[REQUEST] Module Anti VPN

Looking for a module? Or want to see one converted to 6.x?

Moderator: Supporters

Posts: 4
Joined: Fri Mar 04, 2016 9:26 am

[REQUEST] Module Anti VPN

Post by SaraC »

The problem of vpn has replaced that of old proxies, basically anyone who has a vpn app in their broswer does what they want, blocklists do not block right or wrong whether it is the countless fake connections.
Even at the right price, a module that blocks such connections is useful, as blocklists do for for example for Tor connections.

Posts: 51
Joined: Mon Jan 16, 2017 8:07 pm
Location: online

Re: [REQUEST] Module Anti VPN

Post by HeXiLeD »

The implications and ramifications of what you are proposing, imply that you know very little of what you are asking.

There are basically 2 ways to achieve what you want.

1: make use of a vpn type dnsbl or TOR like listing exit directory but for vpns
In order to do that and create a .db of all those ips, you wil have to become an attacker with unlawful actions on the internet in order to create such database of IPs used for vpns.

This means the second method, which include the creation of a world wide botnet that will scan all the computers in the world and probe them for default ports used by vpn services in order to build that database.

This will mean that whoever does not run vpns on default ports will be much harder to be found.

Within the method of trying to find who runs a vpn, you can also port scan all your users from port 0 to 65535 UDP and just in case, also TCP to see who is running a vpn and using it.

With method 2, which is needed for method one, you will legally be a criminal and soon to get some 3 letter agency interested in you.

If you do this, all your users should REALY be using TOR and VPNs for their own protection.

There are other ways to keep bad actors that use tor and vpns from your network.
I use both all the time and it is not for bad activity. It is due to limitations, restrictions and prevent attacks to my real ip.
Right now on this forum, I am not using my real ip and I do pay for VPNs.

Many people do want to go to networks that force users to show their real ip.
I would say that virtually all chat protocols out there these days allow the use of TOR and VPNs and if you ban these people, they have better alternatives and you will contribute to kill IRC.

There are other ways to fight these bad actors.

Your module request is not practicable or usable on a large scale.
I will not visit your network and one day, if you dedicate time to security online, you will be wanting vpns.
Constructive criticism leads to evolution and progress. Negative criticism leads to obsolescence. We are not in the 90's IRC world anymore.
CertFP: d985d21f89fe2977b593c4d381a1a86802e62990d9328d893db76d59f9935244
Posts: 4
Joined: Fri Mar 04, 2016 9:26 am

Re: [REQUEST] Module Anti VPN

Post by SaraC »

Anyone who uses services as an anope obscures the ip to all others, those who disguise themselves hide other intentions from simple dialogue.
But I'm not here to discuss who's right, but to find and suggest a system to block vpns and who uses them dishonestly.
IRC is killed by those who use it for purposes other than to communicate and make new friends, certainly not by those who try to block illegality and misbehavior.
The same was said for proxies, but then many started using BOPM and other proxyscans to block the many, too many little men on IRC
I renew my request that at most will not be answered.

Posts: 185
Joined: Thu Apr 28, 2005 1:05 pm
Location: France

Re: [REQUEST] Module Anti VPN

Post by CrazyCat »

As HeXiLeD said, you can't really detect VPNs, unless you have a list of IP. I know that some guys use vpns to bypass the ban, but it's impossible to detect and block them automaticaly.
UnrealIRCd head coder
Posts: 2033
Joined: Sat Mar 06, 2004 8:57 pm
Location: .nl

Re: [REQUEST] Module Anti VPN

Post by Syzop »

I've deleted all follow-up messages. Only the above four messages remain, which cover the subject sufficiently. All the other messages were just unnecessary noise, insults, judgements and responses to those. (Sorry haven't been paying that much attention to forums)

The last statement from CrazyCat is correct. It is not possible to detect VPN usage via a module.
It would theoretically be possible to detect VPN usage by IP address blacklists such as DNSBL's, for which you can then use the blacklist { } block. I am not aware of such a blacklist myself, but feel free to google on "vpn blacklist" or similar terms.

Personally I wouldn't block VPN's because they are used by many "legit people" as well, but it is your network, your server, your decision.

Also, and I know this was not your actual question, but if you have not done so recently then I highly suggest (re-)reading about all the countermeasures that are available in UnrealIRCd 5 in general. They are likely to help in your situation as well :).
See the Anti-flood features documentation, which covers more than 10+ set block settings, DNSBL's, connthrottle (and reputation), antirandom and channel modes.

I'll now lock this topic to prevent further noise from anyone. Also I suppose the question itself (is there a module or can there be a module? no) has been answered.