IP banning ideas

[Atomicide]

can you link me to the part of the site your talking about? I assumed it was "Leocrasher's Support Board" where this was taking place.

Edit: on second thoughts, dont bother, Ive found where your talking about and instead of looking to ban this one user, I suggest you just ****ing remove it, thats got more trash than I would tolderate on Atomicide.com and theres basically 0 usefulness out of it.

Edit2: even better when you realise what you can do with some research. Doomnezeu is the name of a guy who also plays on my WoW server. He is from Romania, and ive got it on good authority that the latest IP I found on your site, matches one he has recently used. I can link to to his website if you want, although im not sure what options that presents you, and it isnt 100% conclusive its the same person.

 

[LeoCrasher]

...if I wanted an alternative action suggestion or your thoughts on its content, I would have asked. Instead I asked for filtering solutions. Bashing the submissions goes about -10% into helping me. I already manually delete the users posts.

Calm your language, theres zero need for expressives when attempting to give assistence. I wouldn't be so discourteous when addressing you.

/Leo

EDIT: Will remove non-relevant or non-helpful posts from this point.

 

[username]

Well if there's no member system in place you can't really expect to have a blocking system since there's no actual members to block. As for IP banning, it's not effective even for message boards. Your chat script is way too simple so spam is something you have to deal with manually.

Many proposals for eliminating comment spam are focused on banning or throttling comments from the IP address of the spammer. This is fundamentally flawed because it assumes IP addresses are both unique and hard to come by.

Banning an IP address can have severe consequences. Many ISPs (including AOL) and companies use a proxy server that makes it appear as if all users are coming from a single (or a handful) if IP addresses. By blocking an IP address, you might be preventing a substantial portion of AOL users from commenting. Depending on your point of view, eliminating AOL may not be a great loss; however the same thing would happen to millions of users behind other proxy servers.

The other problem is that IP addresses are very easy to get or fake for spammers who care about such things. There are hundreds of thousands of open proxies that will let anyone direct Web traffic through them. When I’m using an open proxy, my IP address is effectively masked. And I can use simple software to switch to a different open proxy (and thus a different IP address) every few minutes. So my spamming activity isn’t tied to a specific IP address.

Hypothetically speaking, if the problem of open proxies were to disappear overnight, there are two other mechanisms that provide a limitless set of IP addresses to spammers: dialup and spoofing.

Most dialup ISPs provide a different IP address each time you dial in. If a spammer were to find that their IP address had been banned, they could simply disconnect and redial. It would be trivial to automate the process of dialing in, spamming, disconnecting, and dialing back in.

IP addresses are easy to fake as well. The design principles of TCP/IP allows the sender of a packet to specify its IP address. The message will still be routed to its destination using the fake origin address. Return packets would be mis-routed, however, because TCP/IP would send responses to the true location of the IP address rather than where it actually came from. This means that IP spoofing is ineffective in situations where you need to interact with a remote server, but very effective in a one-way conversation. I can’t retrieve a Web page using a spoofed IP address because I need to make the request and then have the server send me the page. But I can send requests all day long if I don’t care about the response.

Posting a comment (or TrackBack) doesn’t require interaction. I can send a comment in a POST or GET message and not worry about the response if I don’t care about receiving acknowledgment that it was successful.

 

[Kaori]

@Kaori
Yea. Moderation seems like a good idea. Pitty the DNS lookup doesnt work, then I could enable it just for Romanian users.

not sure if there's a free tool to do this.. well you know some of the 86.* is romanian's ip. there's a tool for you to query if the ip is uk or roman's...

 

[Dataforce]

Assuming he only has one ISP, you could block 89.35.216.0 - 89.35.223.255 (89.35.217.0/24) which would stop him access. Not sure how many legit users that would also block tho.