PDA

View Full Version : Banning Users Who Are Adept With Computers



hitmonlee
November 11th, 2003, 06:43
here's the deal

just received a threatening pm from a user (king) on a forum i moderate. one of the other moderators changed his offensive avatar/tagline (from WHITE IS RIGHT to KITTENS ARE RIGHT) and also edited one of his posts (an offensive picture of a fat naked santa, to a picture of king).

king sends me this


hey
hey look im generally a pretty nice person on teknoscape thesedays, i dont make racist topics, or do anything psycho anymore

but if one more moderator changes my signature, or avatar, or changes the words in one of my posts, or posts a picture of me in a topic with my nickname above it, the following security "vulnerabilities" may suddenly become more apparent (of course i would never do anything would i)

a ) massive flooding on the forum (of the likes this forum has not seen before)

b ) open attacks on the SQL server database critical files (Which have been left very open and vulnerable to the internet)

and before you send me a message back saying "blah blah blah petar patched everything you cant do shit" you should probably take into consideration that im fairly adept with computers

im a reasonable man, but changing my words and pictures around is unreasonable, i wouldnt care if you deleted them but putting words in my mouth upsets me

we don't want to ban him.

but that and another situation where we had to ip ban a user got me thinking.

how can you ban someone who knows how to get around a ban anyway (ie. hiding ip's)?

have any of you had any problems banning people like this?

or had any problems with an angry ex-user stuffing up the board?

(we already had that too, and ex-gf of one of the moderators created something that signed up thousands and thousands of users who all had "adam is gay" in their name)

discuss. :)

Jet Set Willy
November 11th, 2003, 08:13
You can't ban anybody who doesn't want to stay away unless you do something like password protect the forums.

<><>
November 12th, 2003, 10:40
A really effective way of banning the member is requesting non anonymous emails as they register (such as NO hotmail, and NO yahoo mail, etc) and then banning the email (if your BB soft supports it).

I would not give into his kidde threats and change his settings to L33t Haxor mockery and ask him to "go ahead" and "haxor away" (Just make sure you have the chmod settings right). What works pretty well is a smart whois on the IP, if it&#39;s dynamic locating the ISP. just locate enough info on the user through IP#, if he has registered sites then the registered site whois, if he has email then lookup email account details offered (profile if any or &#39;secret question to reset password&#39; if any). Once you have gathered some relevant info (not personal but relevant you can contact him saying:

Dear King, I&#39;ve sent screenshots and logs of your behavior and recent threatening mai/pml to blablatelecom, also you have been notified as a spammer to blahoomail. Since ISP&#39;s do take security threats pretty seriously, I&#39;m quite sure your accont activity will be logged. Please feel free to &#39;haxor&#39; away at our site at your leisure so that the internet can be rid of you for a very long time.

hitmonlee
November 13th, 2003, 05:45
Originally posted by <><>@Nov 12 2003, 05:40 PM
What works pretty well is a smart whois on the IP, if it&#39;s dynamic locating the ISP. just locate enough info on the user through IP#, if he has registered sites then the registered site whois, if he has email then lookup email account details offered (profile if any or &#39;secret question to reset password&#39; if any). Once you have gathered some relevant info (not personal but relevant you can contact him saying:

Dear King, I&#39;ve sent screenshots and logs of your behavior and recent threatening mai/pml to blablatelecom, also you have been notified as a spammer to blahoomail. Since ISP&#39;s do take security threats pretty seriously, I&#39;m quite sure your accont activity will be logged. Please feel free to &#39;haxor&#39; away at our site at your leisure so that the internet can be rid of you for a very long time.
lol
he&#39;s already been banned from the biggest isp in the state

i wouldn&#39;t dare do anything like that - he&#39;d just get his friends in on it.

king has now taken his medication and says he has gotten over the problem. (for now)