gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
75314 Posts in 13188 Topics by 2636 Members - Latest Member: falcogiallo August 21, 2017, 06:37:29 am
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  Think Tank  |  Tools & Information for room hosts to hinder chat spam & proxy users
gfx
gfxgfx
 

Author Topic: Tools & Information for room hosts to hinder chat spam & proxy users  (Read 10579 times)

0 Members and 1 Guest are viewing this topic.

Offline Pri

  • MX Hosts
  • *****
  • *****
The aim of this thread is to share with you tools and information to enable you to easily stop people who spam your chat room using vulnerable or hacked servers which have been turned in to proxy servers.

This has always been a problem on WinMX since the creation of the network but in the last few years (Since around 2008 to present) the problem has become more annoying as someone has written a "very good" spammer program that is multi-threaded and able to spam a room with hundreds of proxies simultaneously. This has made previously developed tools like my own Proxy Blocker less effective.

In 2009 I released the first version of my Proxy Blocker and it has been continually updated since then, it does still work but you need to make sure you have it configured correctly so it can protect your room properly. I'm going to detail how to do that in in a second. The other thing you should do is use Peerblock with an Anti-Proxy list. I have developed three such lists and I'll show you how to use those too.

So first of all lets just explain what a proxy is and how the attacker uses them. A proxy server is a computer on the internet that acts as an intermediary between two other computers. So when an attacker wants to get in your room without you knowing who they are they simply forward their clients traffic through one of these servers and then your Chat Room Software is unable to see the persons true IP Address and instead sees the Proxy Servers.

There are literally thousands of "open" proxy servers setup all around the internet. Most of these are setup by criminals. They hack in to someone else's server and install the proxy software without the owner knowing. Then they will use these proxy servers to send spam emails, click on advertisements on the websites they own (this is known as click fraud) and once they've used the proxy for all their own activities they will sell the information to access this server online. That's the last stage of the attacker using the server for their own financial gain.

Now once they sell the servers information it will become known to the public and this is where the bottom feeders come in. People like the ones spamming our rooms. They scour these proxy websites and collect all the IP's posted (Many of these sites post 1,000 to 3,500 new proxies per day) and then he loads them in to whatever program he has to spam with and their attack begins.

So that is what a proxy is and how they originate and who uses them. What about blocking? Well as I said before there is my Proxy Blocking software you can run.

To use it you need two things, the first is a compatible Chat Server such as WCS, ZCS, RSWCS, or FXServer. If you're not using one of these I highly recommend you switch to one of them. Personally I recommend WCS but I understand not everyone is at the same level when it comes to editing configs. Out of all those servers, WCS, FXServe and RSWCS will work with every feature that the Proxy Blocker supports.

The second thing you will need is a version of the Metis chat bot that supports web lookups. The proxy blocker is designed to work with Metis v2.82 or higher, using a lower version it will not run. To get a copy of this Metis or an entire installer that is much easier to use you can download those here: http://www.mxpulse.com/board/viewtopic.php?f=9&t=405 These Metis versions are made by myself but the source code is available and they are fully compatible with all the scripts you already use.

Now that you have both of those things you just need to install the Proxy Blocker in Metis. You can download the latest version of the Proxy Blocker at his page here: http://www.mxpulse.com/board/viewtopic.php?f=9&t=194

So lets just detail what the Proxy Blocker does.

1. It will kick out Proxy servers when they enter your room.
2. It will automatically download and ban the IP's of proxy servers that are currently (within the past 5 minutes) being banned in other rooms.
3. It will "Lock" your room for up to 60 minutes in the event a large scale Proxy spam attack begins on your room.

Now the first feature is self explanatory but I just want to go over the other two.

The 2nd feature will pre-ban, that is ban IP's before they enter your room if the Proxy Blocker detects that those IP's are being used in other rooms. What this means is, if a large scale multi-room spam attack is happening the amount of IP's that the spammer can use diminishes extremely quickly as all the rooms together become "detectors" sharing their information through our Proxy Blocker communication server. This is done in a secure way with our server verifying that all bans placed by the Proxy Blocker clients are actually real proxies. The API always treats the client software as hostile and verifies all information itself.

The 3rd feature, the locking system. The way this works is if three proxies enter your room within 60 seconds the bot executes the command /limit 5. This makes it so no one can enter your room (If you already have over 5 users inside which is assumed). The proxies will keep attempting to get in but will all be blocked. This has a bad side effect that nobody even legitimate users will be able to gain entrance but that is why this is a last ditch effort to stop spam and it automatically turns itself off after 60 minutes.

Due to that 3rd feature having a negative side effect it is off by default and you have to turn that feature on manually by typing !lockdown on just to be clear, typing this doesn't lock your room that second, it simply gives the software the permission to lock and unlock your room when an attack starts. So you only need to type this command once and it will "just work".

If the event your room locks but you know the attack has ceased and you want to override the feature and open your room again simply type /reload in your chat from your normal client you talk with (not from the bots window) and it will override the /limit set by the script.

Something to keep in mind, for this feature to work your Bot needs high level access in your room, otherwise it will issue the command and nothing will happen. You also need to make sure your Bot has a high enough access to use /kick, /ban and view the IP Addresses of users who enter. Without these things the bot won't be able to protect your room from proxies.

So that's the bot and Proxy Blocker. The last part is a prophylactic measure, Peerblock Anti-Proxy lists.

Now Peerblock is a piece of software you can run on Windows which acts like a Firewall except instead of blocking Port Numbers it blocks IP Addresses. It is completely safe to use Peerblock with your own Firewall software it will not interfere at all and Peerblock is not a replacement for a Firewall you already use as again it blocks IP's and not Ports.

You can download the latest version of Peerblock from their website here: http://peerblock.googlecode.com/files/PeerBlock-Setup_v1.1_r518.exe

It supports Windows 2000, XP, Vista, and 7. I don't know if it works on Windows 8, if you use Windows 8 and tried it please reply and let us know if it works or not.

When you first run Peerblock it will have a few lists already in it that you can tick or untick. I recommend you not to use these lists as they are grossly inaccurate but that is just my advice and you're free to ignore it.

Once you have Peerblock installed you will open the program and select "List Manager" in the top left. Then in the bottom right select "Add". This is where you will add the lists. Here is the information for the three lists I produce. (I suggest you don't view these lists in your browser as the lists are enormous and may lockup your browser).

Block Proxies: http://blocklists.mxpulse.com/pri.proxy.blocklist.php (Updates every 4 hours)
Block Bad Servers: link removed by request (Updates every 24 hours)
Block Tor Exit Nodes: http://blocklists.mxpulse.com/pri.tor.exitnode.blocklist.php (Updates every 4 hours)

This is what the menu should look like when you're filling each list in (You need to do this for each list separately)


Now to just quickly go over each list and what it blocks. The first list simply blocks Proxy Servers (HTTP, HA1, HA2, SOCKS4, SOCKS5 etc) that are found on Proxy Server listing sites. My software "scrapes" the content of these sites, verifies the Proxy Servers work then compiles this list once every 4 hours. These lists cannot be used by Proxy seekers as the Port Numbers are all removed.

The 2nd list blocks "Bad Servers" basically servers that send spam emails, spam forums, spam comment fields on blogs, spam guest books and have also been known to operate as proxy servers. Bad Servers are mainly hacked servers and the owner isn't even aware of what is happening.

The 3rd and last list is the Tor Exit Node list. Tor stands for "The Onion Router" And it is a proxy service originally funded in part by the U.S. Naval Research Laboratory. It was designed as a way for dissidents, freedom fighters and agents in foreign countries to be able to organise and disseminate information without being blocked or snooped on by their countries government. It is very easy to use which is why it has previously been a staple of the spammers arsenal on WinMX. They very seldom use Tor now because my software blocks it so completely but we have to keep blocking it because as soon as we don't they will go back to using it again due to its high reliability.

So once you have added these three lists to your Peerblock it will download the lists from my server and it will automatically update them once every day. Make sure however you tell Peerblock to update once a day in its settings, by default it only updates once every two days which is too long.

And with all of this your room should now be protected. The peerblock lists will bring down the volume of the attack immensely taking out 99.9% of it. The room bot will then handle the rest. If you need any help with any of these feel free to reply here or to PM me, I am more than happy to come to your room and talk you through setting any of this up.

Offline PlanB

  • Forum Member
  • I love WinMX!
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #1 on: March 25, 2013, 05:55:30 pm »
How is your list any diffrent to this? http://www.winmxgroup.com/index.php?id=peer-block that has been running for months?

Where is your server based? i know ure a US citizen is your server US based?
Do you keep logs? even apache? You code states you "Send the roomname to the Analytics API". What are you analyzing?
 
Why do you need my name room i joined and IP? Really concerns me this, especially when winmxunlimited is josh!!! Why do you need all that information, id certainly never join a room with it running? Its a huge invasion of privacy.

edit
a few lines down

If this user was detected as using a proxy, send the IP, Username and Room Name to MXPulse (Analytical data for Pri)

This shouldnt be supported here, anyone using a proxy for legitimate purposes can be traced by you, this is a massive invasion of privacy, i will speak to a few others but i dont think we should be supporting this at all.

Offline Pri

  • MX Hosts
  • *****
  • *****
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #2 on: March 25, 2013, 06:12:29 pm »
Ok I see you have looked at the source code of the script and that is great! - I will now go over your questions and reply to each one.

How is your list any diffrent to this? http://www.winmxgroup.com/index.php?id=peer-block that has been running for months?
That list is for primary threats. It isn't blocking Proxy Servers, compromised servers or spam bots. What it is blocking is companies known to be Anti-P2P. That list is more for people who are concerned about the MPAA, RIAA and other associated copyright defenders from making a connection your computer system. My list is all about blocking malicious users (not companies) who are trying to spam your chat room with threatening messages.

Where is your server based? i know ure a US citizen is your server US based?
I am not a US Citizen, my server is 2 feet away from me in my home in England, United Kingdom.

Do you keep logs? even apache?
I do keep access logs for the IP's that access the Peerblock lists I've provided above. And I also keep logs for API calls the MXPulse service. I don't know what logs Josh keeps on his WinMXUnlimited service but I would assume he keeps some. His proxy service serves hundreds of thousands of queries every day, much more than just those from WinMX. We developed the Anti-Proxy software together.

You code states you "Send the roomname to the Analytics API". What are you analyzing?

When the Proxy Blocker software performs proxy checks it only sends the IP Address of every user that enters your room to WinMXUnlimited.net's Anti-Proxy detection service. Nothing else is sent about the user to that service apart from the IP Address. The Analytics part of the script that sends the IP, Username and Room Name to my server (MXPulse) only happens when the Proxy Blocker receives a detected response from the WinMXUnlimited API. Basically if a proxy enters your room and it gets detected then their Username, IP of the Proxy Server and your Room Name are sent to me. I use this information to track proxies, figure out where they are getting them from (There are hundreds of sites offering free proxies) and also to track the usefulness of the software and how it is being deployed.
 
Why do you need my name room i joined and IP? Really concerns me this, especially when winmxunlimited is josh!!! Why do you need all that information, id certainly never join a room with it running? Its a huge invasion of privacy.

Again that information (Room name, IP of user joining and their username) is only sent to me once they have been identified as a proxy by the software. I don't get that information unless they are using a Proxy Server. And 99% of the time the username is not their real name, they have either made one up, randomly generated it or are cloning another user on the network.

And about joining a room with it running, I'd estimate that about 1/3rd of the rooms on WinMX already use the software. Maybe even some of the ones you already frequent. I do not believe it is a huge invasion of privacy because you have incorrectly read the source code of the Proxy Blocker and are under the impression it sends the Username with the IP every time someone enters your room when in-fact it only does that for users who have already been detected as Proxies and thus are hiding their real identification. What we have is in the truest sense of the word, fake information for an IP that isn't theirs.

I hope that clears it up! =)

EDIT: You edited your post before I had a chance to reply, just to reply to this new section:

This shouldnt be supported here, anyone using a proxy for legitimate purposes can be traced by you, this is a massive invasion of privacy, i will speak to a few others but i dont think we should be supporting this at all.

The Proxy Blocker I make has been supported here for a long time. Since I first posted it in 2009. Ghostship has even made a guide on here previously that included links to the Proxy Blocker and the Peerguardian (Now Peerblock) lists that I've produced. This isn't a new thing, it has been available for literally years and solves the issue of spammers for the hosts who choose to use it. If people don't want to use the Analytical parts of the Proxy Blocker they are more than welcome to modify the source code which is not obfuscated in any way as my license allows them to modify and redistribute as they see fit and I welcome any improvements.

EDIT: Here I found the Guide that has my Anti-Proxy methods: http://www.winmxworld.com/tutorials/chatroom_pest_prevention.html

Offline PlanB

  • Forum Member
  • I love WinMX!
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #3 on: March 25, 2013, 06:26:48 pm »
Yes but i use a proxy every day, so every-time my proxy could be detected in one of these scripts you could potential see every room i try and join with this, i dont use a proxy to spam rooms, and i use my name.

 Where i can i opt out to this invasion of my privacy at least as part of UK Law? Never mind many other legitimate users of proxy services.

 If lots of people are using it then thats great, thats the great choice in life, So who else has access to this long list of IP services i use with my name on it? you have got to see here why im mega pissed at what ive seen. Considering the whole point of me using proxys is to protect my online privacy. And you are breaching it left right and center, and your not someone like Josh id like to be able to trace me online. Im sure if people where aware of that potential they wouldnt use it at all!

Offline Pri

  • MX Hosts
  • *****
  • *****
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #4 on: March 25, 2013, 06:37:05 pm »
Yes but i use a proxy every day, so every-time my proxy could be detected in one of these scripts you could potential see every room i try and join with this, i dont use a proxy to spam rooms, and i use my name.

 Where i can i opt out to this invasion of my privacy at least as part of UK Law? Never mind many other legitimate users of proxy services.

 If lots of people are using it then thats great, thats the great choice in life, So who else has access to this long list of IP services i use with my name on it? you have got to see here why im mega pissed at what ive seen. Considering the whole point of me using proxys is to protect my online privacy. And you are breaching it left right and center, and your not someone like Josh id like to be able to trace me online. Im sure if people where aware of that potential they wouldnt use it at all!

There is no opt-out. This is no different to you visiting a website and them handing off your browser user agent and IP Address to an Analytical service like Googles or to an Ad Network. It is perfectly legal for a host of any service to keep access logs and to share those logs with other people.

And yeah if you visited a lot of rooms using a public Proxy Server it would be tracked between rooms if you used the same username. But what does that information afford me? I don't know who you are, I've never seen your username before to my recollection. If you use a private server or a VPN/VPS then you won't be tracked, just using public insecure proxies is what gets detected and tracked by our service. Things like TOR, HideMyAss and similar services are what we detect.

Room hosts are just sick of people abusing their trust by changing their names when they are supposed to be banned, using proxy servers to get around bans and spamming their rooms with automated programs. I am merely providing them a solution and as you can see by the download counts on my site (100+ for each version) it is something a lot of hosts want and use.

Offline PlanB

  • Forum Member
  • I love WinMX!
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #5 on: March 25, 2013, 06:50:50 pm »
Yes and google and the such are bound with contracts and LAWS to provide privacy protection to its users threw encyption and controlled destroying of data, do you encrypt this data? what is your method of destroying this data? You are just a person, that has signed or agreed no contracts to anyone. You shouldnt be harvesting and storing this data, you are certainly breaking the law by not meeting any details within the data protection act? do you meet anything in that regard? Your basically just someone that has made a script without thinking of anyones personal safety. And to me that is truly very silly, and dangerous thing to have put yourself into. I dont know you from adam, and i have no idea who your third parties are if any. You offer no privacy contract, and i strongly think your probably breaking UK law by doing this.

Offline Pri

  • MX Hosts
  • *****
  • *****
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #6 on: March 25, 2013, 06:59:27 pm »
I'm going to have to educate you on the law now. There are two parts to the data protection act which make it null in this circumstance.

1. Section 29 - Crime and taxation. Data processed for the prevention or detection of crime, the apprehension or prosecution of offenders, or the assessment or collection of taxes are exempt from the first data protection principle.

In this section of the DPA it is okay to keep data for the prevention of a crime. If you intend to use a Proxy Server to commit a crime (Such as the death threats made in my own room by Proxy Users) we have the right to track this behavier.

2. The definition of personal data under which the DPA is confined is classed as data which relates to a living individual who can be identified through said data.

This data includes: race, ethnicity, politics, religion, trade union status, health, sex life or criminal record.

None of which we log. Basically what this means is none of the data we have about you can be used to identify who you are. We don't have your real IP Address, we don't have your country of origin or your internet service provider. We don't have your real name, your place of residence your political affiliations or religion. We don't even know your skin color let alone what you look like.

This all basically means the DPA does not apply. The only data we have is the room name of the room you entered the proxy server you were using and your Alias. And again that is only if you actually use a proxy in the first place.

Offline PlanB

  • Forum Member
  • I love WinMX!
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #7 on: March 25, 2013, 07:10:09 pm »
You record my name and ip, also the room i join. this is personally identifiable information. used with other evidence notably my ip is a massive map. Your spouting organisational law, and missing the storing of personally identifiable information. Please, let me correct you on your understanding of the law.

Offline Pri

  • MX Hosts
  • *****
  • *****
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #8 on: March 25, 2013, 07:12:28 pm »
You record my name and ip, also the room i join. this is personally identifiable information. used with other evidence notably my ip is a massive map. Your spouting organisational law, and missing the storing of personally identifiable information. Please, let me correct you on your understanding of the law.

The IP we have is a Proxy. It isn't even your IP, thus it isn't personally identifiable information. For someone that says he uses Proxies to protect his privacy you sure seem worried it is doing exactly the opposite.

Offline PlanB

  • Forum Member
  • I love WinMX!
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #9 on: March 25, 2013, 07:27:44 pm »
Your completely missing the point, you will have a log with my name attached to many ips sure, but that would be fantastic evidence used with other evidence even from my proxy provider, a court would grant that warrant to recover that information based upon your information. Your entire lack of understanding privacy law when you harvesting data truley is astounding, you seem to have no grip on the effect upon people, like myselves privacy you are having.

Stick your head in the ground all you wish.

Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #10 on: March 25, 2013, 09:08:33 pm »
just going back a few paragraphs

what is the data retention policy pri?
what do you keep and how long for?

Offline Pri

  • MX Hosts
  • *****
  • *****
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #11 on: March 25, 2013, 09:11:57 pm »
just going back a few paragraphs

what is the data retention policy pri?
what do you keep and how long for?

This is the only information I ever get: The IP Address of the Proxy Server being used, the username of the person using the proxy server and the channel name that the proxy server entered. The information is pushed to me in a notification, it gets stored for a couple hours at most.

Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #12 on: March 25, 2013, 09:43:37 pm »
doe that cover all data used/collected by the script?

Offline Pri

  • MX Hosts
  • *****
  • *****
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #13 on: March 25, 2013, 09:59:08 pm »
No there are a few other things, let me detail all its internet usage.

1. It connects to my server when it's first run to download a small piece of text. This text is compared to a code inside the script and is used to verify that the Metis being used has a working internet connection. No data is sent in this query it only downloads the code and compares it, if the two codes don't match then it tells the admins their Metis is probably too old to run this script.

2. It checks my server to see if there is a new version of the script available. No information is sent in this query either, it just downloads a small text file that contains the current version number of the script as available on my site and compares it to the version number inside the script itself. If the two versions don't match it tells the user a new version of the script is available and links them to the download page.

3. It downloads an API health file from my server (MXPulse.com) which tells the script which API's are online, WinMXUnlimited, MXPulses etc and it can also deactivate the local cache in the script. To view the API status in-room you can type !proxy status. This is used to turn off an API that may be down to stop the script from querying it or it may be used to switch off the local script caching in the event that one of the API's was giving bad data for a non-specific amount of time and there may be non-proxy IP's being banned as proxies even after we fix the API due to the cache. These features are just for redundancy handling.

4. It downloads a whitelist file from my website, this contains IP Addresses which should not be banned for being Proxies. This list is used when previously detected Proxy IP's are no longer known as proxies and they should not be detected. I can't remember this feature ever actually being used and the whitelist remains blank, it is just a safety net. There is also a local whitelist for room owners to edit which is seperate to this one that the script downloads from me.

5. When a user enters your room it sends their IP Address (And nothing else) to winmxunlimited.net, winmxunlimited.net goes through its vast database of known proxies, access the TOR network and StopForumSpam & ProjectHoneyPot.com. It then sends a response back to the script which is either 0 = Not a proxy, Tor = Tor Proxy or Public = Random public proxy

6. Once a user has been detected as a proxy their IP, Username and the Room Name they just entered is sent to MXPulse.com (my site) and it is then displayed to be in a text notification if my computer is on. Once that notification goes away it is gone, the information is NOT stored in any kind of database and is not logged. Even the Apache log for my webserver doesn't list httpget queries so the content of the notification is not even stored inside the apache log, the only thing stored in there about the query is the IP Address of the bot that queried the API, the contents of their query are not saved in the log.

7. If a proxy has been detected and it's done all that above, it now loads a page at winmxunlimited.net to download a list of recently detected proxies. Basically any IP that was sent to winmxunlimited.net which was identified as a proxy gets cached for 5 minutes by winmxunlimited.net and then it gives that list to the Proxy Blocker when it queries the winmxunlimited.net site. This is called the pre-emptive banning system and it basically means that if a spam attack is happening across multiple rooms their recently detected proxies all get banned very quickly to keep all the rooms secure. This list of recently banned proxies is also queried whenever someone inside your room changes their username. I do that because it doesn't require a timer to be setup and many people use timers for games and Metis only has 1 timer, by attaching this code to a name change it runs every so often but doesn't impact anything.

8. Finally when you do a manual IP lookup using !Proxy <IP> it sends a query to WinMXUnlimited.net which responds like I documented above, telling you if the IP is a proxy or not.

And that is it. Those are all the web queries that the script makes. Sorry if there are any spelling errors I didn't proof read this before submitting.

Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #14 on: March 26, 2013, 01:58:21 am »
item 4, how long is the retention on IP's on the whitelist?

are the ip's on item 5 logged? if so what is the retention ( i think you covered this but i'd rather ask ask again in case it was something else i was thinking of)

item 6 and 7, are these the ip's that are blacklisted, in the first post your script automatically blocks ip's being banned in other rooms. how long are these kept?

ha ha spelling, i think typonese is the default language of winmx.


Offline winmxuser54

  • Forum Member
  • I love WinMX!
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #15 on: March 26, 2013, 03:09:16 am »
I know of many rooms that have been using this script for years without any issues and it does indeed cut down on spam by these idiots abusing public proxy servers. And I appreciate that at least someone is doing something for the users of WinMX to deter these proxy abusers.

What I don't appreciate is the attitude of the majority of users left on the network, and I've seen it time and time again even on the new client thread on this very forum. Everyone wants something now, now, and complain and moan while not ever contributing anything at all. It's like they think they're owed something when they clearly are not. The developers of the new client are dedicating their OWN time for FREE for you. That gives you no right to bitch and complain about how it's taking so long as YOU are contributing nothing.

It seems like a lot of the users left on the network are either stubborn or paranoid like this PlanB character. The only people who tend to use proxies and make such a big deal out of their uses being severed have something severely illegal to hide like child porn or say illegal ddos attacks on say the wpn network? hmmmmmmm

As the WinMX app itself says when you click chat, the rooms are UNMODERATED and it's your own choice to risk what information is being collected, and what subjects of discussion are being discussed in the chat rooms. If you don't like it then simply only join a chat room a known host you trust is running.

Also, as was said above but clearly needs reiteration is the fact that this kind of service is no different than google analytics which in case you didn't notice PlanB, THIS SITE USES. So please take your petty complaints about your oh so beloved abuser used proxy servers being blocked from chat rooms that want them blocked. You're not required to visit them, and I'm sure they wouldn't want such a person filled with such paranoia and mischievous motives in their chat rooms.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #16 on: March 26, 2013, 03:54:06 am »
I think the point of concern here is that anyone running this tool will be sending the IP's of everyone entering those rooms to the winmxunlimited server even before Pri gets to do anything with the data as he only gets the IP's of those checked that turn out to be proxies.

Winmxunlimited is US based and thus there exists a well known weakness with users privacy.

I am split on this one really as I fully understand the wish of all to enjoy a chat free of harassment and mindless character vomiting from bots but the potential cost of this is to deliver up all the chat user base IP's.

Also there has been voiced some suspicion that this is a solution created to fill an artificial problem, as prior to a few days ago there was no problem with such attacks and now we have a solution seeming to appear overnight almost at the same time as the problems start up.

I think the base of this is simply if you wish to use the software to retain chatroom users and provide a reasonably quiet life free from annoyances then aside from the caveat above (loss of chat room user data) this seems like a fair solution, we all agree I hope that it's short sighted to shoot solutions down without looking at their potential benefits and their costs as a guiding line on making informed choices, that said I suggest this is one we must make individually as no clear line of argument exists to cover this situation and thus having laid out the pros and cons I shall say no more.

Offline Pri

  • MX Hosts
  • *****
  • *****
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #17 on: March 26, 2013, 09:30:38 am »
I think the point of concern here is that anyone running this tool will be sending the IP's of everyone entering those rooms to the winmxunlimited server even before Pri gets to do anything with the data as he only gets the IP's of those checked that turn out to be proxies.

Winmxunlimited is US based and thus there exists a well known weakness with users privacy.

I am split on this one really as I fully understand the wish of all to enjoy a chat free of harassment and mindless character vomiting from bots but the potential cost of this is to deliver up all the chat user base IP's.
WinMXUnlimited.net's Anti-Proxy API serves literally a hundred thousand IP Lookups per day. The API is open for anybody to use. The lookups being performed on WinMX IP's sent to the service aren't even 1/1000th of its total daily traffic. What this means is, the IP's for people on WinMX are like finding a needle in a haystack. Put simply there is too much data to even log and there is no logging setup beyond the basic webserver logs which are overwritten every day due to the sheer volume of requests.

Also there has been voiced some suspicion that this is a solution created to fill an artificial problem, as prior to a few days ago there was no problem with such attacks and now we have a solution seeming to appear overnight almost at the same time as the problems start up.

This really surprises me. First of all, I have been authoring the Proxy Blocker software since 2009, it isn't a new solution. And the version I have posted here was authored over one year ago. It too is not new. The only thing new is the newer Blocklists I posted. The Tor and Proxy Server Blocklists are old (Over 2 years old, But at new url's now) but the Bad Servers blocklist is new. The reason I developed that new Blocklist is because the other two Blocklists on their own weren't effective enough.

Now if 3 out of the 4 solutions I posted here are old then why did I even make this thread? Because the spamming on the network started again 2 months ago. It began with my own room being spammed and one of my admins having their life threatened and the life of her grandson. Then it escalated to him spamming 4 other rooms that I know of, then over the past several days he has DDoS'd my home line, my webserver and spammed countless rooms on the network.

Most of his messages are of a threatening nature but sometimes he writes things like "Pri's software has failed you! Come to x room". And in some of the rooms that use my software they were not using it correctly allowing him to get in. For example they were running only the Proxy Blocker but not the Peerblock lists or they were running the Proxy Blocker without the Lockdown feature or they had their Bot not logged in with high enough access level to be able to kick or ban the proxies. As you can see this thread is a guide for using the software properly.

I have not seen anyone voicing their opinion that this solution was created to fill an artificial problem, it was created in 2009 when all the rooms on the network were being systematically spammed and I have updated the software since then each time some nutjob starts spamming again. Even your own site suggested people use it in this guide: http://www.winmxworld.com/tutorials/chatroom_pest_prevention.html

Offline Pri

  • MX Hosts
  • *****
  • *****
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #18 on: March 26, 2013, 09:37:13 am »
item 4, how long is the retention on IP's on the whitelist?

are the ip's on item 5 logged? if so what is the retention ( i think you covered this but i'd rather ask ask again in case it was something else i was thinking of)

item 6 and 7, are these the ip's that are blacklisted, in the first post your script automatically blocks ip's being banned in other rooms. how long are these kept?

ha ha spelling, i think typonese is the default language of winmx.

Item 4: The whitelist is Blank there are no IP's in it nor have there ever been. If I put any IP's in there they would stay there until I removed them. Whitelisting an IP means the Proxy Blocker won't treat that as a Proxy Server.

Item 5: Just basic webserver logging but the IP's are lost within a hundred thousand queries a day. And the IP's are just IP's theres no other information making them useless in a court because it doesn't say anything else about you other than you were checked as a proxy, even the room you entered isn't known to winmxunlimited.

Item 6 & 7. These IP's are ones that are detected as proxies. These IP's are stored for 5 minutes in a temporary cache at winmxunlimited.net which is then wiped afterwards.

Offline GhostShip

  • Ret. WinMX Special Forces
  • WMW Team
  • *****
Re: Tools & Information for room hosts to hinder chat spam & proxy users
« Reply #19 on: March 26, 2013, 06:55:59 pm »
Quote
I have not seen anyone voicing their opinion that this solution was created to fill an artificial problem, it was created in 2009 when all the rooms on the network were being systematically spammed and I have updated the software since then each time some nutjob starts spamming again. Even your own site suggested people use it in this guide: http://www.winmxworld.com/tutorials/chatroom_pest_prevention.html

So what are you suggesting ? That no one has concerns and those that do all que at your door ?
There have been concerns And I did you the decency of voicing them in place of those who voiced them to me.

You know as well as I do that claims are made whatever anyone does on this network and the best policy to deal with such claims is simply to open the doors and show folks there is nothing up the sleeves etc and try your best to answer any queries raised, this you seen to have done and so I urge you to reread my post where I make clear this is something for each room host to make a decision on and not anyone else, not you not me not PlanB.

You have proffered a solution, there is little to be gained from thrusting it too hard upon those who may need a little time to be convinced of its veracity, be patient.

WinMX World :: Forum  |  Discussion  |  Think Tank  |  Tools & Information for room hosts to hinder chat spam & proxy users
 

gfxgfx
gfx
©2005-2017 WinMXWorld.com. All rights reserved.
SMF 2.0.14 | SMF © 2017, Simple Machines
Page created in 0.122 seconds with 22 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!