rssAnti-ban evader and/or block select VPN services (antibanevadersorvpn)

Rate:You need to be logged in to vote
Rating:5 (3 Votes)
This script allows you to detect Serial changers who change IP or serial to try evade bans, it can fight:

- Dynamic IP's (or static..)
- changed serials

How? By resolving the IP hostname when they connect.
You can choose to 'log' the connections (flag option) when a player connects with a defined hostname, which means Internet Provider hostname, so you can investigate if they are who you think they might be.

VPN hostname: looks like; datacenter1.vpnworks.net (example; you would then block or log use of a specific proxy/VPN program if many ban evaders use it)

Home internet connection; looks like: (develop a sense for how they often look)
customer17135.ippool.t-mobile.com (you can both list the customer-or pool specific hostname (before the first dot); this to avoid logging or blocking innocent unrelated players, OR if they are (almost) the only using that Internet provider or VPN software, log or block general hostname ('ippool.t-mobile.com' as for fictive example)

If you know one problematic ban evader uses one internet provider usually (ISP) you check the hostname of that IP and add it to the flag list, then when someone connects using this matching hostname, it will print a warning to server.log and you can investigate:

- Does the player behave as the banned player?
- Is he with the same friends or does he talk similarly, IS HE clearly the same person?

This resource basically give you usable leads in order to identify these ban evaders; it provides you with suspects, based on Internet provider or customer account hostname, so you can start analyzing if they are the same person. It can also block the connection automatically instead of only logging a warning of the suspicious player connecting.

Besides the lead-giving to investigate, if you got problematic ban evader(s) who mainly use the same VPN/proxy program that uses often specific hostnames of Datacenters/the VPN company, or the same Internet provider hostname or the evader himself has a Dynamic public IP, BUT.. a static hostname (like based upon f.e, customer82423.pool.telecomalgeria.com) you can define and nail them on this static hostname that belongs to the ISP provider customer who has the internet/DSL account. (aka, the same person).

As said before, be careful by analyzing the specific use of hostnames to see how many potentially legit players you could hurt. It's the best choice to go for Flagging only and not refusing connections, so you can look on a case by case basis if the player seems to be the same as the ban evader; and then re-ban the new evading serial or IP's. This resource will prove to be a reliable tool.


Comments (2) | Download latest version | Report

Version history

Version Publish Date Changes
1.0.0 2017-06-24 04:53:32 First public release Download