• There is NO official Otland's Discord server and NO official Otland's server list. The Otland's Staff does not manage any Discord server or server list. Moderators or administrator of any Discord server or server lists have NO connection to the Otland's Staff. Do not get scammed!

How Good Is Security?

nik321

nik321

New Member
Joined
Nov 2, 2008
Messages
33
Reaction score
0
So I am just wondering for experienced people who have used both Gesior and ZNote (I believe Gesior is the most popular as it seems to be the one everyone is using on the top servers of otservlist)

How good are they actually at implementing their own security?

I the way it all works is it is a website hosted on the same PC as the server (which is why the IP works both for the game client and the website)

And the website talks directly to the database... The website is more like a face for the Database?

So I was just wondering if anybody knew how secure they actually are?
 
While I am no security expert, my repository is actively in development, and security issues are patched quickly after they are identified.
GitHub - Znote/ZnoteAAC: Developement repository for the Znote AAC project. A website portal to represent and manage your Open Tibia server.

I am also active here on Otland, and I like to support people who wish to get started or need help with Znote AAC.

A few servers running Znote AAC right now:
Loveria.net
ArchLight Online
mtibia
Zoltyum
Tibia Canob
Classictibia

And yes, the website heavily communicates with the database. Inserts and loads data for account creation, character creation, highscore loading and much more.
It is commonly run on the same host machine as the OT server, although this is not required.
Another thing you can do, is to have login server and web server on the same IP, but run the game server on a separate host machine.
 
Last edited:
Znote is more secure, gesior has more layouts addons/extensions thats why it is used the most. Not saying gesior is not secure, but znote is more secure. And as Znote stated he is still active so you can still get support for ZnoteAAC directly from the developer, but you get gesior support from the community here.

CastroAAC IMO is going to be more secure than both as it is still in development. It has a lot of features but since it will be a new release you shouldnt expect a lot of layouts etc. It comes with a good default layout and everything an AAC needs. You can check it here, Castro AAC
 
nik321 said:
How good are they actually at implementing their own security?
Click to expand...
You can't "implement security". You can only judge the software by how many security-impacting bugs it had so far, if you assume that's the indication of uncovered bugs.
 
Amiroslo said:
Znote is more secure, gesior has more layouts addons/extensions thats why it is used the most. Not saying gesior is not secure, but znote is more secure. And as Znote stated he is still active so you can still get support for ZnoteAAC directly from the developer, but you get gesior support from the community here.

CastroAAC IMO is going to be more secure than both as it is still in development. It has a lot of features but since it will be a new release you shouldnt expect a lot of layouts etc. It comes with a good default layout and everything an AAC needs. You can check it here, Castro AAC
Click to expand...

No offence to Raggaer but it seems like he releases new AACs every month, havn't checked them out at all but thats what I got atleast.

@Topic
You got 3 diffrent "main" AACs to choose from, Gesior, Znote and DevAAC
Gesior is great if you don't know that much but still want cool things for your website, but pretty much only if you want a layout based or that is the tibiacom layout.
Znote is getting there, seems like more and more is coming out (feels like less and less atm (same goes for all AACs tbh)) but easier to use your own layout (but not a perfect tibiacom without alot of changes(or am I wrong?).
DevAAC seems to (or was? :D) the new cool thing around here, I don't know that much about it but might be nice to try out insted of following everyone else.

In a way this is the wrong place to ask a question like this, we all have our favourites, I prefer Gesior but thats because I have used it since I started here and know alot about the way it works, to me it dosn't matter if an AAC has 1 or 1000 layouts you can download and use right away, but thats a thing you have to count in aswell.

Regarding security, I havn't heard about any major bugs or security issues regarding any of the major AACs named in this thread and if they have had any they got patched once someone found out about it.
But I won't make the same mistake again (Mark... :>) and say that Gesior, Znote or for that matter any AAC is secure, just pick one and hope for the best I guess :D
 
Cheers for your responses guys!! I appreciate every single one. Seems like security is not really the hot topic when building these AAC's but then when they are live, they are not either neglected from their creators to quickly patch them up once bugs are found! Is there an active group or people who bug hunts these AAC's? I mean ZNote your self, you have replied to this post, while also the Forum admin!! That is fantastic! As A job i desperately want to get into Anti-Cheat systems for games and bug hunting and just anything to keep the bad guys out! I am currently on an advanced high technical networking security course. I would love it if maybe I could speak to yourself (Znote) on a personal level and maybe work something out? Maybe help you in further development of your applications? At the same time I love how the OT community is still alive after so many years! Great job guys!!! We will go to the end and die out with honor!
 
WibbenZ said:
No offence to Raggaer but it seems like he releases new AACs every month, havn't checked them out at all but thats what I got atleast.

@Topic
You got 3 diffrent "main" AACs to choose from, Gesior, Znote and DevAAC
Gesior is great if you don't know that much but still want cool things for your website, but pretty much only if you want a layout based or that is the tibiacom layout.
Znote is getting there, seems like more and more is coming out (feels like less and less atm (same goes for all AACs tbh)) but easier to use your own layout (but not a perfect tibiacom without alot of changes(or am I wrong?).
DevAAC seems to (or was? :D) the new cool thing around here, I don't know that much about it but might be nice to try out insted of following everyone else.

In a way this is the wrong place to ask a question like this, we all have our favourites, I prefer Gesior but thats because I have used it since I started here and know alot about the way it works, to me it dosn't matter if an AAC has 1 or 1000 layouts you can download and use right away, but thats a thing you have to count in aswell.

Regarding security, I havn't heard about any major bugs or security issues regarding any of the major AACs named in this thread and if they have had any they got patched once someone found out about it.
But I won't make the same mistake again (Mark... :>) and say that Gesior, Znote or for that matter any AAC is secure, just pick one and hope for the best I guess :D
Click to expand...

I actually released one 2 years ago but got banned over here for the layout =(
 

Similar threads

Leo32
Violent Bot - a Discord Bot for Tibia
Replies
7
Views
2K
iNux
I
N
BLACK - Client protection
Replies
3
Views
620
Erikas Kontenis
Erikas Kontenis
222222
Thoughts on my dual boot setup?
Replies
11
Views
1K
TibiCAM
TibiCAM
J
Miracle 7.4 - A New Nostalgic Experience
4 5 6
Replies
102
Views
6K
presidente
presidente
Back
Top