This is the new home of the egghelp.org community forum.
All data has been migrated (including user logins/passwords) to a new phpBB version.

For more information, see this announcement post. Click the X in the top right-corner of this box to dismiss this message.

Time for a new kind of ban ?

Old posts that have not been replied to for several years.
Locked
r
ray202

Time for a new kind of ban ?

Post by ray202 »

Hi all!

As you all know most of the ISP's uses DHCP when providing inet to they'r customers.
Some ISP's like UPC (chello) let the customer have the same IP over a longer periode of time. Others force a change in IP adress every time the login to the inet.

Having this problem with a new host every time someone logs in, all he have to do is to change his ident / nick to avoid a perm ban.

Now, the question is. Is it time to look into other means of banning/permbanning pepole from the channel ?
Would it be possible to combine it with a MAC adress ?
Is it possible to put an other fingerprint on the user ? Maybe using /finger, /ver and other CTCP replys as a ban variable ?

The amount of users that are willing to change they'r nick and ident to enter a channel they are banned from is low. Are there any way of keeping a trace of these users ?

If i where a l33t hax0r TCL writer i wold jump right on this, but i'm not :)

Reidar
aka. Ray^^
Top
p
ppslim
Revered One
Posts: 3914
Joined: Sun Sep 23, 2001 8:00 pm
Location: Liverpool, England

Post by ppslim »

All of your comments are true, however, this ihas been faced for years, literaly from the time eggdrop came into service.

99% of ISP's provide a different IP when using dial-up modems. It's cehaper, simpler and does mean as muny IP's wasted (IE, contention on IP's).

Some of the ideas are good as well, however, most are flawed.

MAC address: This is not obtainable. A router does not pass MAC addresses between physical segments (unless forced to), thus, due to the nature of the internet (i gurrentee 99% of your connections pass through at least 4 routers, 2 of which, do not belong to your ISP), there is no way of obtaining it.

CTCP replies can be forged the same was as ident's. Even worse, most clients use standard replies.

Using the reply of /version is jsut a no-go. It would be like banning 80% of IRC off your channel, seening as most user use mIRC.

/finger. Depending on which method used (TCP socket based or CTCP based), this would also provide usless info. CTCP fnger in mirc, replies a clients idle time, which is usless in a ban. The TCP socket kind is hardly ever used any more, and those that do use it probably don't know it's there.

Normal bans are still by far the best method to keep out trouble.

ppslim!hert@dsl-in-56854.hgw23.isp.com
&
kkkk!kkkk@dsl-in-54223.hgw23.isp.com

There is no way to tell if this is the same person.

If some1 leaves, changes there nickname and rejoins, the a ban mask of "*!*hert@desl-in*.isp.com" would have banned the first person. However, disconnecting from the IRC server is required to change identd.

The hostname is by the far the best to ban against, due tot eh fact, the user has no control over it. Everything else, he/she has.
Top
Locked

Return to “Archive”