Closed ghost closed 5 years ago
NordVPN identifies the countries and some of the active servers on this page:L https://nordvpn.com/servers/ Ukraine (UA) is advertised to have 6 servers and one of them is recommended on this page: https://nordvpn.com/servers/ukraine/ and the hostname is "ua5.nordvpn.com".
To compile a list of IPs associated with the hostnames, I wrote a script to perform DNS queries using the country code + number. You can't easily perform a reverse-IP lookup because the actual name of the node is not owned by NordVPN.
So you just go from ua1.nordvpn.com to infinity until you get the number of IPs indicated on the page for each country? I was thinking about doing that. Might be more robust to check for vpn ports on the client ip though. Can't find any easily understandable code to do that though.
You don't need to scan to infinity. If they only have 5 servers for a country, try scanning 20 to determine if they are sequential numbers as they may have some hosts configured that they aren't actively promoting/using. I considered scanning ports, but thought it was better & faster to remain passive and only request the publicly available DNS info.
I tried scanning the us servers and there's a huge 600 number gap.
Hello I am sorry this is not directly related to the github project, but I am wondering how you were able to create this list https://gist.github.com/JamoCA/eedaf4f7cce1cb0aeb5c1039af35f0b7 . I am interested in being able to update this list myself as we have been getting a lot of spammers from these ips.