Bungie.net Community
This topic has moved here: Subject: IP bans
  • Subject: IP bans
  • Pages:
  • 1
  • 2
  • 3
  • of 3
Subject: IP bans

Before you go all hurdy durdy on me, just hear me out.

IP bans, almost pointless. Many IPs are dynamic, constantly changing. It's easy to run through a proxy too.

But I think they can also be very effective against one type of troll/spammer/rule breaker/ect:
The idiot

The idiot doesn't know how to change his IP, or run through a proxy, so these bans would be incredibly effective. Sure, when his/her device's IP does change, they'd be back. But at least it delays the spam/trolling/flaming/ect considerably.

For example, on the Flood, there is a very prominent troll with endless alts. This troll, in a non-trolling state, has clearly stated that he thought making an iPhone app would be easy. This troll has clearly stated that programs are developed on Macs for PCs 100% of the time. This troll, is an idiot. This troll doesn't have the mental capacity to grasp to concept of an IP, let alone how to change it.

For this reason, I think the IP ban should be brought back.

  • 12.30.2011 7:57 PM PDT

@spawn031

"So much of what we do is ephemeral and quickly forgotten, even by ourselves, so it's gratifying to have something you have done linger in people's memories." John Williams

So what about College Universities, Libraries, Public Work places etc?

  • 12.30.2011 8:00 PM PDT

Have you seen my mind anywhere? I seem to have lost it...

0x0 x0x 0x0 000 000 x0x 000
x0x 0x0 0x0 0xx 000 0x0 000
x0x x0x x00 0xx 0x0 x0x 0x0

I have seen you future

Wouldn't banning the MAC address be much more effective?

  • 12.30.2011 8:01 PM PDT

Who the hell do you think I am?

Meh, it's pretty pointless. People would still find a way to avoid them anyway.

  • 12.30.2011 8:02 PM PDT

Posted by: FALSE R3ALITYx
Bricypoo's custom user title = Ultra Lame Thread Maker


Posted by: True Underdog
Only after we ban Bricypoo.

I'm at college, some one at the college was a idiot and got them selves perma-banned using the college's internet. I log in with my account, I then get my account banned for his idiotic mistakes.

I'm on a road trip to Kentucky and decide to stop at a Mcdonald's to eat. I pull out my iphone and login in to bungie.net just to receive a ban. Because some idiot decided to use that internet to troll.

I'm at the internet cafe in Bell Plaze (a place near where I live, well it used to be called that) I use one of their computers to get on Bungie.net. I then receive a ban from some idiot who used one of those computers to troll.

I got to my a friend's house, log in and receive a ban, because he was a idiot and trolled.

I go to a hotel in South Carolina while vacationing with friends. I decide to use the hotel's internet to go on Bungie.net, I then receive a ban because some idiot trolled using that internet.

I go to my girlfriends house, log in to bungie.net and get banned. I realize I don't have a girl friend, I was actually at my house and my split personality had trolled on Bungie.net


These are just a few reasons why IP bans were and always will be, A BAD IDEA.

EDIT: Dang you spawn I took so much time writing this >:(

[Edited on 12.30.2011 8:06 PM PST]

  • 12.30.2011 8:05 PM PDT

AV=http://avatar.coolclip.ru/albums/Avatars/Avatars%2090x90/A vatars_90x90_022.gif
BG=http://avatar.coolclip.ru/albums/Avatars/Avatars%2090x90/A vatars_90x90_022.gif


Posted by: Destiny 7
Nah..it's really not that hard to bypass any type of ban.
Yeah but not that many people put in the effort.

  • 12.30.2011 8:23 PM PDT
  • gamertag: [none]
  • user homepage:

:)

Until you get banned from the off chance that your new IP has been blacklisted before.

Happens to me on other forums. Quite annoying.

  • 12.30.2011 8:56 PM PDT
  •  | 
  • Veteran Member

Stop.

So many people have proven 100% valid points on why IP bans would be effective, but everybody here chooses to be ignorant and deny all evidence.

This place is full of ignorance and stupidity. I'm just warning you, OP, before you go wasting your time.

Edit: The only valid argument is the large network, such as a college, library, etc, one.

However, I find most people not using this argument and instead aiming directly at how IP bans are so "easy to bypass" (which is wrong on so many levels).

[Edited on 12.30.2011 9:02 PM PST]

  • 12.30.2011 8:59 PM PDT

Who is this idiot troll?

  • 12.30.2011 9:05 PM PDT


Posted by: CTN 0452 9
Wouldn't banning the MAC address be much more effective?

QFT. MAC Addresses, while changeable, are much harder to do so. OTOH, a proxy could still get around that... but it does solve the problem of getting other people accidentally banned from large networks and what not.

Also OTOH, the OP's point wasn't about ease of getting around the ban, just a way to ban idiots. MAC addresses don't run into the large network issue.

  • 12.30.2011 9:09 PM PDT
  • gamertag: [none]
  • user homepage:

i don't see the harm in bringing it back.

  • 12.30.2011 9:10 PM PDT

Posted by: CTN 0452 9
Wouldn't banning the MAC address be much more effective?
No, absolutely not.

  • 12.30.2011 9:15 PM PDT


Posted by: dazarobbo
Posted by: CTN 0452 9
Wouldn't banning the MAC address be much more effective?
No, absolutely not.

Care to post reasoning? I generally agree, except the point would be to ban somebody who doesn't know what an IP address or proxy is, and MAC Address doesn't have the disadvantage that IP's do of belonging to lots of people.

  • 12.30.2011 9:19 PM PDT

"Except we, we're the zebras. All fenced in...and ready for the slaughter!"

||S-fen Knee-cheh
||19th Shock Troops Battalion

Posted by: Bricypoo
Doesn't matter, that was an epic post. Haha!

[Edited on 12.30.2011 9:29 PM PST]

  • 12.30.2011 9:28 PM PDT

Flours2012
Deathcon_5 on Adelais

No matter how powerful the ban, there's always a way around it. Better to spend time on improving features rather than starting a ban arms race.

  • 12.30.2011 9:29 PM PDT

Posted by: spartan058 bill
Care to post reasoning? I generally agree, except the point would be to ban somebody who doesn't know what an IP address or proxy is, and MAC Address doesn't have the disadvantage that IP's do of belonging to lots of people.
It's impossible.

  • 12.30.2011 9:33 PM PDT
  • gamertag: [none]
  • user homepage:

Well, here we are. I guess that it was destined to come to this.

Which is why I like the idea of not allowing posting from members that do not meet at least one of the following criteria.

1) Any level of trust/title that puts the account out of status of "member".
2) A cookie that is >8-24 hours old. I'd prefer 24, but even the 8 hour limit would slow/prevent a mass of alt account spam.


Without one of those, the member is taken to a warning page that apologizes for the inconvenience, and explains that the site requires a "baked cookie" in order to allow members to post and that this is a site protection method due to new/alt account abuse over the years.

  • 12.30.2011 10:31 PM PDT
  • gamertag: [none]
  • user homepage:


Posted by: dazarobbo
Posted by: spartan058 bill
Care to post reasoning? I generally agree, except the point would be to ban somebody who doesn't know what an IP address or proxy is, and MAC Address doesn't have the disadvantage that IP's do of belonging to lots of people.
It's impossible.

How so? Couldn't you set up an ACL type of thing with a setting of explicit deny in which you add MAC addresses to the ACL? You could have it so the web server within the DMZ won't even receive requests from banned MAC addresses because they will be blocked by the firewall/router's ACL.

  • 12.30.2011 10:39 PM PDT
  • gamertag: [none]
  • user homepage:

Well, here we are. I guess that it was destined to come to this.

Posted by: Alec9224
Posted by: dazarobbo
Posted by: spartan058 bill
Care to post reasoning? I generally agree, except the point would be to ban somebody who doesn't know what an IP address or proxy is, and MAC Address doesn't have the disadvantage that IP's do of belonging to lots of people.
It's impossible.

How so? Couldn't you set up an ACL type of thing with a setting of explicit deny in which you add MAC addresses to the ACL? You could have it so the web server within the DMZ won't even receive requests from banned MAC addresses because they will be blocked by the firewall/router's ACL.

Can a browser answer a MAC address request from a server without installing an add-on?

Even if it can/did/does, that would then mean the MAC address would need to be stored server-side and linked to an account in order to then enforce such a ban. And those bans would be like ultra-bans or a hosts file reroute in they would deny any access to the site.

  • 12.30.2011 10:48 PM PDT

We're concerned

Cafe|MLP: FiM|Bnet Regulars|FCAW
Got a question, comment, or concern? PM me.

You are basing your entire argument on the slim chance that the person who is being banned doesn't know how to simply reset their router to get an IP change... I really don't see how it would do anything anyways, bypassing a ban is really easy to do regardless of how you were banned.

  • 12.30.2011 10:49 PM PDT
  • gamertag: [none]
  • user homepage:


Posted by: Recon Number 54
Posted by: Alec9224
Posted by: dazarobbo
Posted by: spartan058 bill
Care to post reasoning? I generally agree, except the point would be to ban somebody who doesn't know what an IP address or proxy is, and MAC Address doesn't have the disadvantage that IP's do of belonging to lots of people.
It's impossible.

How so? Couldn't you set up an ACL type of thing with a setting of explicit deny in which you add MAC addresses to the ACL? You could have it so the web server within the DMZ won't even receive requests from banned MAC addresses because they will be blocked by the firewall/router's ACL.

Can a browser answer a MAC address request from a server without installing an add-on?

Even if it can/did/does, that would then mean the MAC address would need to be stored server-side and linked to an account in order to then enforce such a ban. And those bans would be like ultra-bans or a hosts file reroute in they would deny any access to the site.

I don't see why you couldn't use a network firewall that protects the web server and have it use mac address filtering. If it was to use MAC filtering, I believe it would be set as implicit approve, and then it would approve all SYN requests to the web server that didn't match the MAC addresses on the deny list... or I guess you could use a system of explicit deny and accomplish the same thing. I'm getting all mixed up, talking network security at 2:00 am ain't easy!

[Edited on 12.30.2011 10:53 PM PST]

  • 12.30.2011 10:53 PM PDT
  • gamertag: [none]
  • user homepage:

Well, here we are. I guess that it was destined to come to this.

Posted by: snipe champpppp
You are basing your entire argument on the slim chance that the person who is being banned doesn't know how to simply reset their router to get an IP change... I really don't see how it would do anything anyways, bypassing a ban is really easy to do regardless of how you were banned.

My idea of baked cookies would be a pain in the butt to bypass more than once a day.

It wouldn't allow incognito browsing, it would require a member title (and trust value) of someone who was established and any account that was at a member level would need a cookie that has aged or baked. If the cookie was just deleted and a new one downloaded... the member would have to wait for that cookie to mature or properly bake. And if they delete it, the next cookie they get has to bake all over again.

People who have armies of alts, would have to pass those armies through Thermopylae. In single file, 8-24 hours at a time.

  • 12.30.2011 10:57 PM PDT

Posted by: Alec9224
How so? Couldn't you set up an ACL type of thing with a setting of explicit deny in which you add MAC addresses to the ACL? You could have it so the web server within the DMZ won't even receive requests from banned MAC addresses because they will be blocked by the firewall/router's ACL.
You're getting too far ahead.

1) MAC is an addressing scheme used by Ethernet which is a protocol used at layer two of the OSI. That means when a frame is transmitted from one host to another, the layer two headers (including MAC address) are stripped off; they have no purpose or use at the upper-layers. Layer two protocols govern the rules for PDU transmission on a physical host-to-host basis, not logical end-to-end like in layer three across networks.

2) Multiple layer two protocols are in use. For example, from your modem to the CO you're likely using PPP. On The Internet (especially where ISPs are concerned) they're likely using Frame Relay.

3) Routers prevent the propagation of broadcasts to other/outside networks. Broadcasting is the method ARP uses to resolve IP Addresses to physical addresses on the local network.

There is NO method of getting a client's MAC address across The Internet. Anyone who tells you you can is wrong.

  • 12.30.2011 11:02 PM PDT

  • Pages:
  • 1
  • 2
  • 3
  • of 3