UBB.Dev
Posted By: PaNTerSan Ban host - 06/12/2004 6:48 PM
I'm having some problems with banned IP's.

I would like to ban 82.%.%.% and it does not work. User can STILL post as anonymous and EVEN post a registration request.

So I tried to ban exact IP 82.192.56.129 and user can STILL post as anonymous and post registration request?

I didn't change any of ban/unban functions or checking.


Why doesn't % marker work? Also I tried 82.% just in case
Posted By: PaNTerSan Re: Ban host - 06/13/2004 6:34 PM
OK - just add
Code
<br />// ------------------<br />// Check for any bans<br />   $userob = new user;<br />   $userob->check_ban("",$Cat); <br />

before
Code
<br />// -------------------------------------------<br />// Make sure we have a minlength and maxlength<br />
Posted By: PaNTerSan Re: Ban host - 06/14/2004 8:34 AM
[]PaNTerSan said:
I would like to ban 82.%.%.% and it does not work. User can STILL post as anonymous and EVEN post a registration request.
[/]
% marker does not work because it is no implemented []http://www.drogart.org/ubbthreads/images/graemlins/rolleyes.gif[/]

Here is what you have to do in ubbt.inc.php in check_ban functon:
Find
Code
<br />        if ($Uid) {<br />            $extra = "B_Uid='$Uid' OR ";<br />        } <br />        <br />        $query = "<br />          SELECT B_Hostname,B_Uid,B_Reason,B_X_Forum<br />          FROM   {$config['tbprefix']}Banned<br />          WHERE  $extra B_Hostname LIKE '$Hostname_q'<br />       ";<br />

Replace with:
Code
<br />        if ($Uid) {<br />            $extra = "B_Uid='$Uid' OR ";<br />        } else {<br />            // hostname is banned - let's check for % to match multiple digits (pantersan fix)<br />            $IPpieces   = explode(".", $Hostname);<br />            $ipMatch    = "";<br />            $extra2     = "";<br />            for ($i=0; $i < count($IPpieces)-1; $i++){<br />                $ipMatch .= $IPpieces[$i];<br />                $extra2  .= " OR B_Hostname='$ipMatch.%'";<br />                $ipMatch .= ".";<br />            }<br />        }<br />        <br />        $query = "<br />          SELECT B_Hostname,B_Uid,B_Reason,B_X_Forum<br />          FROM   {$config['tbprefix']}Banned<br />          WHERE  $extra B_Hostname LIKE '$Hostname_q' $extra2<br />       ";<br />

Posted By: J.C. Re: Ban host - 06/14/2004 9:23 AM
Be careful blocking IP's you may shut out a hole bunch of potential members that have an ISP using the same opening string..;) That said, you can block them using an htaccess file. They won't even see your site.
Posted By: PaNTerSan Re: Ban host - 06/14/2004 11:12 AM
[]J.C. said:
Be careful blocking IP's you may shut out a hole bunch of potential members that have an ISP using the same opening string..;) That said, you can block them using an htaccess file. They won't even see your site. [/]
We know that and we don't really care

If you get flooded from same networt you should ban the whole network no matter what other users have to say - And if this is "old user" we post a message and then users can solve this between them. Otherwise we say: [censored] happens - NO, [censored] takes time & effort
Posted By: Ian_W Re: Ban host - 06/14/2004 1:31 PM
Don't forget these days it is very easy to spoof an IP address - so evern if you banned them, they would probably find a way around the IP ban if they wanted to.
Posted By: PaNTerSan Re: Ban host - 06/14/2004 1:42 PM
True - but users on my board don't know the meaning of word spoof

And If it gets this ugly we would report this to our ISP. Actually in the future we intend to report any kind of making strange repeating requests to server.
Posted By: J.C. Re: Ban host - 06/14/2004 11:23 PM
If someone wants to be on your site they will be. The only fool proof way to stop them is to close the board. Cable modem users can shut their modem off for about 24 hours and get a new ip number. Have your members pay $25.00 to join, if they are good for a year, they get it back. If they act up x amount of times, they forfeit it.
Posted By: PaNTerSan Re: Ban host - 06/15/2004 8:43 AM
[]J.C. said:
If someone wants to be on your site they will be.[/]
We know that

[]J.C. said:
The only fool proof way to stop them is to close the board. Cable modem users can shut their modem off for about 24 hours and get a new ip number.[/]
Actually cable users are not a real threat - DSL modems get new IP whenever they want
AND if someone really bother your server - do the network ban for board and via .htaccess.

[]J.C. said:
Have your members pay $25.00 to join, if they are good for a year, they get it back. If they act up x amount of times, they forfeit it. [/]
Now, this would be nice []http://www.drogart.org/ubbthreads/images/graemlins/odvaljot.gif[/] We are serving our users for free. Average age of our users is 16-22. Majority of these users are "kids" who just ran away from their parents and THINK they know everything.

Let me explain: we are a drug harm reduction organization and our users are in 99% percent somekind of drug (ab)users. They tend to go to "parties" (e.g. rave culture) during weekend etc.
Most of them have big problems with authorita of any kind. And most of them have problems because of parents: inadequate upbringing, physical and psychic abuse etc etc.
WE are understood to be their "second home". And they take it seriously to.
Since they couldn't evolve their REAL personalities in "normal" way for our community they are evolving their Digi-Selfs which is much easier since there is no visual contact necessary. Of course they "know each other" and "hang out" together but that is due to Digi-Self and not My-Self: lack of trust, lying, exaggeration, fears, paranoia are major reasons for "breaking up a friendship/partnership"...

This will become a really big problem with next generation...

So now and then we have a problem because they try NOT to follow the guidelines and rulez. And when they get banned they THINK it was unjustified so they want to "make a mess", "revenge",... you know

This users are my "threat"
Posted By: Twisty Re: Ban host - 06/15/2004 11:54 AM
[]J.C. said:
Cable modem users can shut their modem off for about 24 hours and get a new ip number. [/]

Or they can use an anonymous proxy list and do it in 5 seconds...over and over again until you pull your hair out

I've seen others have to contend with severe cases of this, not pretty at all.

And the proxy detection mod won't even detect it btw (that only works if it's transparent), I already tested.

http://www.proxy4free.com/page1.html

Every admin's nightmare.
Posted By: PaNTerSan Re: Ban host - 06/15/2004 12:31 PM
[]Twisty said:
And the proxy detection mod won't even detect it btw (that only works if it's transparent), I already tested.
[/]
Proxy detection mod? Explain, please.
Posted By: Twisty Re: Ban host - 06/16/2004 5:47 AM
[]PaNTerSan said:

Proxy detection mod? Explain, please. [/]

Right here...

https://www.ubbdev.com/forum/showflat...prev=#Post91358
Posted By: PaNTerSan Re: Ban host - 06/16/2004 9:19 PM
Tnx

Anonymity of Proxy
Posted By: PaNTerSan Re: Ban host - 06/16/2004 9:58 PM
[]PaNTerSan said:
$extra2 .= " OR B_Hostname = '$ipMatch.%'";
[/]
should be
[]
$extra2 .= " OR B_Hostname LIKE '$ipMatch.%'";
[/]
Posted By: PaNTerSan Re: Ban host - 06/17/2004 8:23 AM
[]Twisty said:
And the proxy detection mod won't even detect it btw (that only works if it's transparent), I already tested.
Every admin's nightmare. [/]
I have this one user that really doesn't want to give up so he uses proxies. I just installed this proxy mod and I am very pleased with what I see

I got his real IP (which is banned) and proxy IP. There are two possibilities:
[*](1) He doesn't distinct between anonymous proxy and just a proxy, OR
[*](2) Not every "anonymous proxy" is truly anonymous

Since this user lacks knowledge of compures generally (1) seems to be the right choice. On the other hand (2) would seem logical since real anonymous proxies are indeed
[]Every admin's nightmare. [/]
Some admins may take their job to seriously and set up this fake anonymous proxies. This would somehow be a logical trap for users using proxies not for security reasons but to do some kind of damage.

Like in Matrix: you know that anomaly will happen at one point so why not try to have control over it
Posted By: Twisty Re: Ban host - 06/17/2004 11:10 AM
[] PaNTerSan said:
I have this one user that really doesn't want to give up so he uses proxies. I just installed this proxy mod and I am very pleased with what I see [/]

Sweet, yeah it is indeed a very handy mod to be sure.

[] I got his real IP (which is banned) and proxy IP. There are two possibilities:
(1) He doesn't distinct between anonymous proxy and just a proxy, OR
(2) Not every "anonymous proxy" is truly anonymous

Since this user lacks knowledge of compures generally (1) seems to be the right choice. On the other hand (2) would seem logical since real anonymous proxies are indeed
every admin's nightmare.[/]

What's more likely is that he is using a proxy list from somewhere else which only lists tranparent ones (such lists are way more common). The anonymous proxies are only found at very specialized sites like the one I listed, of which there are just a handful.

So he probably isn't even aware of the differece.

[] Some admins may take their job to seriously and set up this fake anonymous proxies. This would somehow be a logical trap for users using proxies not for security reasons but to do some kind of damage.

Like in Matrix: you know that anomaly will happen at one point so why not try to have control over it [/]

It's only real if you think it is
© UBB.Developers