Thread: AntiKnox - Protect your server from VPNs & proxies

Page 1 of 3 123 LastLast
Results 1 to 10 of 24
  1. #1 AntiKnox - Protect your server from VPNs & proxies 
    RIP savions sw 6/3/2017
    Velocity's Avatar
    Join Date
    Jan 2009
    Age
    23
    Posts
    1,995
    Thanks given
    1,001
    Thanks received
    2,311
    Rep Power
    3883
    [Only registered and activated users can see links. ]


    What is AntiKnox?
    [Only registered and activated users can see links. ] is an anti-anonymity service that lets you accurately detect VPNs, Tor and proxies from a large variety of providers. But unlike tools that guess based on ASN information, AntiKnox provides the data from an ever-growing database worth 2,352,800 IP addresses (at the time of writing). These IP addresses are gathered directly from the VPN or proxy providers and verified before they are put into the database. Through this approach, you'll only get data to rely on and false-positives become a thing of the past.

    Aside from the accurate hits, the API also supplies you with additional ASN information for further decision-making. Take a look:

    Code:
    {
      "match": true,
      "processing": "2.03ms",
      "direct": {
        "ip": "207.189.31.195",
        "type": "vpn",
        "provider": "HotspotShield"
      },
      "heuristics": {
        "company": "Micfo, LLC., US",
        "label": "hosting"
      },
      "credits": 99877349
    }

    Why do I need it?
    Have you ever IP-banned someone only to see them reappear a few seconds later to continue ruining your server? Laughing in your face because "their VPN has 5,000 IPs"?

    Chances are you have. Or perhaps you've had someone hack your players through a VPN (because that would, as a hacker, be your first step).

    If you care about the integrity of your game and about the experience of your players, wrapping AntiKnox around your login system is a step towards improving your server. No longer can anonymous IP addresses connect, and your players can no longer be hacked by someone on their VPN. Force them to use their own IP address instead (and then report that IP to the ISP )!

    And if you have a web store where you sell virtual items, adding AntiKnox to your checkout process greatly reduces your fraud rate because your customers can no longer fake their location to match the credit card they use (or change their IP on PayPal to file an 'unauthorized access' claim).

    Briefly put, there are plenty of reasons why your server needs an extra layer of security.


    Pricing
    You get 200 free lookups per month. Do you need more? For every $1, you'll receive 500 more lookups. Need a lot more? Reach out and we'll agree on pricing!


    Installation
    Note: for various server 'bases', full-blown guides are available below under the 'Setup Guides' category.

    First of all, you're going to need an API key. AntiKnox is completely free to try out, so [Only registered and activated users can see links. ] and head over [Only registered and activated users can see links. ]. Your license key is shown on the right.

    Next up, download the [Only registered and activated users can see links. ] library from the [Only registered and activated users can see links. ]. You can also add the library using Gradle/Maven if you use that - the details for that are in the repository README.md file.

    Add the library to your project as a dependency. In most server sources, you'd drop the .jar inside the 'lib' folder, then right-click it and add it to your classpath.

    When it's in your classpath, import a few classes:

    Code:
    import net.antiknox.*;
    import net.antiknox.http.OkHttp3Client;
    import net.antiknox.gson.GsonDeserializer;
    Now, create a new instance somewhere (for example in your login handler):

    Code:
    	private static AntiKnox antiknox = new AntiKnox.Builder()
    			.key("your-license-key-goes-here") // Replace the key with your own!
    			.jsonDeserializer(new GsonDeserializer())
    			.httpClient(OkHttp3Client.createDefault())
    			.build();
    Now, all there is left is to make the actual checks. Remember, for various server 'bases' there are full-blown examples below that you can copy paste.

    A generic approach would be to add the following code where you also handle IP bans and regular account bans:

    Code:
    Record lookup = antiknox.lookup(host);
    if (lookup.hasDirectMatch()) {
    	Record.Direct match = lookup.getDirectMatch();
    
    	System.out.printf("Rejecting login from %s because %s is a %s from %s.", player.getUsername(), host,
    			match.getType(), match.getProvider());
    	return LoginResponses.LOGIN_REJECT_SESSION; // The response code is up to you. You can also show 'banned', or similar.
    }

    Setup Guides
    Below are various setup guides for different private server flavors. Select the 'base' that is closest to what you're working with, or implement it yourself from the generic steps above.

    Ruse-based
    Spoiler for Ruse-based installation guide:

    1. Add the [Only registered and activated users can see links. ] to your 'lib' folder
    2. Add it as a library to your project. In IDEA, right-click and 'Add as library'. I don't know about Eclipse - I don't speak Eclipse. It's something with 'classpath'.
    3. Find the class called ConnectionHandler.java.
    4. Do some importing:
      Code:
      import net.antiknox.*;
      import net.antiknox.http.OkHttp3Client;
      import net.antiknox.gson.GsonDeserializer;
    5. Create a new AntiKnox instance:
      Code:
      public class ConnectionHandler {
      
      	private static AntiKnox antiknox = new AntiKnox.Builder()
      			.key("your-license-key-goes-here")
      			.jsonDeserializer(new GsonDeserializer())
      			.httpClient(OkHttp3Client.createDefault())
      			.build();
    6. Scroll down a bit until you see a method called getResponse.
    7. Underneath
      Code:
      if (PlayerPunishment.IPBanned(host)) {
          return LoginResponses.LOGIN_DISABLED_IP;
      }
      Add this:
      Code:
      Record lookup = antiknox.lookup(host);
      if (lookup.hasDirectMatch()) {
      	Record.Direct match = lookup.getDirectMatch();
      
      	System.out.printf("Rejecting login from %s because %s is a %s from %s.", player.getUsername(), host,
      			match.getType(), match.getProvider());
      	return LoginResponses.LOGIN_REJECT_SESSION;
      }
    8. That's all - you're ready




    Need help?
    Send me a message and I'll help with integrating AntiKnox into your project - whatever base that may be.
    xxxxxxx
    Reply With Quote  
     


  2. #2  
    Registered Member replicant's Avatar
    Join Date
    Sep 2017
    Posts
    289
    Thanks given
    17
    Thanks received
    22
    Rep Power
    20
    This is really good finally someone came up with this not going use now maybe in near future thanks! But uid ban is kinda effective isnt it?
    Reply With Quote  
     

  3. #3  
    RIP savions sw 6/3/2017
    Velocity's Avatar
    Join Date
    Jan 2009
    Age
    23
    Posts
    1,995
    Thanks given
    1,001
    Thanks received
    2,311
    Rep Power
    3883
    Quote Originally Posted by replicant View Post
    This is really good finally someone came up with this not going use now maybe in near future thanks! But uid ban is kinda effective isnt it?
    Well, not really. As long as someone can decompile/modify the game client, they can bypass it. It depends on the implementation, but in the end it will always be something client-sided. Let me know if you're ever going to use it and I'll give you a hand setting things up!
    xxxxxxx
    Reply With Quote  
     

  4. #4  
    Banned

    Join Date
    Oct 2013
    Posts
    582
    Thanks given
    3
    Thanks received
    61
    Rep Power
    0
    wow wont use this. but thanks this is really cool.
    Reply With Quote  
     

  5. #5  
    RIP savions sw 6/3/2017
    Velocity's Avatar
    Join Date
    Jan 2009
    Age
    23
    Posts
    1,995
    Thanks given
    1,001
    Thanks received
    2,311
    Rep Power
    3883
    Quote Originally Posted by pokeball98 View Post
    wow wont use this. but thanks this is really cool.
    No problem, it'll be here should the need for it arise
    xxxxxxx
    Reply With Quote  
     

  6. #6  
    أول الغضب جنون وآخره ندم
    Savions's Avatar
    Join Date
    Aug 2012
    Age
    20
    Posts
    2,436
    Thanks given
    164
    Thanks received
    1,498
    Rep Power
    1981
    yes no more stupid people ruining my server!!! i recommend usage for everyone


    i will download now
    Reply With Quote  
     

  7. #7  
    Registered Gangster

    Gang's Avatar
    Join Date
    Nov 2013
    Posts
    739
    Thanks given
    176
    Thanks received
    410
    Rep Power
    5000
    I like the concept
    [Only registered and activated users can see links. ]
    Spoiler for sig too big:


    I use DCT HOST






    Reply With Quote  
     

  8. #8  
    of the House Targaryen

    Khaleesi's Avatar
    Join Date
    Jul 2015
    Posts
    765
    Thanks given
    159
    Thanks received
    367
    Rep Power
    269
    hopefully everyone blocks asns... but there are a ton of open source lists / api's or even services like iphub. what makes this different?
    Reply With Quote  
     

  9. #9  
    Renown Programmer
    Ryley's Avatar
    Join Date
    Aug 2011
    Posts
    595
    Thanks given
    247
    Thanks received
    482
    Rep Power
    1173
    Quote Originally Posted by Khaleesi View Post
    hopefully everyone blocks asns... but there are a ton of open source lists / api's or even services like iphub. what makes this different?
    this. why should I use this service over an asn+iphub lookup combo (not to mention iphub gives you 1,000 free requests a day and you give a pathetic 200 lookups a month)

    edit: before u mention caching results from ur api as the reason for the low lookup requests, many people have a much higher volume than that and you only offer 1 plan before having to reach out to your sales rep
    Reply With Quote  
     

  10. Thankful user:


  11. #10  
    i eat ass
    2t bank's Avatar
    Join Date
    Jul 2017
    Posts
    142
    Thanks given
    73
    Thanks received
    30
    Rep Power
    9
    Ill def plug in for the sake of it, nice release overall.
    okay i change a background 1st and 2nd not change idk why and idk how to jar a client on ecplise
    Hi need 100 developers for my project better than runescape
    Hey quick question. I downloaded this scrub ruse base but how do i make myself owner
    Reply With Quote  
     

Page 1 of 3 123 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 9
    Last Post: 07-26-2014, 01:26 AM
  2. Replies: 40
    Last Post: 06-29-2012, 09:50 AM
  3. Protect your server from DoS
    By Neekage in forum Hosting
    Replies: 6
    Last Post: 03-30-2012, 09:56 AM
  4. Closing Your Server from Others
    By Nets8 in forum Tutorials
    Replies: 6
    Last Post: 08-23-2008, 12:04 AM
  5. reload your server from command
    By killamess in forum Tutorials
    Replies: 7
    Last Post: 04-17-2008, 03:42 PM
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •