• VIP content is now being released for free. Consider this an early Christmas gift! We have decided to do this for anyone poor and unable to afford VIP membership.

Question Windows firewall / Block VPN/Proxy

Messages
24
Likes
4
Points
3
#1
Hi Guys,
So short story over a year now I have VPN/Proxy users connecting to my website and TS server trolling just about daily.
I use netsh ipsec to block each IP. Do you guys know of any server side script that can check connections connecting to any service on my windows box and stop them from connecting. Looking to monitor whois if possible send alerts or simple block range of all VPN providers


@echo off
set /p ip=Enter IP to Ban:
echo %ip%
netsh ipsec static add filter filterlist="Banned IPS" srcaddr=%ip% dstaddr=me description="Banned IPS" protocol=any srcport=0 dstport=0
echo IP is now banned from the server you can close this window.
@pause
 

Bluscream

Retired Staff
Contributor
Member
Messages
929
Likes
886
Points
110
#2
Hi Guys,
So short story over a year now I have VPN/Proxy users connecting to my website and TS server trolling just about daily.
I use netsh ipsec to block each IP. Do you guys know of any server side script that can check connections connecting to any service on my windows box and stop them from connecting. Looking to monitor whois if possible send alerts or simple block range of all VPN providers


@echo off
set /p ip=Enter IP to Ban:
echo %ip%
netsh ipsec static add filter filterlist="Banned IPS" srcaddr=%ip% dstaddr=me description="Banned IPS" protocol=any srcport=0 dstport=0
echo IP is now banned from the server you can close this window.
@pause
Peerblock or Advanced Windows Firewall Control might be the tool of your choice :)
 

MrWolf

Moderator
Member
Messages
387
Likes
262
Points
77
#3
Peerblock or Advanced Windows Firewall Control might be the tool of your choice :)
I think that could be made with sinusbot script?
But i just think to create bot with script that bans vpn ip range that you want.
It should be grate but im not sure how to make script like that xD
 
Messages
24
Likes
4
Points
3
#5
So i check that Advance windows firewall its a nice GUI but no advance scanning of connections detecting if they are VPN to ban send notices etc.

Mr Wolf is there any features from that bot. I tried so many on the web. Thanks for responding guys
 

Bluscream

Retired Staff
Contributor
Member
Messages
929
Likes
886
Points
110
#6
You can try this on a always on teamspeak client like sinusbot. If it doesn't work by now tell me and i try to fix it (haven't used or updated it in a while) :D
 
Messages
24
Likes
4
Points
3
#7
Helllo,
Thank you for your response. I tried that plugin and had an error

I check the logs I think the problem is here FileNotFoundError: [Errno 2] No such file or directory: 'C:\\Users\\blusc\\AppData\\Roaming\\TS3Client\\plugins\\pyTSon\\scripts\\ISPValidator\\isps.txt'

5/27/2017 01:59:02 pyTSon.PluginHost.activate Error Error starting python plugin ISP Validator: Traceback (most recent call last):
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\pluginhost.py", line 235, in activate
cls.active[pname] = cls.plugins[pname]()
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\ISPValidator\__init__.py", line 43, in __init__
with open(self.cfg['general']['isps']) as f:
FileNotFoundError: [Errno 2] No such file or directory: 'C:\\Users\\blusc\\AppData\\Roaming\\TS3Client\\plugins\\pyTSon\\scripts\\ISPValidator\\isps.txt'

5/27/2017 01:59:12 pyTSon.PluginHost.activate Error Error starting python plugin ISP Validator: Traceback (most recent call last):
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\pluginhost.py", line 235, in activate
cls.active[pname] = cls.plugins[pname]()
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\ISPValidator\__init__.py", line 43, in __init__
with open(self.cfg['general']['isps']) as f:
FileNotFoundError: [Errno 2] No such file or directory: 'C:\\Users\\blusc\\AppData\\Roaming\\TS3Client\\plugins\\pyTSon\\scripts\\ISPValidator\\isps.txt'

5/27/2017 02:01:17 Info Memory usage: 171.13 MiB
5/27/2017 02:07:37 pyTSon.PluginHost.deactivate Error Error stopping python plugin IPC Client: Traceback (most recent call last):
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\pluginhost.py", line 267, in deactivate
if cls.hotkeys[key][0].name == pname:
AttributeError: 'str' object has no attribute 'name'

5/27/2017 02:07:42 Python Script Info Fake Anything script for pyTSon by Bluscream loaded from "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\faker\__init__.py".
5/27/2017 02:07:42 pyTSon.PluginHost.activate Error Error starting python plugin Fake Anything: Traceback (most recent call last):
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\pluginhost.py", line 235, in activate
cls.active[pname] = cls.plugins[pname]()
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\faker\__init__.py", line 23, in __init__
if self.debug:
AttributeError: 'faker' object has no attribute 'debug'
 
Messages
24
Likes
4
Points
3
#9
Ok did some testing it detects correctly however on whitelist mode it bans everyone legit ISPs and blacklist mode it doesnt ban anyone. it doesnt even warn correctly.
 

Bluscream

Retired Staff
Contributor
Member
Messages
929
Likes
886
Points
110
#10
Ok did some testing it detects correctly however on whitelist mode it bans everyone legit ISPs and blacklist mode it doesnt ban anyone. it doesnt even warn correctly.
Thanks for the feedback. I'm gonna check as soon as i have my server booted up again
 
Messages
24
Likes
4
Points
3
#11
Thanks for the feedback. I'm gonna check as soon as i have my server booted up again
You're welcome - just a little more information.

When i connect using 127.0.0.1 It bans that account- Working as expected
[WARNING] ISPValidator could not resolve the ISP for '-BOT' (Reason: NoneType
) Falling back to
You do not have permission to view link Log in or register now.

You do not have permission to view link Log in or register now.

-BOT's ISP: undefined
<09:56:06> "-BOT" was banned for 1 minute from the server by "xxxx" (undefined is not a valid Internet Service Provider!)
However lets say I use Proxy
<10:02:56> "-BOT" connected to channel "[cspacer15] ☠ | Lobby | ☠"
You do not have permission to view link Log in or register now.

-BOT's ISP: OVH SAS
I even have OVH SAS in the blacklist mode
I know what I am about to request is easier said than done. I think there are a few APIs out there that maybe the plugin can tap into a black list of ISPs e.g Private internet access IP ranges
Thank you for your help really appreciate it.
 
Messages
19
Likes
1
Points
3
#18
I do have one question. Does this bot have VPN/proxy guard
GzPro Bots (All) (Updated)

I dont have access to that but from google they have protection it seems like?
Hi there
Is not 1 bot is a lot of them
and yes that topic have the Bot with Anti-VPN which works very well...i use that bot on my server.
some times (rare) kicks/bans some ip's which is not a vpn but you also can make a group to not be kicked by the bot in case
that ip does not belong to VPN...
I recommend GzPro bots on VIP selection
 

Top