Dev Tracker - Discussion

Thing is no one's arguing, they just fail to realize CPU is all one big ***post/troll. He mentions Thorny "using buzzwords" then just throws around firewall/router and 1024 conversion. He unironically posts from his fresh sock not to use socks. He says Savael is a Thorny sock even though he and everyone else knows it isn't. Then he posts "the firewall and router protect from bad data" + whatever he said in his last post. It's NCIS double-keyboard hacking interpretation of tech and he's 100% aware of what he's doing.

Nothing is being infiltrated. Sending a packet isn't infiltration. I could send a 1000 "BOOGERS BOOGERS BOOGERS" messages to the server and it wouldn't count as 'infiltration' because it wouldn't do anything. The parser would reject it as invalid and do nothing. If you monitor any kind of network activity on the internet, this type of crap hits everything all the time.

Sending bad protocol data isn't going to allow you access to their backend or intranet, it's just trying to mess with the parser and state maintained by the server. We aren't talking about common vulnerability categories here that allow access to something (e.g. database entries), you are trying to fool the logic of the server by sending crafted/malformed/wwhatever protocol data to the server in an attempt to fool it into giving you whatever item you want. Stopping this at the perimeter does nothing. It also would require considerable effort: You'd have to develop an appliance that can parse these messages, interrogate the server to keep track of state, then report abnormalities, all for what? To avoid generating items and keeping item management server side?

EDIT: I think I'm too dumb to realize I'm being trolled. Oh well.

At least half of his first post was accurate/serious, pretty sure he's just trying to play it off as 'HURF DURF I TROLL U' now because he has no real response to discredit what I said.

So... how about them raising that Master Level cap?

Lmao ok I’m actually in the computer science division of Harvard University but sure, you fooled a couple of people on an internet game forum with your egregious lies. I have no idea what your angle is, but congratulations on your massive troll effort. If I’d have to guess I’d say that you’re involved in RMT and have some self benefit in creating an aura of fear around Square Enix’s efforts. Am I right? Have you ever sold Gil?

lol

I'd trust an RMT critiquing SE's systems more than "a member of the computer science division of Harvard University" who's posting on a gaming site instead of teaching. One's employment is tenured- the other is based upon understanding SE.

Oh- and lie better.

Yeah this convo got really weird.....

Like SPI has absolutely nothing to do with folks messing with client side network data.

And bring it all back to the subject at hand, if SE would send multiple items per packet then it would dramatically increase inventory load times. With a conservative estimate of 1200~1300 bytes to work with, that should be at least a dozen if not two dozen items per shot.

Sorry that I’m smarter than everyone else here. Really appreciative of your support though Seepeeyou.

No problem. I detected your superior intellect from the very beginning.

What the *** did you just *** say about me, you little ***? I’ll have you know I graduated top of my class at Harvard University, and I’ve been involved in numerous big data center projects, and I have over 300 racks behind me right now. I am trained in C++ and I’m the top network engineer in the entire US academic space. You are nothing to me but just another troll. I will argue you the *** out with precision the likes of which has never been seen before on this Earth, mark my *** words. You think you can get away with saying that ***to me over the Internet? Think again, gilseller. As we speak I am contacting my secret network of hackers across the USA and your IP is being traced right now so you better prepare for the storm, maggot. The storm that wipes out the pathetic little thing you call your character. Your account is *** dead, kid. I can be anywhere, anytime, and I can ruin your operation in over seven hundred ways, and that’s just with my java scripts. Not only am I extensively trained in lua, but I have access to the entire arsenal of Microsoft certified coding languages and I will use it to its full extent to wipe your miserable *** off the face of this game, you little ***. If only you could have known what unholy retribution your little “clever” argument was about to bring down upon you, maybe you would have held your *** tongue. But you couldn’t, you didn’t, and now you’re paying the price, you goddamn idiot. I will ***fury all over you and you will drown in it. This is just a matter of ones and zeroes. You’re *** done, kiddo.

I can't believe you spent so much time writing a false novel on the internets. GG sir lol.

The sheer contempt for everyone's intelligence makes this one of the better trolling gambits I've seen in recent years, well done

Veng +20 confirmed (Thanks Mischief for info)
No words about ML level cap raising this month tho.

https://forum.square-enix.com/ffxi/threads/59046-Announcing-the-January-Version-Update

Those Trumps voters and Flat-earther......

So much love and Compassion, Chewing gum and Sun-glasses !

"We’ll be adding more monsters from which players can obtain exemplar points in future version updates"

Pretty much confirmation that ML is staying at 20 for now, which was expected, but also that no new Exemplary Points camps are being added and that's a bit of a disappointment but I guess that won't happen until ML cap is raised I suppose, at this point, in February maybe?

Can't wait to clear all the same NMs agaaaaaaaiiiiiiinnnnnnn

Nyame B Augments for R25 (I think we wont get R30 for now, just R25. This is from Chiaia dat mining)

Feet= Attack+30, Rng. Atk+30, Weapon skill damage+10%,Double Attack+4%
Legs= Attack+30, Rng. Atk+30, Weapon skill damage+11%,Double Attack+5%
Hands= Attack+30, Rng. Atk+30, Weapon skill damage+10%,Double Attack+4%
Body= Attack+30, Rng. Atk+30, Weapon skill damage+12%,Double Attack+5%
Helm= Attack+30, Rng. Atk+30, Weapon skill damage+10%,Double Attack+4%

Pretty much this set will ***on most or all Relic and AF +10% WSD pieces.

Veng 20 will give 704 RP base
Assuming they wont fix anything Amplifier will give +5632 RP with triple fight boost (assuming Doing 4x V20 wont increase boost to x11, in which case it would be +7744)
R25 requires 25150RP, which means you only need 2x V20 win with boosted amplifier to upgrade R20 to R25.
R25 from R0 will require 5x V20 with boosted amplifier.

If HP scales the same, Ongo and Mboze might be a real pain at V20.
It's very possible V20 Bumba might require V20 clears of whole A3.

But they're gonna be harder now!
Giving a purpose to ML20!

Except Mboze where ML20 will hardly make a difference and we're all gonna love that guy thoroughfully, aren't we?!

I dunno why everyone keeps being obsessed with Ongo.
I killed it only twice on V15 (both times were a kill on first attempt).
Now... I reckon maybe we've been insanely lucky with day/resistances without even noticing but we ended the fight both times with almost 5 mins to spare, and our gear is not BiS, well at least not mine (I was on SCH if I recall).

Before we even tried Ongo we were depressed reading all the reports in here with people timing out etc and we were taking for granted that we would've failed too.
So I'm not really sure what's this perception difference between the two attempts in my static and the rest of the world.


I'm more concerned with Mboze, that guy took us countless attempts even on V10...
Need to try the TP-absorb strategy though, we went with the superbuffed DRK or SAM one.

TP denial strat works really well as long as your team is coordinated

Ongo can be killed fast, but part of this fast is because of SP stacking, which is not available for whole fight. You wont be able to keep that pacing for 10+ minutes, especially with higher level Ongo taking even less damage. If HP is anywhere near 50%+ at V20, then it's gonna be really hard and mab down or macc down auras are both 100% failure.

Well I *think* we got a 5 Wild Card on both our attempts, meaning we received another Tabula Rasa and another Bolster.
Was this on both attemtps? On one for sure, can't remember for the other.

We also made keen use of Gambit/Rayke and RandomDeal/WildCard/RandomDeal to maximize the uptime. Also when Rayke was up even the GEO was Magicbursting.
Likewise we also coordinated the use of BoG/EA the same way we did for Rayke/Gambit to maximize the uptime of powered up Luopan.

But... I mean this is pretty "normal" for every party I assume? I don't think we did anything special of that we've been exceptionally good. Furthermore as I mentioned our gear is not BiS, well at least my gear for sure.
The 5 on WildCard is just luck instead, I can see that making a big difference eh



I dunno, in the end we've only fought Ongo V15 twice so I've been honest in my premise saying I haven't really spammed the guy. But at the same time I can't deny all of us were pretty surprised because we were expecting to fail (timeout) at least a couple of times whereas that didn't happen at all.

In my experience, the biggest bottleneck on Ongo is SCH strats if you're not going the RNG/COR skillchain route. For our group, getting a Tabula reset was 100% necessary to get a win.

I was running low on Strats for sure but if you make sure to have your strats fully used before the COR uses Random Deal, you're gonna be good I think.
From start of the fight til you run out of strats > Random Deal > go until you run out of strats again > Tabula Rasa > once TR is over use all strats 'til you run out > WC > will reset strats, hopefully Tabula Rasa too > use strats til you run out > Random deal again (will be up from WC) >

That's a lot of strats and like 10+ mins of fight and it's usually over by then.
Make sure the COR is in range of the RUN too and make sure his Gambit/Rayke are on CD before the COR uses Random Deal or WC.


One tip I can give the RUN is to make sure Gambit and Rayke are used right before the SC closes and not before the SC starts. That usually helps you get at least 1 more round of nukes with Gambit/Rayke up, they do make a lot of difference in my limited experience.

I've heard other people used COR+SCH to make skillchains sometimes. That saves the SCH one strat to create one SC, it's good I suppose. Other people went for multistep SCs (they furtherly increase the MB damage bonus and, possibly, the inherent macc bonus granted by Magic Bursting)

Ongo is about managing Subtle Sorcery / Rayke resets and using RUN / COR to lengthen the SC, which reduces strat consumption rate.

100% agree

Any opinions about the setup with RNG and COR doing a multi-step SC instead of relying on SCH?

We've found that a hybrid of the two works even better.

SCH makes Gravitation -> Steel Cyclone (RUN) -> Wild Fire (COR) gets you three SC's to burst on. With a SCH's super Regen the RUN really doesn't take any damage. This would be an "easy" fight if it wasn't for Ongo's crazy resist tiers that has every nuke doing 1/4 to 1/2 damage, effectively doubling or quadrupling it's HP.

The only thing we haven't gotten around to testing is Requiescat damage, would be interesting to see if it's reduced or not.

Nope.

Routers are Layer 2 and Layer 3, they are not usually even able to tell what data is inside the packet.

Routers cannot tell the difference between an inventory packet, or an SSH packet from an SE dev logging into the server to check things.

Only thing the router layer has access to is stuff pulled out from the Layer 2 and Layer 3 of the TCP/UDP packets (and of course the data from the other types of payloads like Ping, DHCP, etc)

Which is just IP and the request payload. I don't think for TCP it even has access to headers yet (Thats layer 4 IIRC? Its been awhile since my networking classes)

Look up the OSI model layers for more info.

As for what your firewall can access, that entirely depends on your type of firewall, but firewall's jobs have **nothing** to do with data integrity (thats a total different layer)

Firewalls handle Authorization, so things like "Is this IP address allowed to access this data" and whatnot.

For example, if you want to prevent SSH access to your server except for only IPs on the same local subnet, **that** would be a firewall.

Firewalls at the machine layer handle blocking ports, and you can granularily control things like "UDP packets, on this port, from this IP range" as an example.

IE in my above example, you may do something like "TCP, Port 22, 192.168.0.*" would be a simple "SSH over local subnet" rule.

Handling of tracking duplicated items and whatnot in game?

Thats at the application layer and has nothing to do with firewalls. We are several layers past the firewall now.

We have gone through:

- Physical Layer
- Routing layer
- Load Balancing
- Subnet
- UDP
- Firewall
- Session/Ports
- Reverse proxy if applicable
- Encryption

And have finally arrived at the destination layer, the Application (So in SE's case, their server instance which hopefully is running on some kind of load balanced docker image swarm dealio, but I have zero clue what's popular in Japan, only what people usually do over here in NA, and over here it would usually for such a large scale operation be some kind of Kubernetes balanced setup, maybe cloud 3rd party, maybe local bare metal)

Now at the item duplication layer all of that is likely handled by the database itself automatically via a unique key lookup, so you simply just cannot have two entries with the same key, DB won't allow it, and trying to do so would just delete the first entry.

If not that, then they have some form of automation that can scan as a tool for hits.

And of course logging to track for such events so whenever SE sees a spike of item dupes they can track when and where it happened to quickly isolate the problem space (which usually is followed by them shutting the area down and performing emergency maint)

"Item Dupe" also is ambiguous, there are forms of item duping in the past that technically created a new totally unique item, which would not have technically been an item dupe (server side), it would have truly seen them as two totally separate items.

In such a case, there is no easy way to detect that really. Only solution is having a system that tracks total items in and out and if you notice a sudden uncharacteristic jump up in item supply, that would be a red flag.

Throw some ML predictive searching on there if you really wanna get fancy schmancy (though usually not necessary, but the entry barrier is getting lower and lower every month as ML tools from cloud providers get more and more accessible and cheaper)

Anywho, the concept of "A firewall preventing item dupes in a video game" is a clear demonstration of "I know the words but I have literally no idea wtf I am talking about"