How to tell if someone is using a proxy
Moderator: General Moderators
-
SashaSlutsker
- Forum Newbie
- Posts: 18
- Joined: Sat Mar 20, 2004 11:24 am
How to tell if someone is using a proxy
I am mainly concerned about all those anonymous proxies online. Anyone know how to tell if someone is using ANY proxy at all?
- Buddha443556
- Forum Regular
- Posts: 873
- Joined: Fri Mar 19, 2004 1:51 pm
If it's an anonymous proxy then it doesn't give away the fact that it's a proxy. Having said that ... I can think of a couple of ways.
1. Create and maintain a list of IP addresses associated with anonymous proxies. May not be very accurate.
2. Test addresses suspected of being anonymous proxies. May not be very accurate and may appear to be an attack on said address.
3. Use a client-side language like Javascript to report the IP address of the user. May simply not work or be accurate.
4. Keep a record of IP addresses associated with a user and look for suspecious things like large number of different domains. May not be very accurate either but at least you have a list of IP addresses you can ban for that user. Of course proxies usually come into play after you ban an IP address.
Those are just some thoughts. Maybe they'll help you come up with something for your situation. Why are you worried about anonymous proxies anyway?
1. Create and maintain a list of IP addresses associated with anonymous proxies. May not be very accurate.
2. Test addresses suspected of being anonymous proxies. May not be very accurate and may appear to be an attack on said address.
3. Use a client-side language like Javascript to report the IP address of the user. May simply not work or be accurate.
4. Keep a record of IP addresses associated with a user and look for suspecious things like large number of different domains. May not be very accurate either but at least you have a list of IP addresses you can ban for that user. Of course proxies usually come into play after you ban an IP address.
Those are just some thoughts. Maybe they'll help you come up with something for your situation. Why are you worried about anonymous proxies anyway?
-
SashaSlutsker
- Forum Newbie
- Posts: 18
- Joined: Sat Mar 20, 2004 11:24 am
-
SashaSlutsker
- Forum Newbie
- Posts: 18
- Joined: Sat Mar 20, 2004 11:24 am
- feyd
- Neighborhood Spidermoddy
- Posts: 31559
- Joined: Mon Mar 29, 2004 3:24 pm
- Location: Bothell, Washington, USA
sounds even more like a game design issue now... instead of using the remote address, require that they login.. then it's attached to their login.. sure, people could have multiple accounts if they really wanted..
see, the other side of the coin is: people behind NATs won't be able to help each other because their remote address will be the same.
see, the other side of the coin is: people behind NATs won't be able to help each other because their remote address will be the same.
-
SashaSlutsker
- Forum Newbie
- Posts: 18
- Joined: Sat Mar 20, 2004 11:24 am
- Buddha443556
- Forum Regular
- Posts: 873
- Joined: Fri Mar 19, 2004 1:51 pm
Yeah it's more of a Java thing and browser dependent. Could just use Java. Like I said, "May simply not work or be accurate."feyd wrote:AFAIK, there is no way to find someone's IP address with Javascript.
Code: Select all
<script>
if (navigator.appName=='Netscape' && navigator.javaEnabled()) {
hn = java.net.InetAddress.getLocalHost().getHostName();
ha = java.net.InetAddress.getLocalHost().getHostAddress();
document.write('HostName: '+ hn + '<br>' + 'HostAddress: '+ ha );
}
</script>You can't do it. There are simply too many ways of hiding your IP address. It's easy to route your traffic via a third party, via SSH, for example. Anonymous proxies are going to be an issue, too, especially as they're everywhere these days. Even if you make a page that captures the person's IP address client-side, it still has to get that to the server somehow. It would be easy enough for that to be intercepted by the client, or denied by a firewall or something.
Basically, there's no foolproof (or even slightly usable) way of doing this.
Basically, there's no foolproof (or even slightly usable) way of doing this.
-
d3ad1ysp0rk
- Forum Donator
- Posts: 1661
- Joined: Mon Oct 20, 2003 8:31 pm
- Location: Maine, USA
Also, I play/make games like what you're talking about, and your best bet is to put a time in the "hits" table next to each hit:
Then, you can check the time in between hits, and if it's less than say, 15 seconds, you can know they're using a proxy clicker or something of that nature (also, make sure its like 10 hits, not just 2, because that could be coincidence).
I wouldnt worry about annon. proxies, its way too tedious just to get a few more hits.
Code: Select all
userid | ip | time
4 | 64.234.82.309 | 14:02:53
19 | 206.37.278.37 | 14:03:15I wouldnt worry about annon. proxies, its way too tedious just to get a few more hits.