Question Windows firewall / Block VPN/Proxy

weakman

Member
Joined
Nov 11, 2015
Messages
25
Points
35
Age
49
Hi Guys,
So short story over a year now I have VPN/Proxy users connecting to my website and TS server trolling just about daily.
I use netsh ipsec to block each IP. Do you guys know of any server side script that can check connections connecting to any service on my windows box and stop them from connecting. Looking to monitor whois if possible send alerts or simple block range of all VPN providers


@echo off
set /p ip=Enter IP to Ban:
echo %ip%
netsh ipsec static add filter filterlist="Banned IPS" srcaddr=%ip% dstaddr=me description="Banned IPS" protocol=any srcport=0 dstport=0
echo IP is now banned from the server you can close this window.
@pause
 

Bluscream

Retired Staff
Member of the Month
Contributor
Joined
May 8, 2015
Messages
937
Points
171
Location
Germany
Hi Guys,
So short story over a year now I have VPN/Proxy users connecting to my website and TS server trolling just about daily.
I use netsh ipsec to block each IP. Do you guys know of any server side script that can check connections connecting to any service on my windows box and stop them from connecting. Looking to monitor whois if possible send alerts or simple block range of all VPN providers


@echo off
set /p ip=Enter IP to Ban:
echo %ip%
netsh ipsec static add filter filterlist="Banned IPS" srcaddr=%ip% dstaddr=me description="Banned IPS" protocol=any srcport=0 dstport=0
echo IP is now banned from the server you can close this window.
@pause
Peerblock or Advanced Windows Firewall Control might be the tool of your choice :)
 

MrWolf

Moderator
Joined
Dec 27, 2016
Messages
361
Points
112
Age
21
Location
Croatia
Peerblock or Advanced Windows Firewall Control might be the tool of your choice :)
I think that could be made with sinusbot script?
But i just think to create bot with script that bans vpn ip range that you want.
It should be grate but im not sure how to make script like that xD
 

weakman

Member
Joined
Nov 11, 2015
Messages
25
Points
35
Age
49
Thanks guys looking into Advanced Windows firewall I dont know if it will block IPA and VPN providers.
 

weakman

Member
Joined
Nov 11, 2015
Messages
25
Points
35
Age
49
So i check that Advance windows firewall its a nice GUI but no advance scanning of connections detecting if they are VPN to ban send notices etc.

Mr Wolf is there any features from that bot. I tried so many on the web. Thanks for responding guys
 

Bluscream

Retired Staff
Member of the Month
Contributor
Joined
May 8, 2015
Messages
937
Points
171
Location
Germany
You can try this on a always on teamspeak client like sinusbot. If it doesn't work by now tell me and i try to fix it (haven't used or updated it in a while) :D
 

weakman

Member
Joined
Nov 11, 2015
Messages
25
Points
35
Age
49
Helllo,
Thank you for your response. I tried that plugin and had an error

I check the logs I think the problem is here FileNotFoundError: [Errno 2] No such file or directory: 'C:\\Users\\blusc\\AppData\\Roaming\\TS3Client\\plugins\\pyTSon\\scripts\\ISPValidator\\isps.txt'

5/27/2017 01:59:02 pyTSon.PluginHost.activate Error Error starting python plugin ISP Validator: Traceback (most recent call last):
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\pluginhost.py", line 235, in activate
cls.active[pname] = cls.plugins[pname]()
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\ISPValidator\__init__.py", line 43, in __init__
with open(self.cfg['general']['isps']) as f:
FileNotFoundError: [Errno 2] No such file or directory: 'C:\\Users\\blusc\\AppData\\Roaming\\TS3Client\\plugins\\pyTSon\\scripts\\ISPValidator\\isps.txt'

5/27/2017 01:59:12 pyTSon.PluginHost.activate Error Error starting python plugin ISP Validator: Traceback (most recent call last):
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\pluginhost.py", line 235, in activate
cls.active[pname] = cls.plugins[pname]()
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\ISPValidator\__init__.py", line 43, in __init__
with open(self.cfg['general']['isps']) as f:
FileNotFoundError: [Errno 2] No such file or directory: 'C:\\Users\\blusc\\AppData\\Roaming\\TS3Client\\plugins\\pyTSon\\scripts\\ISPValidator\\isps.txt'

5/27/2017 02:01:17 Info Memory usage: 171.13 MiB
5/27/2017 02:07:37 pyTSon.PluginHost.deactivate Error Error stopping python plugin IPC Client: Traceback (most recent call last):
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\pluginhost.py", line 267, in deactivate
if cls.hotkeys[key][0].name == pname:
AttributeError: 'str' object has no attribute 'name'

5/27/2017 02:07:42 Python Script Info Fake Anything script for pyTSon by Bluscream loaded from "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\faker\__init__.py".
5/27/2017 02:07:42 pyTSon.PluginHost.activate Error Error starting python plugin Fake Anything: Traceback (most recent call last):
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\pluginhost.py", line 235, in activate
cls.active[pname] = cls.plugins[pname]()
File "C:/Users/xxxx/AppData/Local/TeamSpeak 3 Client/config/plugins/pyTSon/scripts\faker\__init__.py", line 23, in __init__
if self.debug:
AttributeError: 'faker' object has no attribute 'debug'
 

weakman

Member
Joined
Nov 11, 2015
Messages
25
Points
35
Age
49
Simple fix I checked the settings.ini and it had the incorrect path in there
 

weakman

Member
Joined
Nov 11, 2015
Messages
25
Points
35
Age
49
Ok did some testing it detects correctly however on whitelist mode it bans everyone legit ISPs and blacklist mode it doesnt ban anyone. it doesnt even warn correctly.
 

Bluscream

Retired Staff
Member of the Month
Contributor
Joined
May 8, 2015
Messages
937
Points
171
Location
Germany
Ok did some testing it detects correctly however on whitelist mode it bans everyone legit ISPs and blacklist mode it doesnt ban anyone. it doesnt even warn correctly.
Thanks for the feedback. I'm gonna check as soon as i have my server booted up again
 

weakman

Member
Joined
Nov 11, 2015
Messages
25
Points
35
Age
49
Thanks for the feedback. I'm gonna check as soon as i have my server booted up again
You're welcome - just a little more information.

When i connect using 127.0.0.1 It bans that account- Working as expected
[WARNING] ISPValidator could not resolve the ISP for '-BOT' (Reason: NoneType
) Falling back to
You do not have permission to view link Log in or register now.

You do not have permission to view link Log in or register now.

-BOT's ISP: undefined
<09:56:06> "-BOT" was banned for 1 minute from the server by "xxxx" (undefined is not a valid Internet Service Provider!)
However lets say I use Proxy
<10:02:56> "-BOT" connected to channel "[cspacer15] ☠ | Lobby | ☠"
You do not have permission to view link Log in or register now.

-BOT's ISP: OVH SAS
I even have OVH SAS in the blacklist mode
I know what I am about to request is easier said than done. I think there are a few APIs out there that maybe the plugin can tap into a black list of ISPs e.g Private internet access IP ranges
Thank you for your help really appreciate it.
 

i7even

Member
Joined
Sep 20, 2015
Messages
19
Points
35
Age
36
I do have one question. Does this bot have VPN/proxy guard
GzPro Bots (All) (Updated)

I dont have access to that but from google they have protection it seems like?
Hi there
Is not 1 bot is a lot of them
and yes that topic have the Bot with Anti-VPN which works very well...i use that bot on my server.
some times (rare) kicks/bans some ip's which is not a vpn but you also can make a group to not be kicked by the bot in case
that ip does not belong to VPN...
I recommend GzPro bots on VIP selection
 

Top