Hacker Newsnew | past | comments | ask | show | jobs | submitlogin



Yup, and I seriously appreciate those that do that, but it's the small providers which inevitably end up screwing us over. Some small VPS company has a vulnerable server that someone makes a VPN on, and suddenly we get a wave of ban evaders. It ends up being a constant headache.


If it's default ports, you can just probe on login and deny it. We do this for a game I've admined for, and it's in the terms of service. Common L2TP, PPTP, etc.


Interesting. So if I put a terms of service discussing it on my blog can I nmap all my visitors?


Scanning the defaults for open proxies with a note in the ToS is not super uncommon with some types of services. I don't recommend sweeping random visitors to your website.


Since the OP said:

> I help develop a fairly popular webgame.

... unless the web-based game relies on a plugin that can skirt the browser's sandbox, there's no way to probe for active ports.


You can ask the server to do it for you.


Isn't this a lost battle? Only remotely possible due to IPv4 being so limited?

Do you allow normal users to get around banned IPs by buying a pass or something? (Then you can ban the pass, like 4chan.)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: