Harmony

Ragnarok Online Security Solution

Frequently Asked Questions





Answers

Licensing

I want to use Harmony for multiple sub-servers!

Harmony licensing works IP-based, so sub-servers on the same IP address will work out of the box.
Additional IP slots are available for $10 each and can be purchased directly from the customer panel.

How do I receive updates?

As an owner of a Harmony lifetime license you are eligible for free updates. Most small changes are incorporated into the main branch and will automatically be included when requesting a new package.
Version changes (3.3 -> 3.4 for example) can be initiated on the customer panel as soon as a new version is available. These version changes also don't impose any additional fees.

How long do I have to wait before I receive my license?

Within 24 hours guaranteed. Usually between 20 minutes and twelve hours.

How much does a Harmony license cost?

A lifetime license is available for $200.

What is included in the license?

IP changes, client changes and updates are included. Technical support and setup hands-on are provided on a fair use basis.

How do I purchase Harmony?

Simply send a contact request including your server name, contact name and email address and possible follow-up questions. You will then receive a licensing offer via mail and can complete the purchase via PayPal.
The license credentials are automatically sent to your email address as soon as the payment is done.
Western Union payments are manually processed as soon as the payment is received.

Which payment options are available?

PayPal, Webmoney and Western Union. In the European Union also bank transfer.
Other payment options might be available on request.

Return to top

Server Setup

Is my server software supported?

Harmony supports eAthena, rAthena, Hercules, 3ceam, eAmod, Judas' SVN, brAthena and Cronus in all recent versions. Windows, Linux and BSD are supported in 32 and 64 bit mode.
Manual server support for recent server versions (i.e. revisions less than 14 months old) is included in all licenses, even with custom source edits.

How do I install Harmony on my server?

Harmony consists of small source patch files (unified diff format) and several new source files.
The server installer (available on Windows and Linux) automatically tries to apply the patch files to your source base and performs all other necessary steps (patching Makefiles, copying files).
Instructions on manual setup and hands-on setup support are included in all licenses.

Is it possible to reload Harmony while the server is running?

Yes. You can use @reloadharmony to reload the entire Harmony configuration. Only source code updates require a restart.

Return to top

Protection measures

Which attacks are blocked by Harmony?

Harmony blocks a broad range of cheat tools, including WPE, rPE, OpenKore, SpeedGear and other commonly used software. As of the latest version (3.3), basic routines against AutoHotkey are also included, which will be extended in future releases.
Additionally, several low-level attack patterns (e.g. memory modifications) are observed and blocked.

Can input macro tools like AutoHotkey be blocked?

No. It is technically impossible to reliably block these tools. Every attempt to block these tools will be fairly easy to bypass - especially when common gaming keyboards are used, which often provide macro features directly in hardware.
That being said, Harmony has protection routines to detect and block common hotkey software like AutoHotkey. These routines will even be extended in future versions.

Does Harmony prevent exe or GRF modifications?

Yes, see "File Integrity"

How does Harmony work?

Harmony works by attaching security routines deeply into the Ragnarok Client to encrypt network traffic and detect common cheat tools using heuristic algorithms. In addition, signature-based detection are used to detect known cheat software.
Several generic attack patterns are considered to circumvent bypass attempts.

Which encryption algorithms are used?

Network encryption uses a high-performance stream encryption algorithm. Other components of Harmony utilize AES-256, SHA-1, RSA and other algorithms.
However, the encryption algorithm itself does not rate a security solution like Harmony. While Kerckhoff's Principle indicates that a system should be secure as long as the encryption key is secret, this does not work for client-security solutions. The main problem is that anything the RO client does, including key generation, can be reverse engineered and emulated. Hence easily recognizable encryption algorithms might not always be the best choice.
In practice, Harmony follows the design principle of avoiding costly operations if they do not benefit the security of the system as a whole. Previous versions utilized full Blowfish / AES-256 encryption, leading to significant server CPU usage and ultimately server lag. Current versions avoid that, leading to better server performance.

Which countermeasures are taken when a cheat is detected?

This always depends. In most cases it is possible to configure the behavior. For example, you can configure that WPE usage should result in a warning being shown to the player, followed ten seconds later by a connection termination. It is also possible to automatically block IPs when repeated attacks are detected.
In some, mostly very low-level, situations Harmony silently blocks attacks to prevent intrusions.

Return to top

File Integrity

How can I prevent exe modifications like unlimited zoom?

Harmony validates the MD5 checksum of the game exe. When logging in with a modified exe the server will detect illegal modifications and reject the login.

My players are using modified GRFs to circumvent attack delays. Can Harmony block that?

Yes, by default all job sprites are protected from illegal modifications.

Which files are monitored by Harmony?

By default, Harmony monitors all job sprites and some effect files (stalker footprints for example).
Other GRF modifications are allowed.

Is it possible to extend the list of secured files?

Yes. However, this is not completely automated yet, so you have to submit a GRF containg your own list.

Return to top

Client Setup

How do I apply Harmony to my client?

Harmony is shipped as a modified game exe. Similar to XRay, there are no diffs applied to this exe. A matching diff file is included in all packages, but it is also possible to use third party diffs (like Shinryos diff patcher).
It is also possible to upload your current game exe and have Harmony applied to it.

Is it possible to use third-party clients with Harmony?

No. However, it is possible to allow GM accounts to bypass Harmony and thus effectively use third party clients (e.g. for support bots based on OpenKore).

I am using a different exe for my staff. Does Harmony support that?

Yes, you can configure multiple allowed clients and specify which GM level is required to use a certain client.

Is RCX supported?

Yes, Harmony emulates a RCX-compatible environment. However, you can choose to explicitly disable RCX, if it is not allowed on your server.

When are secured files checked?

The check time is calculated using internal algorithms. As a general rule of thumb it is safe to assume that Harmony checks files no later than they are loaded by the RO client.

Is it possible to encrypt secured files?

Yes. Keep in mind that unencrypted and encrypted versions of a file will be treated like two different ones.

Return to top

GRF Encryption

Does Harmony encrypt my entire GRF?

Only files within the GRF are encrypted to allow maximum patcher compatibility and minimum I/O overhead. The mast majority of GRF files simply do not need to be encrypted.

Which files can be encrypted?

All files which can be placed in a GRF.

Is it possible to encrypt files in the data folder?

Absolutely.

What patchers are compatible with the GRF encryption?

All.
As Harmony doesn't encrypt the entire GRF, but rather individual files within the GRF (or even from the data folder), it is compatible with all patch clients.
Note: It is recommended not to use GRF Builder when packing encrypted files: Due to a bug (german description here) it might happen that encrypted files are not stored correctly in the GRF.

Can encrypted files be decrypted?

Yes. The encryption tool offers an option to decrypt previously encrypted files. It is not possible to decrypt other server's files of course.

Can other Harmony customers decrypt my files?

No. Each customer has an individual encryption.

Does GRF encryption protect my files from modifications?

No. It is possible to overwrite encrypted files. If you want to protect files from being modified you should consider using the GRF Integrity features.

How does GRF encryption affect performance?

Each layer of encryption adds a small delay to all file load operations.
GRF encryption was designed to be used for custom maps, sprites and comparable amounts of files. It is recommended to encrypt only GRF content exclusively used by your server.

Return to top