user actually using hacked clients, not just by what the NoCheat plugin says.
I think its only morally correct of moderators to only ban someone from first hand evidence rather than rely on an Artificial Intelligence to detect the hack that people use.
But back to the issue here. A lot of the recent surge in bans, on my network at least, have being flying or walking speed modifiers. Something that really should be relatively simple to detect on the server side. While I have witnessed first hand people blatantly flying and using fly speed mods with enable-flight: false in my server properties combined with the NoCheat software. I am, to be honest, shocked that they are not being detected automatically and adding to the logs.
I am leaning towards the idea of some "new" kind of client side hacks have become available that somehow bypass the preventions in place both in vanilla minecraft and with 3rd party plugins. What exactly this is, or how it works, i'm not too sure. Being very familiar with the minecraft network protocol I know that its possible for a client to send relative movement packets over absolute to save bandwidth to the server that is relayed directly to clients that mimic a player flying, maybe somehow bypassing the detection system? My thoughts are purely speculations at this point but there is logic and some facts behind them and cannot be tested without producing some hacked client of my own, which I am not willing to spend the time on.
That being said it could just be the possibility of the recent wave of kids leaving school for the summer. But then why would that suddenly allow the bypass of the vanilla no fly system which warps the player back to the ground as soon as unusual activity is detected.
Anyway, those are my thoughts, and I appreciate if anyone has any insight into this issue.
ps. don't confuse double jumping with flying. Its not possible for the hacked clients to exploit the double jump that some servers have to their advantage. Or not the well coded ones anyway with absolute and not relative velocity changes.
Thanks,
/RawTech
-RawTech Network
