Bandage that Wound (Open Proxy Detector)

Discussion in 'Archived: Plugin Requests' started by cynnamon, Dec 27, 2011.

  1. Offline


    This is probably completely and utterly useless.

    But, here goes.

    I typically find that most griefers I see (usually part of a griefing "team") usually use open proxies. I do a quick scan of suspected griefers, and they turn up positive. Open proxies are bad! They can allow for ban evasion if you only IP ban them (but you should account ban as well.)

    Anyways, checking the standard ports of the clients IP=

    to figure out if it really is open.

    Why do griefers use open proxies?
    Most proxies are expensive.
    A proxy works like this.

    Let's say Bob lives in a country where certain content is restricted. Usually, the connection goes like this (there are a lot more, but this is for simplicity)

    +-----+ +-----------+
    | Bob | ----> | Website |
    +-----+ +-----------+

    Let's say Bob's IP is
    The IP that the website sees is

    With a proxy, it goes something a little like this:

    +-----+ +------------+ +-----------+
    | Bob | ----> | Proxy | -----> | Website |
    +-----+ + ----------+ +-----------+

    Let's say the proxy IP is
    Instead of Bob's IP showing up,
    the proxy's IP shows up. So the website really "sees"

    Griefers can fool the Minecraft server if they were IP banned by using a proxy, so it doesnt match the IP to that specific IP ban.

    This is a ridiculous request, but it could stop some griefers.
    Not all, some are still connecting from home connections and/or closed proxies.

    I thank you for reading this thread, and yes, I know it's probably a terrible idea.
  2. Offline


    I don't the idea for people that want to play Minecraft from a closed network like campus or work, and have to use a proxy to play.

    However, this could be a sensible security measure. Have you encountered any grievers that use a proxy, or do you know anyone who has?

    Update: apparently, yes they do, in this case using VPN.
  3. Offline


    I know multiple griefers who use proxies.
    A lot of them are in a DNSBL because its open, so people are going to do nefarious things such as infect it or send out spam.

  4. Offline


    If most of those open proxies servers are already in blacklists, then it should be possible to include an IP checker that checks with the Http:BL API for example.

    I like the idea now. If such a plugin could be made, and then server owners would be running it in combination with McBans, it could mean a much tighter security.
  5. But that's not what the OP wants, he wants to ban based on the clients port and that isn't possible. Why? Well, let's extend the diagrams:
    *) Randomly choosen port.

    Now what do we see here? The server ports (80 for the webserver, 1080 for the proxyserver) are fixed. Why? Cause clients have to know it to be able to connect. But the ports at the clients (5278 and 19822 for Bob, 2957 for the client side of the proxy) are randomly choosen. Why? Cause if they where fixed they could be blocked by server threads or even other client threads (you can surf with firefox and chromium at the same time, but you can't run Apache and TinyHTTPD for the same time).
  6. Offline


    This isn't true.
    A port scan of the IP is what I'm asking.

    Just connect to the IP as if you are connecting to a proxy.
    Connect to RANDOMIP:typicalSOCKS5port and see if it asks for a password, if it does, its probably a closed proxy. If it's not, it's an open proxy.

Share This Page