Difference between revisions of "Proxy"

From MIXXnet Wiki

m (External Links: - Capitalized the 'p' )
m (External Links: Fixed NJABL name)
Line 38: Line 38:
  
 
==External Links==
 
==External Links==
*[http://njabl.org/ Not Just Another Black List]
+
*[http://njabl.org/ Not Just Another Bogus List]
 
*[http://wiki.blitzed.org/BOPM Blitzed Open Proxy Monitor Software]
 
*[http://wiki.blitzed.org/BOPM Blitzed Open Proxy Monitor Software]
 
*[http://en.wikipedia.org/w/Tor_(anonymous_network) TOR Wikipedia Page]
 
*[http://en.wikipedia.org/w/Tor_(anonymous_network) TOR Wikipedia Page]
  
 
[[Category:Services]]
 
[[Category:Services]]

Revision as of 21:21, 30 August 2005

A proxy is an internet connection that is tunneled through another internet connection. MIXXnet has certain policies setup for proxy users.

Policies

MIXXnet allows its users to connect to the network using a proxy. There are policies that govern the use of proxies on MIXXnet. If a user's host is found to be listed as a proxy, the user will receive a private message from 'bopmNinjutsu'. The message will say something along the lines of:

[10:22:16] <bopmNinjutsu> Your hostname has been changed to: static-64-115-210-23.isp.broadviewnet.net.dnsbl.proxy because your IP has been blacklisted. For assistance, please see an op in #help. For more information on proxies, see http://mixxnet.net/wiki/?title=Proxy

After which the user's hostname is altered to reflect the hostname which is displayed in the private message.

Public proxy monitor statistics are available to the public in #bopm. If you need any assistance regarding proxies, you can ask a staff member in #help.

Types of Proxies

MIXXnet checks users against three types of proxies.

TOR Proxies

TOR (The Onion Ring project) provides users with free and anonymous proxies that allow users to hide their real host. Connections are routed through multiple TOR hosts which makes it impossible to trace a connection. Users who connect via TOR will have their hostmask chaned to originalhostname.tor.proxy. For more information on TOR, see the External Links section.

DNSBLs

DNSBLs or Domain Name Service Black Lists are 3rd party blacklists that MIXXnet queries for every user that connects. If a user's hostmask is listed in the blacklist, then their hostname will be changed to originalhostname.dnsbl.proxy. If you are wrongfully listed in the DNSBL, there isn't really much we can do as we do not operate the lists.

Blacklists

MIXXnet uses the following DNSBLs:

  • opm.blitzed.org
  • dnsbl.njabl.org
  • cbl.abuseat.org
  • tor.dnsbl.sectoor.de
  • dnsbl.ahbl.org

Whitelists

MIXXnet does take into account that some hosts are dynamic IPs. The problem with dynamic IPs is that a user's IP always changes. If a user runs an open proxy, then their IP is listed. The problem is that they will get a new IP soon if their IP is dynamic. A user who doesn't run a proxy might get that user's old blacklisted IP. Due to this, MIXXnet also checks users' IP against a whitelist. The whitelist contains dynamic IP addresses. When the proxy scanner scans an IP, it checks to make sure that the user is not listed in the whitelist. If they are listed as a dynamic IP (they are whitelisted), then any blacklist records are void (Your host is not altered). If you do have a dynamic IP and you're not whitelisted, you can go to the njabl website and have it added. MIXXnet uses dynablock.njabl.org to check for dynamic IPs.

Open Proxies

Our proxy monitor also port scans the user's host for any open proxies. If a connection back to MIXXnet can be established through the user's connection, then the host is marked as an open proxy. There is no way you can mistakenly be marked as using an open proxy. Users who are found to be running an open proxy will have their hostname changed to originalhostname.open.proxy.

How to Implement

If a user is abusing a channel, a channel operator can ban that user. That's fine, however the user can just reconnect to MIXXnet with a proxy and rejoin since their hostname would be different from the ban that was set on the channel. This creates a problem for the channel's staff. To combat this problem, a channel owner can ban *!*@*.tor.proxy. This effectively bans most TOR proxies in existence. A channel operator also has the ability to ban all proxies no matter what the type. The hostmask he would ban is *!*@*.proxy.

External Links