Author |
Topic |
|
Astralis
Senior Member
USA
1218 Posts |
Posted - 08 June 2007 : 13:07:46
|
I know this has existed at one point but I can't find it in searches nor on the mod site.
I'm having a few members over time return or post under two usernames while this is against the terms of service.
Is there a mod that can find when a user is using the same IP AND also if a user shares a similar IP for those who have dynamic IPs? That would alert me to a user posing under a new username.< |
|
AnonJr
Moderator
United States
5768 Posts |
Posted - 08 June 2007 : 18:17:39
|
quote: Originally posted by Astralis
find when a user is using the same IP AND also if a user shares a similar IP for those who have dynamic IPs? That would alert me to a user posing under a new username.
Not to be critical, but how would you tell the difference? All you would have to go on are two different user names (and probably e-mail addresses) and the same IP... multiple people behind the same proxy will look the same as the person who sets up multiple accounts.< |
|
|
Astralis
Senior Member
USA
1218 Posts |
Posted - 08 June 2007 : 18:27:05
|
How to tell the difference?
The IPs are stored in a field in the db. Whenever one IP matches the IP of another user then I would get an alert of some kind. Why couldn't this work?
For the IPs that change from, for example 12.34.56.78 during the firt or previous visit to 12.34.56.91 the next time someone else logs in then I would also get alert or maybe it could look at the first two (12.34) then if they matched then I'd get an alert depending on how sensitive I make it.
Because this might be too much to run every day, maybe make it so the query is triggered somehow and runs once a day or once a week.
I run a debate board and over the years I've had many people posing as other people so when I catch them a lot of the users lose faith in the board and wonder if they're debating the same person. I'd like to say I can find them easier. Believe me, some can hide for a long time without getting caught.
Thoughts?< |
Edited by - Astralis on 08 June 2007 18:32:28 |
|
|
AnonJr
Moderator
United States
5768 Posts |
Posted - 08 June 2007 : 20:24:14
|
Depending on the ISPs used and the general makeup of your forum's population you could spend a lot of time chasing down false-positives due to heavy proxy use (a la AOL and company) or from the college types that are in a dorm (and usually appearing as the same IP) or people who share appartments/houses (same ID).
In all the examples above you'll get alerts for multiple people using the same IP, but they are legitimately different people. How are you going to tell those from your people that are signing up as multiple users when the only real criteria can't give a definitive answer?
This hearkens back to the larger issues that a lot of sites are being forced to attempt to deal with - how to definitively ID somebody... and due to the nature of the web you can't with anything even close to 100% accuracy.< |
|
|
Astralis
Senior Member
USA
1218 Posts |
Posted - 08 June 2007 : 20:53:03
|
I don't mind not having 100% accuracy. Even the knowledge that two people share similar IPs would simply alert me and to watch their debate or flag them for a moderator.< |
|
|
Etymon
Advanced Member
United States
2385 Posts |
Posted - 09 June 2007 : 10:22:51
|
A table that has a record inserted into it each time a member logs into the site would begin the process of logging IP Addresses.
First, you could do a query against the table to see if the ip address going in equals an existing ip address. Second, if there is a match, then do another query to see if the member id that is going in equals the member id of the matching ip address. If it does, then exit the query, and do not add the entry. If the member id does not match, then insert a new record into the table. Third, do a query to see if the matching ip address belongs to a different member id. If it does then insert a new record while also sending you a notification (via Private Message and/or e-mail). Of course, you refine this to match segments of ip addresses as well.
Then, when you log into the site, a separate query could be run that checks for the parameters you desire and displays a list of results (in another window or whatever). Or, you could do this through an admin panel where you can have more control over the queries and results.
By doing it the way mentioned above, you would be tracking the ip address of everyone who logs into the site. If you wanted to log just those who post, you should track the activity via post_info.asp rather than inc_header.asp. Tracking the ip addresses per post (depending on how you set it up) will also help you see patterns in posting habits and needs. So, for your concerns, that may be a better route as the one mentioned above also tracks lurkers and casual visitors who may hold multiple accounts but are not malicious with them.
That's the first route I would attempt towards tracking ip addresses in question. You need to start a log. I would be comfortable if it eventually grew 2 to 2.5 times larger than the size of my member base considering that if my site was a passion of my members, then they would be checking the progress of debates from various locations to keep abreast of the latest developments.
Currently, I am not able to write this for you as a MOD, but this will give you an idea of something to think about.< |
Edited by - Etymon on 09 June 2007 10:37:17 |
|
|
pdrg
Support Moderator
United Kingdom
2897 Posts |
Posted - 09 June 2007 : 14:24:56
|
For my 2p, I'm with AnonJr on this one - I hear you're not after 100% accuracy, but this may be a hiding to nothing - IPv4 means NAT for proxied connections (AOL, dorms, Israel, etc) so you'll hit more false positives than it's worth. Back in 1999 (and think how many more connections there are now compared with 1999) I worked on a major entitlements system for a major publisher - they had discovered back last century that IP filtering just was too crude to be useful.
Of course, you know your requirements best, just have to warn you though!
IP is a part of every request, so easily saved to a table/page as Etymon describes above. As opposed to building it as a mod, if I were you, I'd just manage it in (say) excel or access for now, see if it is useful in this case, and if so you can start work on automating the process
And just to make sure, you know the 127.x.x.x, the 192.168.x.x and 10.x.x.x blocks are all reserved blocks, so they will make no sense if you try searchign for or blocking them?< |
|
|
Etymon
Advanced Member
United States
2385 Posts |
Posted - 09 June 2007 : 16:16:21
|
I agree that IP address tracking is not 100% truthful but rather sketchy as the guys are saying. You could also hit folks where it makes them think by requiring paid memberships for the debate forums. Then you could perhaps narrow down billing addresses and even then it could be sketchy. If a person wants to be deceptive they can allude a lot of preventative measures. When things cost money the cheaper con artists should become fewer.< |
|
|
|
Topic |
|