Quote:
Originally Posted by Paul M
I don't quite follow how this would work, as all requests to the final server (i.e. your server) will be on port 80, regardless of what ports were used before that.
|
You know...I may be remembering this incorrectly and I may also be explaining it incorrectly as well.
This is what I remember that it did.
Let's grab a "fresh" proxy list
The first proxies on that list are connected at port:
6588 and the remaining three are connected via port:
8080
This is where I am having trouble explaining this, as I know what it did...I'm just not sure how it was done.
He used UBB Classic (which was completely written in PERL until the later versions that used PHP as an accelerant), the server was Linux and I do know that he often relied on .htaccess files to handle problem boards linking to him, the "hot" linking of images on his server, Etc.
He had a script that somehow was able to detect proxies that were connected at other ports besides port 80.
How he was able to do this exactly is what I am not sure of and was why I was over at UBB Developers seeing if I could find it.
I was a Moderator on his UBB board and one day I was unable to connect to the board because I had left my connection to a proxy server on. I asked him and he said it was a "script" that was able to block most proxies. A few weeks later I noticed that I was able to connect and post using a proxy server, and I asked him if he had disabled the proxy script, he said that he hadn't...I asked him why I was able to connect presently as I was posting to him behind a proxy. He asked me what port I was connected on and I told him port 80, he confided in me that the port 80 was the only proxy connection that the script failed to block, and he asked me not to mention it as it had seriously cut down on the number of problem posters/troll that were posting using a proxy that used a port connection of 80.
I really wish I could find him, as I am not sure if my memory regarding the event is faulty or that I was just too "green" at the time to understand it.
He was a very quiet person and was not prone to bragging or lying which is why I am treading very gingerly in describing that event. He was very good at writing his own scripts in PERL (and I know he used to contribute to UBB Developers which is why I went there looking first).
I remember also, because I asked him about learning PERL (remember this was about 4 years ago) and he told me at the time to concentrate on PHP instead.
So, what I am carefully trying to say without looking silly...is that he was able to detect and block proxy servers that the user had connected to using a port other than 80. He was able to block those proxy connections, but the "Achilles heel" (so to speak) was proxy connections that used standard (http - port 80) connections. I don't know know if it was a script he wrote in PERL (I don't think UBB was using PHP yet at that time), or if had configured something on their server to detect and block it directly.
I do know that like so many proxy fixes that people have developed to try and fix/stop the problem that his also didn't work 100% either.
I have recently been looking at various ways other people (such as yourself) have approached the problem, and I remembered the way he approached it and I was thinking if his way (again, I remember pretty clearly the details of what it did...I'm just not sure of the details of how he did it
) could be combined with your method, that even though it still would be 100%, if it was possible...it would still be pretty damn powerful.
Like I said, I do remember that he asked me not to say or mention the flaw, or post about it on the board which I helped moderate and that he owned/ran, as he said that the majority of proxies that the users connect too, don't use port 80 and that the "script" (I am almost positive that he called it a script) was able to stop all those with that one exception being those that connected to the proxy they were using via port 80.
But maybe it wasn't a script...maybe have been something he did at the server itself (similar to the way that .htaccess works).
Or, maybe my memory really is that faulty.
More Information