What is AntiKnox? AntiKnox is an anti-anonymity service that lets you accurately detect VPNs, Tor and proxies from a large variety of providers. But unlike tools that guess based on ASN information, AntiKnox provides the data from an ever-growing database worth 2,352,800 IP addresses (at the time of writing). These IP addresses are gathered directly from the VPN or proxy providers and verified before they are put into the database. Through this approach, you'll only get data to rely on and false-positives become a thing of the past.
Aside from the accurate hits, the API also supplies you with additional ASN information for further decision-making. Take a look:
Why do I need it?
Have you ever IP-banned someone only to see them reappear a few seconds later to continue ruining your server? Laughing in your face because "their VPN has 5,000 IPs"?
Chances are you have. Or perhaps you've had someone hack your players through a VPN (because that would, as a hacker, be your first step).
If you care about the integrity of your game and about the experience of your players, wrapping AntiKnox around your login system is a step towards improving your server. No longer can anonymous IP addresses connect, and your players can no longer be hacked by someone on their VPN. Force them to use their own IP address instead (and then report that IP to the ISP )!
And if you have a web store where you sell virtual items, adding AntiKnox to your checkout process greatly reduces your fraud rate because your customers can no longer fake their location to match the credit card they use (or change their IP on PayPal to file an 'unauthorized access' claim).
Briefly put, there are plenty of reasons why your server needs an extra layer of security.
Pricing
You get 200 free lookups per month. Do you need more? For every $1, you'll receive 500 more lookups. Need a lot more? Reach out and we'll agree on pricing!
Installation Note: for various server 'bases', full-blown guides are available below under the 'Setup Guides' category.
First of all, you're going to need an API key. AntiKnox is completely free to try out, so create an account and head over to the dashboard. Your license key is shown on the right.
Next up, download the antiknox-all-1.0.0.jar library from the Github releases page. You can also add the library using Gradle/Maven if you use that - the details for that are in the repository README.md file.
Add the library to your project as a dependency. In most server sources, you'd drop the .jar inside the 'lib' folder, then right-click it and add it to your classpath.
When it's in your classpath, import a few classes:
Now, create a new instance somewhere (for example in your login handler):
Code:
private static AntiKnox antiknox = new AntiKnox.Builder()
.key("your-license-key-goes-here") // Replace the key with your own!
.jsonDeserializer(new GsonDeserializer())
.httpClient(OkHttp3Client.createDefault())
.build();
Now, all there is left is to make the actual checks. Remember, for various server 'bases' there are full-blown examples below that you can copy paste.
A generic approach would be to add the following code where you also handle IP bans and regular account bans:
Code:
Record lookup = antiknox.lookup(host);
if (lookup.hasDirectMatch()) {
Record.Direct match = lookup.getDirectMatch();
System.out.printf("Rejecting login from %s because %s is a %s from %s.", player.getUsername(), host,
match.getType(), match.getProvider());
return LoginResponses.LOGIN_REJECT_SESSION; // The response code is up to you. You can also show 'banned', or similar.
}
Setup Guides
Below are various setup guides for different private server flavors. Select the 'base' that is closest to what you're working with, or implement it yourself from the generic steps above.
Add it as a library to your project. In IDEA, right-click and 'Add as library'. I don't know about Eclipse - I don't speak Eclipse. It's something with 'classpath'.
public class ConnectionHandler {
private static AntiKnox antiknox = new AntiKnox.Builder()
.key("your-license-key-goes-here")
.jsonDeserializer(new GsonDeserializer())
.httpClient(OkHttp3Client.createDefault())
.build();
Scroll down a bit until you see a method called getResponse.
Underneath
Code:
if (PlayerPunishment.IPBanned(host)) {
return LoginResponses.LOGIN_DISABLED_IP;
}
Add this:
Code:
Record lookup = antiknox.lookup(host);
if (lookup.hasDirectMatch()) {
Record.Direct match = lookup.getDirectMatch();
System.out.printf("Rejecting login from %s because %s is a %s from %s.", player.getUsername(), host,
match.getType(), match.getProvider());
return LoginResponses.LOGIN_REJECT_SESSION;
}
That's all - you're ready
Need help?
Send me a message and I'll help with integrating AntiKnox into your project - whatever base that may be.
This is really good finally someone came up with this not going use now maybe in near future thanks! But uid ban is kinda effective isnt it?
Well, not really. As long as someone can decompile/modify the game client, they can bypass it. It depends on the implementation, but in the end it will always be something client-sided. Let me know if you're ever going to use it and I'll give you a hand setting things up!
hopefully everyone blocks asns... but there are a ton of open source lists / api's or even services like iphub. what makes this different?
this. why should I use this service over an asn+iphub lookup combo (not to mention iphub gives you 1,000 free requests a day and you give a pathetic 200 lookups a month)
edit: before u mention caching results from ur api as the reason for the low lookup requests, many people have a much higher volume than that and you only offer 1 plan before having to reach out to your sales rep