Proxy Scanner

This is more of an informative page rather than a page about user-facing services available on Techtronix, but I (Techman) feel that this should be documented

Techtronix employs an open proxy scanner to help block unwanted and malicious connections to the network. Basically, an open proxy is exactly what it is: a proxy that's open to the internet. It has no form of authentication, so anyone (including malicious folk) can connect to it in order to hide their true identity. The Techtronix proxy scanner is powered by the Hybrid Open Proxy Scanner, HOPM for short.

Open proxies are an important part of botnet attacks, as an attacker would like to have as many connections to a target network (in this case, Techtronix) as possible. Employing an open proxy scanner (in addition to other network mechanisms) greatly reduces the effectiveness of botnet attacks.

Connection Notice

Upon connection to Techtronix, you'll get this notice from a user called HOPM:

-HOPM- *** Your connection is currently being scanned for open proxies...

This is to let you know that your IP will be port-scanned for ports commonly used by open proxies. This port scan is completely harmless, and it is only to locate potential open proxies.

What Happens if an Open Proxy is Detected

If an open proxy is detected on a host, HOPM will set a 1-day Z-line on that IP address, report it to DroneBL, and move on. An ID tag will be added to the ban, so the ban can be removed easily if needed. A ban will look somewhat like this:

Closing Link: Open proxy detected - TYPE (set on NICKNAME) (1d) (ID_HERE)

  • TYPE - The type of open proxy. Can be HTTP, SOCKS, etc.

  • NICKNAME - The nickname of the offending user who was scanned. If multiple users are banned at once, this nick is what triggered the scan that found the open proxy.

  • ID_HERE - The ban ID. Used by network staff to easily locate and remove bans.

Remember, proxy scans are entirely for the security of the network. We aren't trying to prod your machine to open holes to exploit or anything of the like. If you don't consent to these types of security checks, then please don't connect to the network at all, or otherwise use some kind of bouncer.