Reset Password
Existing players used to logging in with their character name and moo password must signup for a website account.
- Veleth 31s
- SoftAndWet 30s
- Cowbell 1m
- Spark 1m
j Johnny 14m New Code Written Nightly. Not a GM.
- Bogrin 6s
- Something_Wicked 42s
- Maru 1m
- JakeyBoy 22m
- CookieJarvis 0s
- himble 7m
- aethertm 1s home is where the computer is
- deskoft 10m
- jillavanilla 12m
- Baguette 1m bitchmade
- adrognik 11s
- Dawnshot 23s youtu.be/--9kqhzQ-8Q
- BubbleKangaroo 11m https://www.youtube.com/watch?v=QH2-TGUlwu4
- BCingyou 1m
- P1etr0 1m
- Cainite313 2h youtu.be/rtbct2jzLBU
a MirageGM 7h The original cryptid.
- Wonderland 22s
- Testeroni 17h
- Ryuzaki4Days 37s Take drugs. Kill a bear.
- HolyChrome 22m
And 19 more hiding and/or disguised
Connect to Sindome @ moo.sindome.org:5555 or just Play Now

Connecting through a proxy / tor?
How many of you do this?

So, you all know we've had to ban players before. Some people are not a good fit for Sindome for a variety of reasons. Maybe they meta gamed and shared IC info with other players, maybe they were consistently disrespectful to staff and other players, or maybe it was a bunch of little things that left us little choice but to enforce a ban.

Some bans are short, some are long, some are forever.

We've noticed that some players connect through tor or proxy servers. This is problematic for us because that means they could be banned players, trying to circumvent said ban or rule breakers connecting to unauthorized alts.

Where someone connects from is only one in a variety of tools we have in place to detect those playing alts or circumventing bans, but it's an important part. I'm considering proposing a vote to the other admin to ratify a rule that would state that if you want to connect to Sindome, you can't do it from a proxy (or tor), and if you are detected doing so, we'll ask you to sign in with your actual IP.

I'd like to discuss this a bit, and get your thoughts. How many of you would this actual effect? I have only detected a few people using tor / proxies, so that isn't that big a deal. We don't want you to be less safe on the net, but we do need to protect our community from folks that would take advantage of software like that to hide their true identity from us, to avoid the consequences of their actions.

There are of course times where you might be using a proxy for valid reasons, like getting around a fireware that prevents you connecting to the game, and those are situations where an admin like me, would be able to work with you to verify that you aren't a banned player (or trying to play two characters), and add an exception.

Thoughts on this? Does it even effect anyone that isn't using this for the reasons we want to make it against the rules to do it for?

-- S

From a net neutrality aspect - I am against this. From a casual gamer perspective - whatever dude. I think provided you leave the option for exceptions via SlitherTime(TM) a blanket ban is fine but maybe do it the kind way with a friendly redirect and message for those who try to connect?
It wouldn't be something that bans / blocks you, it would just notify admin who would investigate and be like 'yo, connect from not a proxy please.'

It would be something we make known when creating a new character.

Totes legit then. I think if admin are able to devote the time needed - go for it.
Tor and most proxies literally serve no purpose beyond evading bans in my opinion. The purpose they do exist for can be circumvented if you have even an inkling of what you're doing.

So if someone is connecting using Tor, I can only suspect it is for bad reasons.

As long as it's more of a flag for being spoken to and not some automatic block thing, I'm less knee-jerk against it than I thought I was when I started reading the OP.

My only personal concern is being recently 'flagged' (?) and spoken to by an admin about looking like I was connecting from a weird IP / proxy when I wasn't and having no idea why. Nothing came of it and all seems fine now, so, IDK.

My only broader concern would be for those for whom proxies / anonymity are much more serious, legitimate concerns (thinking geo-politically), but I have absolutely no idea how many players that would be an issue for, and simply defer to the judgment of the admin, who presumably do.

@Jameson That's part of what I want to figure out. Would this even effect anyone? Ya know? Then we can figure out how much time it might take us.
I use proxy type thing because where I live has this weird firewall type thing. it blocks me from using certain sites like youtube, sindome, twitter, etc. I'm not sure if a firewall is what blocks websites but yeah that's why I use it. If I don't use it this site is blocked and I have clue why it blocks the things it does or how to fix that.
Greetings everyone.

I play Sindome from work (guilty!), home, and on the go constantly. I also work remotely a lot from home, which requires me to login to work VPN to be able to use my work tools (while I play).

I login to Sindome generally from: Work IP, Home VPN Work IP, Home IP, and Android Client IP.

I haven't had any issues raised from an Admin about all of the IP hopping I do when connecting to Sindome through my various mediums. I have only had this one character though since playing. I feel that most folks prolly do not have a solid reason for logging into Sindome with a VPN IP. Hence, I think it should be scrutinized. However, mebbe existing players can be vetted, so if VPN connections were scrutinized, it would be an easy job for an Admin to see the vetting and move on. And also possibly it could be a thing that when creating a new account and or character, it cannot be done through VPN.

Just a couple thoughts.

TOR, proxies and VPNs are useful for many reasons, others than to avoid a ban sentence. I suppose there is no need to enumerate them here.

I use TOR more and more on the internet.

I played Sindome using TOR recently during a few weeks without problems, always with same character.

I didn't even imagine it could be forbidden and so I didn't check if there were restriction rules about it.

Two days ago, I have been disconnected multiple times so I reconnected as usual (my internet connection is unstable sometimes). Finally, I could reconnect but I was 'voided' e.g. my character in pause, with a request to contact an admin.

I did that and this is when I was told that using TOR was forbidden. Of course, I stopped using it at once.

I'm sorry for disturbing an admin who had to disconnect me multiple times, put my character in void and explain why they did it.

The problem is that I couldn't know why I was disconnected. I use the standard web client and when it disconnects the view becomes black with big blue buttons. I could not read any disconnection message.

If possible, I would suggest to make the user know why they are disconnected. It would ease the issue resolution for both the user and the admin.

I searched for TOR on sindome.org and found this thread. I understand now why it would be restricted.

I'm not sure that restricting these tools is the banned-player-killer solution since a well configured proxy or VPN can be hard to detect, harder than a TOR connection. But okay, doing it probably helps to mitigate the issue.

Unfortunately, I don't have a perfect solution to detect banned players.

Anyway, privacy becomes more and more a concern everywhere and IP addresses are more and more easily staged with similar tools. I guess this question will be raised again as more regular users may want to use them.

I fully comply with the rules and if admins decide that restricting these tools helps, then this is fine. I still can choose to stop using them or to stop playing Sindome. For now, I keep playing if you don't mind.

Finally, I don't get clearly the status of this question.

VPNs and proxies seemed to be tolerated two years ago.

Are TOR or VPNs or proxies allowed, forbidden or tolerated in some circumstances (and then which)?

I like Slither's approach:

It wouldn't be something that bans / blocks you, it would just notify admin who would investigate and be like 'yo, connect from not a proxy please.'

Then admin can investigate and when it's done, the validated user can use his tools again.

I'm currently not at home and the shelter and certain community places I go to for net have blocks in syndrome. so I tend to go Through a proxy for now to get past this.. Unless I'm on my phone.
My 2 chyen.

Same, I very notoriously used TOR for the majority of my playtime in SD but not anymore.

Why? Because I used to play mostly at work and I needed TOR to bypass the browser filters (Fortyguard sucks). Which is a pretty standard practice for desk jockeys like me.

However now simply boss the tech guys in my company and tell them to turn it off (they work for me). But I can understand the need for TOR, also I am very paranoid about my internet privacy and I was afraid of getting hacked, because these types of games have a decent population of immature coders/hackers/script kiddies.

I don't use TOR but it is very easy to snag everyone connected to Sindomes IP address.
I'm in a similar boat to Scarlyt, and also use VPN some of the times when I'm connecting to Sindome. The exception mentioned would be absolutely necessary for someone like me, and I'm afraid that someone under similar circumstances might not get a chance to speak before they're judged or end up in a situation where they can't really enjoy the game because they suddenly find themselves with limited ways to connect that aren't against the rules.

Again, I understand the need but I'm often against implementing policy to stop the radical few at the expense of the many.

A lot of times I can connect and play normally, but sometimes there's a problem with DNS and it's such a pain to resolve I just use a VPN to connect. It happens once a month or so.
I'm in the same boat as a few players here, I also use a VPN to connect during work hours, my job has very little to do for long periods of time, Sindome keeps me sane and occupied.

If it were something in the admin's hands, as is being discussed that wouldn't be so bad, or if there was some kind of whitelist for established characters, or people who've been around for a while who have been proven not to abuse the game? That might be good.

I enjoy the additional security of connecting through a VPN. Personally, my job is rather uneventful during the day, and connecting to Sindome is a fun way for me to pass the time.
Everyone should be using VPNs.
Telnet is pretty primitive so I'm not sure there's a way to whitelist people for VPNs, but couldn't you do it via the webclient? It would mean people with approval to connect via VPNs would have to go that route but it'd let them use it while still blocking the ban evaders.
So. Devil's advocate here, but...

Experience as a GM/Immortal/Admin of various other games and game servers tells me that 90% of the people connecting through proxies are doing so specifically because it allows them to skirt the rules.

One MU* I GMed I caught several players utilizing VPNs and mudconnect to multiplay. Normally we iniitiated a test where we had both "players" type two different sentences at the same time, but coincidentally, one player had always "stepped away". We didn't want to ban anyone without some level of certainty, so we were at a bit of a loss as to how to handle this. So I set a little trap, by promising a reward sort of like those "fill out this survey" type of deal. If I were to equate it to Sindome it would be something along the lines of "vote in this poll and receive 2 UE!". Caught several multiplayers, including the one we had our eye on, when they logged in with the same IP on port 443 to access the website.

tl;dr: If someone absolutely needs to VPN in for some reason, exceptions can be made, but as a whole I can wholeheartedly agree with blocking mudconnect and widely used free VPNs and proxies to prevent abuse, because they will be abused if they are not already.

Speaking as someone who’s never used a proxy/Tor and has very little knowledge of how they work: do they ever have any practical uses? Does it enable people from countries that would otherwise struggle to connect/need to hide their identity for whatever reason to play?

I don’t know if that would have any impact on decision-making, but may be something to consider?

This is 2019. If you are not using a vpn you are being watched. If you don't care that's fine, but those of us who do should not be punished for the sins of a few. Give this a read if you don't believe me: https://theintercept.com/2018/06/25/att-internet-nsa-spy-hubs/

That aside, the best benefit I get from using a vpn is an overall boost to the speed of my network. I have no hard evidence to back this up, but connecting to all the things I connect to without a vpn downgrades my phone connection (from which I tether to everything else in my house and office) to HSPA+ the moment I make more than a couple of connections. If I use a vpn, I always have great 4g speeds. Now if you ask my provider why this is, they will tell you that they weigh the importance of connections to well known domains higher than everything else when choosing what to route and when, and that there is nothing they can do about it (though oddly this doesn't explain the drop from 4g to HSPA+, they skirt that question every time). That's fine, because I can use my vpn. What I can't do is use no vpn for Sindome and a vpn for everything else, because I would have to dedicate an entire device to sindome and only sindome and I'm afraid that's just not in my budget. Given the choice between playing sindome but being forced not to use a vpn and using a vpn, I'm going with the latter without a thought.

TOR (which I use when at a computer in the office that does not belong to me) has its uses for getting around pesky firewalls and the like, but gets a bit hairy because of the ease of masking your true identity over the internet.

Overall, I don't think banning the use of either is the solution, because these are modern technologies which are only going to become more prevalent over time. This isn't 1999 anymore, you should be using a vpn, even if it's self-hosted.

As far as solutions go for preventing misuse of the given systems, that's a tricky one. I think that making people connect from their home connection initially and from time to time would be a step in the right direction, but I can also think of ways to get around this as well, without TOR or a vpn (I shan't post them here as to not give the baddies any more arsenal, though if the admins want to hear my thoughts, shoot me an email or message).

tldr; USE A VPN; THEY ARE WATCHING

To Adea, on a more general security level, say you are a developer for Corp. You and many other developers all work remotely or connect remotely to servers belonging to Corp to do your job. Now if all these servers were public facing, it would allow anyone to attempt to connect or Anor forbid use the latest leet hack to get through your security and connect to your goodies. What you can do is make a few vpn servers which specifically whitelist the connections that the employees will connect from and ignore everything else. Then, you take all your critical servers (maybe git repos, docker image repos, mail server, private npm repo, etc etc) and block all connections except ones coming over the private network of your host AND which come from the vpn servers. This gives you much added security versus everyone just connecting from whatever whenever directly to the needed servers.
@Vera I would gladly use strictly the webclient to allow the use of my vpn, but last time I used it the logging capabilities suck compared to Mudlet. In Mudlet, my logs are persisted as they come in, afaik the webclient forces you to manually save them and loses them if say your browser crashes or the power goes out. That is the sole reason I use mudlet over the webclient.

There is also the question of how you will whitelist all of the potential servers a given vpn might have. Say you were using Mullvad for example, there are eight to ten servers per region that you might connect from and it would become quite taxing on the players/admins to gather these for each vpn that a player might connect from, not to mention when they change/expand said server pool. And you generally can't choose to connect from strictly only one server.

Would it be possible to ban VPNs and/or TOR during that first two week period? That would stop certain butthurt individuals from annoying the general community while letting almost everyone else connect how they wish.
That's a pretty good idea. The only pain I could see it causing would be if players cannot access sindome at all due to country or isp firewalls. In those cases the only way they may be able to connect is via a vpn or tor.
I have to use a VPN for mobile play. Does that count?
Ummm... everyone really seems to just not give a shoot about cyber security. I saw read one guy say that security is important and then immediately after that justify taking away security for the game, and I read an other guy say that VPNs are useless and don't work if "you know what you're doing" which I assume is just the typical narcissist trying to play himself like hes some cyber genius. There isn't a way verify people other than IP? I get the need for enforcing rules but why do I have to sacrifice my security in order to play a text based video game??? It's just a game, why is it more important than keeping people's private information secure???
Since people are still talking about this two and a half years later, maybe Slither could say what (if anything) actually got implemented.

Then people can know whether there's really something to push their buttons or not.

@CyrusWest

Privacy. Not security. VPNs do provide a level of security, but from point to point. Security should always be implemented locally first.

The concern is anonymity, and unfortunately it is often abused by individuals seeking to get a one-up on everyone rather than just enjoying the game and taking your punches. Insofar as the game itself is concerned, VPNs are a security risk, because they're often used to skirt rules.

@beandip

Didn't Slither say they found a number of multiplayers that admitted to the fact willingly and were issued temporary bans?

@quotient

Yes, I seem to remember that but are you sure it was the direct result of being observed using TOR or another origin hider? I don't have a link to the original statement but I feel like I remember it being a much more organic situation than simply catching them doing this. As Slither said, identifying origin hiders is only one tool among many for catching cheaters.

It's also not clear to me whether those bans you refer to were the result of the original policies, unchanged, or, like I was asking, whether some new policy did get implemented after Slither got the feedback here that he asked for.

just dropped 100 bones on a vpn plan only to find out sindome blocks it lol

yeah id rather not have to choose between playing sd and having my internet traffic wide fucking open

There might be some elegant ways to solve this, such as only blocking VPN access for new character creation, rather than existing approved characters.
Yikes.

Seems like a lot of questions continued to be raised here a while back without answers, so maybe a good time to revisit.

I think we all get wanting to keep bad actors out of the game, but there's also letting the perfect be the enemy of the good (not the best metaphor but works).

If a banned player is remotely determined, you're not going to block them through 'systems'. You can only keep out bad behavior as bad behavior arises. You can only do so much.

If people want to connect through VPNs, for any multitude of reasons, that seems fair.

It is possible to use a VPN and expose your IP for Sindome.

Just route traffic to moo.sindome.org [52.14.187.198] through a static route and keep the default route set to the VPN.

Here is a decent primer on setting up static routes in Windows. (If you're running Linux, you don't need me to tell you how to setup static routes.)

https://www.howtogeek.com/howto/windows/adding-a-tcpip-route-to-the-windows-routing-table/

Odds are your VPN is going to route 0.0.0.0 to the Gateway IP of the VPN. That is your "default route" for all traffic.

You want to setup a static route for the IP of moo.sindome.org [52.14.187.198] going to the gateway of your internet router, not your VPN.