Thread: AntiKnox - Protect your server from VPNs & proxies

Page 1 of 3 123 LastLast
Results 1 to 10 of 29
  1. #1 AntiKnox - Protect your server from VPNs & proxies 
    Registered Member
    Velocity's Avatar
    Join Date
    Jan 2009
    Age
    28
    Posts
    2,028
    Thanks given
    1,013
    Thanks received
    2,376
    Rep Power
    4112
    Attached image


    What is AntiKnox?
    AntiKnox is an anti-anonymity service that lets you accurately detect VPNs, Tor and proxies from a large variety of providers. But unlike tools that guess based on ASN information, AntiKnox provides the data from an ever-growing database worth 2,352,800 IP addresses (at the time of writing). These IP addresses are gathered directly from the VPN or proxy providers and verified before they are put into the database. Through this approach, you'll only get data to rely on and false-positives become a thing of the past.

    Aside from the accurate hits, the API also supplies you with additional ASN information for further decision-making. Take a look:

    Code:
    {
      "match": true,
      "processing": "2.03ms",
      "direct": {
        "ip": "207.189.31.195",
        "type": "vpn",
        "provider": "HotspotShield"
      },
      "heuristics": {
        "company": "Micfo, LLC., US",
        "label": "hosting"
      },
      "credits": 99877349
    }

    Why do I need it?
    Have you ever IP-banned someone only to see them reappear a few seconds later to continue ruining your server? Laughing in your face because "their VPN has 5,000 IPs"?

    Chances are you have. Or perhaps you've had someone hack your players through a VPN (because that would, as a hacker, be your first step).

    If you care about the integrity of your game and about the experience of your players, wrapping AntiKnox around your login system is a step towards improving your server. No longer can anonymous IP addresses connect, and your players can no longer be hacked by someone on their VPN. Force them to use their own IP address instead (and then report that IP to the ISP )!

    And if you have a web store where you sell virtual items, adding AntiKnox to your checkout process greatly reduces your fraud rate because your customers can no longer fake their location to match the credit card they use (or change their IP on PayPal to file an 'unauthorized access' claim).

    Briefly put, there are plenty of reasons why your server needs an extra layer of security.


    Pricing
    You get 200 free lookups per month. Do you need more? For every $1, you'll receive 500 more lookups. Need a lot more? Reach out and we'll agree on pricing!


    Installation
    Note: for various server 'bases', full-blown guides are available below under the 'Setup Guides' category.

    First of all, you're going to need an API key. AntiKnox is completely free to try out, so create an account and head over to the dashboard. Your license key is shown on the right.

    Next up, download the antiknox-all-1.0.0.jar library from the Github releases page. You can also add the library using Gradle/Maven if you use that - the details for that are in the repository README.md file.

    Add the library to your project as a dependency. In most server sources, you'd drop the .jar inside the 'lib' folder, then right-click it and add it to your classpath.

    When it's in your classpath, import a few classes:

    Code:
    import net.antiknox.*;
    import net.antiknox.http.OkHttp3Client;
    import net.antiknox.gson.GsonDeserializer;
    Now, create a new instance somewhere (for example in your login handler):

    Code:
    	private static AntiKnox antiknox = new AntiKnox.Builder()
    			.key("your-license-key-goes-here") // Replace the key with your own!
    			.jsonDeserializer(new GsonDeserializer())
    			.httpClient(OkHttp3Client.createDefault())
    			.build();
    Now, all there is left is to make the actual checks. Remember, for various server 'bases' there are full-blown examples below that you can copy paste.

    A generic approach would be to add the following code where you also handle IP bans and regular account bans:

    Code:
    Record lookup = antiknox.lookup(host);
    if (lookup.hasDirectMatch()) {
    	Record.Direct match = lookup.getDirectMatch();
    
    	System.out.printf("Rejecting login from %s because %s is a %s from %s.", player.getUsername(), host,
    			match.getType(), match.getProvider());
    	return LoginResponses.LOGIN_REJECT_SESSION; // The response code is up to you. You can also show 'banned', or similar.
    }

    Setup Guides
    Below are various setup guides for different private server flavors. Select the 'base' that is closest to what you're working with, or implement it yourself from the generic steps above.

    Ruse-based
    Spoiler for Ruse-based installation guide:

    1. Add the AntiKnox .jar-file to your 'lib' folder
    2. Add it as a library to your project. In IDEA, right-click and 'Add as library'. I don't know about Eclipse - I don't speak Eclipse. It's something with 'classpath'.
    3. Find the class called ConnectionHandler.java.
    4. Do some importing:
      Code:
      import net.antiknox.*;
      import net.antiknox.http.OkHttp3Client;
      import net.antiknox.gson.GsonDeserializer;
    5. Create a new AntiKnox instance:
      Code:
      public class ConnectionHandler {
      
      	private static AntiKnox antiknox = new AntiKnox.Builder()
      			.key("your-license-key-goes-here")
      			.jsonDeserializer(new GsonDeserializer())
      			.httpClient(OkHttp3Client.createDefault())
      			.build();
    6. Scroll down a bit until you see a method called getResponse.
    7. Underneath
      Code:
      if (PlayerPunishment.IPBanned(host)) {
          return LoginResponses.LOGIN_DISABLED_IP;
      }
      Add this:
      Code:
      Record lookup = antiknox.lookup(host);
      if (lookup.hasDirectMatch()) {
      	Record.Direct match = lookup.getDirectMatch();
      
      	System.out.printf("Rejecting login from %s because %s is a %s from %s.", player.getUsername(), host,
      			match.getType(), match.getProvider());
      	return LoginResponses.LOGIN_REJECT_SESSION;
      }
    8. That's all - you're ready




    Need help?
    Send me a message and I'll help with integrating AntiKnox into your project - whatever base that may be.
    xxxxxxx
    Reply With Quote  
     


  2. #2  
    Banned
    Join Date
    Sep 2017
    Posts
    339
    Thanks given
    24
    Thanks received
    30
    Rep Power
    0
    This is really good finally someone came up with this not going use now maybe in near future thanks! But uid ban is kinda effective isnt it?
    Reply With Quote  
     

  3. #3  
    Registered Member
    Velocity's Avatar
    Join Date
    Jan 2009
    Age
    28
    Posts
    2,028
    Thanks given
    1,013
    Thanks received
    2,376
    Rep Power
    4112
    Quote Originally Posted by replicant View Post
    This is really good finally someone came up with this not going use now maybe in near future thanks! But uid ban is kinda effective isnt it?
    Well, not really. As long as someone can decompile/modify the game client, they can bypass it. It depends on the implementation, but in the end it will always be something client-sided. Let me know if you're ever going to use it and I'll give you a hand setting things up!
    xxxxxxx
    Reply With Quote  
     

  4. #4  
    Banned

    Join Date
    Oct 2013
    Posts
    570
    Thanks given
    3
    Thanks received
    60
    Rep Power
    0
    wow wont use this. but thanks this is really cool.
    Reply With Quote  
     

  5. #5  
    Registered Member
    Velocity's Avatar
    Join Date
    Jan 2009
    Age
    28
    Posts
    2,028
    Thanks given
    1,013
    Thanks received
    2,376
    Rep Power
    4112
    Quote Originally Posted by pokeball98 View Post
    wow wont use this. but thanks this is really cool.
    No problem, it'll be here should the need for it arise
    xxxxxxx
    Reply With Quote  
     

  6. #6  
    Developer


    Join Date
    Aug 2012
    Posts
    2,493
    Thanks given
    180
    Thanks received
    1,732
    Rep Power
    2487
    yes no more stupid people ruining my server!!! i recommend usage for everyone


    i will download now
    Reply With Quote  
     

  7. #7  
    Registered Member

    Join Date
    Nov 2013
    Posts
    746
    Thanks given
    187
    Thanks received
    459
    Rep Power
    5000
    I like the concept

    Attached image


    Attached image

    Reply With Quote  
     

  8. #8  
    Respected Member


    Join Date
    Jul 2015
    Posts
    781
    Thanks given
    206
    Thanks received
    394
    Rep Power
    524
    hopefully everyone blocks asns... but there are a ton of open source lists / api's or even services like iphub. what makes this different?
    Reply With Quote  
     

  9. #9  
    Renown Programmer & Respected Member

    Ryley's Avatar
    Join Date
    Aug 2011
    Posts
    596
    Thanks given
    254
    Thanks received
    521
    Rep Power
    1332
    Quote Originally Posted by Khaleesi View Post
    hopefully everyone blocks asns... but there are a ton of open source lists / api's or even services like iphub. what makes this different?
    this. why should I use this service over an asn+iphub lookup combo (not to mention iphub gives you 1,000 free requests a day and you give a pathetic 200 lookups a month)

    edit: before u mention caching results from ur api as the reason for the low lookup requests, many people have a much higher volume than that and you only offer 1 plan before having to reach out to your sales rep
    Reply With Quote  
     

  10. Thankful user:


  11. #10  
    Donator


    Join Date
    Jul 2017
    Posts
    178
    Thanks given
    196
    Thanks received
    55
    Rep Power
    102
    Ill def plug in for the sake of it, nice release overall.
    Reply With Quote  
     

Page 1 of 3 123 LastLast

Thread Information
Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)


User Tag List

Similar Threads

  1. Replies: 9
    Last Post: 07-26-2014, 01:26 AM
  2. Replies: 40
    Last Post: 06-29-2012, 09:50 AM
  3. Protect your server from DoS
    By Neekage in forum Hosting
    Replies: 6
    Last Post: 03-30-2012, 09:56 AM
  4. Closing Your Server from Others
    By Nets8 in forum Tutorials
    Replies: 6
    Last Post: 08-23-2008, 12:04 AM
  5. reload your server from command
    By killamess in forum Tutorials
    Replies: 7
    Last Post: 04-17-2008, 03:42 PM
Posting Permissions
  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •