Lists of VPN exit addresses?

John_L · June 10, 2015, 11:56am

Does anyone keep lists of the exit addresses of public VPN services?

I presume there is no need to explain why this would be of interest.

R's,
John

Dobbins_Roland · June 10, 2015, 12:08pm

To keep consumers who've legitimately purchased/rented/subscribed to content from accessing same when they travel internationally?

Because as a regular international traveler, that's what springs to mind when I see requests like this.

Another thought is governmentally-driven censorship, something else I encounter a lot in my travels.

Jared_Mauch · June 10, 2015, 12:21pm

I’ll just simplify this and say that the Tor Project publishes a list of its exit nodes so you can block these if your abuse/fraud requirements necessitate this.

https://check.torproject.org/cgi-bin/TorBulkExitList.py

If it’s for geolocation blocking, I’m in favor of these political limitations to go away. It doesn’t take a genius to bypass these if that’s your intent.

- Jared

Bacon_Zombie · June 10, 2015, 4:38pm

Well if they are using Hola then EVERY person with it installed is an
exit-node.

http://adios-hola.org

https://m.reddit.com/r/netsec/comments/37rit3/adios_hola_why_you_should_immediately_uninstall/

Tyler_Mills1 · June 10, 2015, 8:22pm

I'd imagine it is quite easy for a lot of these providers to have a
pre-configured virtual machine template or cd image that they can deploy
across the board amongst a plethora of different VPS solutions as well.
Being able to bring up exit points on the fly would be very helpful in
bypassing censorship.

James_Downs · June 10, 2015, 9:52pm

I was talking a few weeks ago with a developer type from China who said something to the effect of “Hosted X is a problem because while developer types have experience getting around firewalls, [manager types] do not…”

Dobbins_Roland · June 11, 2015, 12:25am

Yes, we all know that technical people can generally get around these sorts of blocks, and non-technical people all too often can't.

The majority of people aren't technical (using Facebook and Instagram all day <> technical).

James_Downs · June 11, 2015, 3:16am

I thought your point was that you encounter governmentally-driven censorship frequently in your travels, and you were in favor of making it easier to get around it. The need for this was what my anecdote was meant to illustrate.

Dobbins_Roland · June 11, 2015, 3:50am

Yes, absolutely. We're in violent agreement.

;>

Pete_Mundy · June 11, 2015, 5:59am

You can get all known commercial v4 VPN endpoints with one declaration:

0.0.0.0/0

That'll guarantee you catch em!

Good luck

John_L · June 11, 2015, 7:51am

In article <DDE4299E-9450-42A7-AA27-9DDA8BB70B24@arbor.net> you write:

I presume there is no need to explain why this would be of interest.

Gee, I appear to have presumed wrong. My concrete application is
vetting updates to the abuse.net contact database, to recognize people
who are trying to hide their actual location.

To keep consumers ...

R's,
John

Dobbins_Roland · June 11, 2015, 9:38am

Precisely.