Joined: 11 May 2005
|Posted: Thu May 12, 2005 11:58 am Post subject: Open proxy detection
|Many MUD administrators have, at some point, tried to ban someone, only to have them come back moments later with a fresh IP. This patch (most of the code is generic, but an example is provided for Merc 2.1) uses the Undernet IRC network's proxy scanner, pxys, to detect most vulnerable proxy servers. It's not a panacea: finding every proxy is not feasible, and even if it was, a malicious user may still get a shell account and use that. However, the vast majority of proxies are simply misconfigured servers running on the default port, so this technique is fairly effective.
This should be considered alpha code, as I just wrote it this morning and have done minimal testing.
- Install pxys. You will also need the peak networking library.
- Configure pxyscand. In particular, you will need to setup the listening IP address and port. It is recommended to bind the proxy scanner to 127.0.0.1.
- Apply the patches and add opas.o to your Makefile.
- Configure OPAS_HOST and OPAS_PORT in merc.h.