How do you detect a VPN or Proxy connection?

2019-01-23 14:42发布

站内问答 / 前端开发
2025 7 5

I would like to block all connections to my server that use a VPN or Proxy. Is there anyway to detect that a VPN or proxy connection is being used? If not, is there anyway that I can check the likelihood that a VPN or proxy is being used? Lastly, is there anything that I can query or prompt the user with to check if they are using a VPN or Proxy so that if anyone does get through, I can try and perform additional verification? I do not need any information from the user such as location, true IP, or anything like that. I just want to entirely bar connections from VPNs or Proxies.

Edit: I've been thinking that I could potentially run a test to see if there is consistent discrepancies between ping to the VPN IP and the detectable latency of the client, but that sounds pretty unreliable.

Edit2: A proxy or VPN server would likely have many more ports open than a standard home connection so I could use the number of ports open to help gauge the likelihood of a connection coming from a VPN by running a port scan of the person connecting.

标签: proxy vpn
举报
7条回答
小情绪 Triste *
2楼-- · 2019-01-23 15:11

You can see that :

Detecting VPN connection

But the short answer is no, you can't.

查看更多
0人赞 添加讨论(0) 举报
可以哭但决不认输i
3楼-- · 2019-01-23 15:19

Yes, you can detect whether an IP belongs to a VPN/ proxy using Shodan. The following Python code shows how to do it:

import shodan

# Setup the API wrapper
api = shodan.Shodan('YOUR API KEY') # Free API key from https://account.shodan.io

# Lookup the list of services an IP runs
ipinfo = api.host(VISITOR_IP)

# Check whether the IP runs a VPN service by looking for the "vpn" tag
if 'tags' in ipinfo and 'vpn' in ipinfo['tags']:
    print('{} is connecting from a VPN'.format(VISITOR_IP))

You can also look at the list of ports to determine the likelihood that the visitor is connecting from a HTTP proxy:

if 8080 in ipinfo['ports']:
    print('{} is running a web server on a common proxy port'.format(VISITOR_IP))
查看更多
0人赞 添加讨论(0) 举报
姐就是有狂的资本
4楼-- · 2019-01-23 15:30
  • Get (somehow) list of IP of proxy servers.
  • Measure round trip ping time to user. Helps in online websocket games. Games are playable with ping under 50ms, so you can disconnect users with ping about 100ms and greater with a message "Sorry, too large ping".
查看更多
0人赞 添加讨论(0) 举报
时光不老,我们不散
5楼-- · 2019-01-23 15:32

You can download a list of known proxy IP addresses and lookup locally to see if it is VPN, open proxy etcs.

There are several commercial products in the market. IP2Proxy LITE is a free one you can try immediately.

查看更多
0人赞 添加讨论(0) 举报
The star\"
6楼-- · 2019-01-23 15:33

You can use web API's that keep track of IP addresses for you such as: http://xioax.com/host-blocker/

There even is Java Library: https://github.com/HiddenMotives/Java-VPNDetection

查看更多
0人赞 添加讨论(0) 举报
劳资没心,怎么记你
7楼-- · 2019-01-23 15:35

The simplest way to do this is to use an external service like an API to block VPN or proxy users.

MaxMind and GetIPIntel both offer it via API, you might want to give it a try. GetIPIntel provides free API service so I suggest you try that first.

For OpenVPN, someone used unique MSS values to identify VPN connections but the setup is complicated and it might be "patched" now.

The strategies you've mentioned in your edits don't seem like a very good idea because you'll run into many false positives. Sending out port scans whenever they connect to your service is going to take a lot of time and resources before you get the results.

查看更多
0人赞 添加讨论(0) 举报
1 2 下一页
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)