ipChecker - Check If A IP Is From Tor Or Is A Malicious Proxy
Tool to check if a given IP is a node tor
or an open proxy.Why?
Sometimes all your throttles are not enough to stop brute force attacks or any kind of massive attacks, so it can help you to drop, some attackers who use tor or open proxies.How it works
The ipChecker has some plugins which scrap proxies ips from public sites, all this ip's are stored in a database where you can make consults using the provided API.
Basically, when you run the command
it will start docker swarm
create one service for the API wich can be escaleted and starts with 4 containers, another service for the updater which is the script responsible to run all the plugins that grab all the proxies and tor nodes,this service starts with only one container, and at last one container for the mongodb
where all data are stored.
communicate through a docker network called ipchecker-network, and only the port 8080 is exposed where you consume the API.
To avoid a lot of false positive, the api only returns ip's from the curent day, because almost proxies servers and tor nodes, are dinamic ip's.Plugins
Here is the list of working plugins on ipChecker
git clone https://github.com/mthbernardes/ipChecker
Option to execute the service:
|Command ||Description |
|Build all images |
|Build and run all images |
|Stop all services |
|Stop all services and wipe all images and mongodb data |
If you don't have docker, you'll need to install it. (Docker Install
Here is the basic usage of the API, for see all the endpoints and access the / endpoint.
|Endpoint ||method ||Description |
|/ ||GET ||Document of all endpoints |
|/statistics ||GET ||Informations about blocked requests, allowed requests, and number of all proxies on database(per day) |
|/ips?ip=127.0.0.1 ||GET ||Search for a single IP on database |
|/all ||GET ||return all ips on database |
Source: ipChecker - Check If A IP Is From Tor Or Is A Malicious Proxy