[MUD-Dev] Grief players with ip/dns spoofers
sean at ffwd.cx
Thu Jul 12 22:08:33 New Zealand Standard Time 2001
From: "Tand'a-ur" <tandaur at ix.netcom.com>
> Hi, long time lurker here, and I've just about had it with a few
> troublemakers that like to frequent my MUD. Banning doesn't work
> because they have ip spoofers and will just come back with another
> made up ip. I was wondering if there is a way to detect a phony ip
> and just flat out deny connections to them.
Unless I'm misinformed, there is no way to maintain an interactive
session with a spoofed IP. What happens is that the response
packets go to whatever that IP is and not back to the originator.
What people often do is use proxies. There are lists of public
proxies floating around which are commonly used for such purposes.
I haven't used them myself or I'd point you at a list, but one
shouldn't be too terribly difficult to track down. Since these
proxies are legitimate machines, there's no way to filter just by
looking at the packet. Even with spoofed IP packets there isn't any
way to filter them just by examining the packet itself. What you
might try to do is track down one of these proxy server lists and
just add all of them to your refusal list.
Another option would be to place more restrictions on new account
applications. Require that prospective users supply a valid email
address and check it before you auth the account. I grant that it's
pretty easy to get an unlimited supply of free email accounts via
services like hotmail, but at least it would slow these kids down.
If you wanted to be really picky you could require that the address
not be through a web mail server.
MUD-Dev mailing list
MUD-Dev at kanga.nu
More information about the MUD-Dev