• Welcome to Valhalla Legends Archive.
 

BNLS needs a method to stop idiots..

Started by Skeptical, January 11, 2007, 12:21 PM

Previous topic - Next topic
|

Yegg

Quote from: dlStevens on January 12, 2007, 10:08 AM
Also, Why not add an unique token, the computer has to send to the BNLS server? each computer has to have their own individual token, if that token has say 8+ logins at the same time, then disallow anymore from that computer until a connection is dropped?

Like I said, if this were the case, a bot could be written to use proxies. All they'd have to do is run x amount of accounts per proxy, and BNLS wouldn't be able to do anything about it.

Dale

Quote from: Yegg on January 12, 2007, 02:07 PM
Quote from: dlStevens on January 12, 2007, 10:08 AM
Also, Why not add an unique token, the computer has to send to the BNLS server? each computer has to have their own individual token, if that token has say 8+ logins at the same time, then disallow anymore from that computer until a connection is dropped?

Like I said, if this were the case, a bot could be written to use proxies. All they'd have to do is run x amount of accounts per proxy, and BNLS wouldn't be able to do anything about it.


This has nothing to do with the connection, per-say.

I'm talking about you register a serial number with BNLS, and apon connecting, send the serial.

vuther.de

I know alot of flooders/loaders and almost all of them use port 1080 for their proxies.

Mystical

Quote from: inner.de on January 12, 2007, 04:38 PM
I know alot of flooders/loaders and almost all of them use port 1080 for their proxies.

1080 and 26662

Wolf

#19
Wait a minute, thats just basic a Sock 4/5 connection routed through someones proxy server isn't it? These proxies that people log onto are just other peoples proxy servers left unsecure. I would imagine that the people who leave there servers like this open to the world don't even realize that others are massing with them. If they don't realize, then mostlikely the ports to connect to are at default (1080 and 26662) like what Mystical just said. So they can be anything, true, but the majority of the connections are on the 2 ports. If you blocked the 2, there is only a small handful of ports that people would leave open to the world that others would connect to, wouldn't it? If there were only a small handful, it doesn't correct massing completely but wouldn't it reduce it a whole lot?
Seen as +i!+Wolf+i!+, (i!)~Wolf~(i!)

shout

Just make it closed. That will force people to procure a way to log on locally, although the amount of people flooding the forum might be the same as the massloads...

l2k-Shadow

I hope you "block proxies" guys realize that ONLY YOU connect to the proxy on port 1080, the proxy connects to the destination server from a different local port, since 1080 is the listening port.  ::)
Quote from: replaced on November 04, 2006, 11:54 AM
I dunno wat it means, someone tell me whats ix86 and pmac?
Can someone send me a working bot source (with bnls support) to my email?  Then help me copy and paste it to my bot? ;D
Já jsem byl určenej abych tady žil,
Dával si ovar, křen a k tomu pivo pil.
Tam by ses povídaj jak prase v žitě měl,
Já nechci před nikym sednout si na prdel.

Já nejsem z USA, já nejsem z USA, já vážně nejsem z USA... a snad se proto na mě nezloběj.

vuther.de

Just bring back the simple username/password logon, and monitor the users for any type of abuse of the service.

Mystical

Quote from: inner.de on January 12, 2007, 05:54 PM
Just bring back the simple username/password logon, and monitor the users for any type of abuse of the service.

Already Agreed.

Newby

Quote from: topaz on January 12, 2007, 08:53 AM
Useless. Proxies can use almost any available port (2^16 - 1) and aren't confined to just 1080 and 1050.

Cpt. Obvious plays WoW and gold farms.
- Newby

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote<TehUser> Man, I can't get Xorg to work properly.  This sucks.
<torque> you should probably kill yourself
<TehUser> I think I will.  Thanks, torque.

UserLoser

Testing to see if the client is a proxy or not isn't practical.  With the amount of connections that BNLS recieves per minute, it'd be just stupid to attempt a connection to each one on X port to see if it's a proxy.  The BNLS server might as well just DDoS itself.

The easiest way to go about adding a "restriction" would be an algorithm calculating the amount of logon queries/cdkey encryption/connection attempts per bot id in Y amount of time resulting in a value determining or not if it's abusive.

l)ragon

Quote from: UserLoser on January 12, 2007, 10:36 PM
Testing to see if the client is a proxy or not isn't practical.  With the amount of connections that BNLS recieves per minute, it'd be just stupid to attempt a connection to each one on X port to see if it's a proxy.  The BNLS server might as well just DDoS itself.

The easiest way to go about adding a "restriction" would be an algorithm calculating the amount of logon queries/cdkey encryption/connection attempts per bot id in Y amount of time resulting in a value determining or not if it's abusive.
Something like that could work if the ip logging in goes passed 8 within a specified time frame, I know I hit bnls atleast 4 or 5 times times and they're probably only a few ms apart from eachother.
*^~·.,¸¸,.·´¯`·.,¸¸,.-·~^*ˆ¨¯¯¨ˆ*^~·.,l)ragon,.-·~^*ˆ¨¯¯¨ˆ*^~·.,¸¸,.·´¯`·.,¸¸,.-·~^*

Dale

Quote from: UserLoser on January 12, 2007, 10:36 PM
Testing to see if the client is a proxy or not isn't practical.  With the amount of connections that BNLS recieves per minute, it'd be just stupid to attempt a connection to each one on X port to see if it's a proxy.  The BNLS server might as well just DDoS itself.

The easiest way to go about adding a "restriction" would be an algorithm calculating the amount of logon queries/cdkey encryption/connection attempts per bot id in Y amount of time resulting in a value determining or not if it's abusive.


Yes, Exactly what I was getting at.

Warrior

Quote from: Mystical on January 12, 2007, 06:43 PM
Quote from: inner.de on January 12, 2007, 05:54 PM
Just bring back the simple username/password logon, and monitor the users for any type of abuse of the service.

Already Agreed.

Because they arn't sent in PLAIN TEXT to BNLS right?
Quote from: effect on March 09, 2006, 11:52 PM
Islam is a steaming pile of fucking dog shit. Everything about it is flawed, anybody who believes in it is a terrorist, if you disagree with me, then im sorry your wrong.

Quote from: Rule on May 07, 2006, 01:30 PM
Why don't you stop being American and start acting like a decent human?

Dale

I'm not positive, but I'm almost sure that they aren't sent in plain text.

They're probably sent encrypted, or what not.

But still, you can monitor it...

|