Trace Thru Proxy???

[cisco guy]

A friend of mine has a small web based BB. He banned someone, guy came back. Banned again, came back. Apparently he gets high anon proxy url from a list, configures browser, and re-registers. He has actually laughed at the board, saying he never turns on Java, Javascript or activeX.

Is there any software etc. that can trace thru a proxy to ban him permanently, or complain to his real IP?? Or is it hopeless?

 

[XOR != OR]

Turn off registration until he gets bored. *shrug*

Anything else is more work than he's worth.

 

[cisco guy]

thats the prob he doesnt get bored and I love to work

anyone else?

 

[mrbobo]

possibly contact the person in charge of the proxy and inform them of the abuse.

 

[cisco guy]

he changes proxy every day

 

[mrbobo]

right but generally they keep logs of IP's, I don't know how open they are in devulging that information though.

 

[cisco guy]

they dont give out any info except to law enforcement.
most dont even care anymore, sometimes you cant even get someone in abuse to answer.
all he wants is the ongoing means to get thru a proxy to grab original IP to be blocked
it would have to be done in real time, i guess

he doesnt want him kicked from his IP - just block him from accessing BB
if its not doable, then its not.doable
i'm not into adavnced tracing, so I thought I'd give it a shot here.

 

[XOR != OR]

Well, here's what I might try: Put an ad on the page, with unique cookies for your visitors. Make it look like a real ad too, this is an act of deception. Use a completely different domain if you can, prefixed with 'ad'.

Then, when he visits again, capture that unique cookie ID, and redirect him to a page you setup ahead of time, maybe a mirror of the bb made just for him. That way, he's unaware of how he's tracked, and he'll be unaware for a little while at least that he's on a fake site.

This is all very much dependant on his browsing habits of course. If he accepts cookies manually, then he may reject the tracking cookie.

 

[M11]

What BB software are you on? Each distro has multiple ways (official or add-in) of dealing with trolls, which can range from hellbanning to global ignore. It would be more effective to tackle the problem this way, since anonymous proxies are little different than if he called a friend and told him to attack-an anonymous proxy is nothing more than a server set to accept remote commands, and not tell who sent them.

You may, depending on the proxy, be able to look in the session headers, and find an X_FORWARDED_FOR variable-this is his real IP. Its worth a shot, that eventually he might screw up and use a proxy thats not high-anon.

 

[MeatWad]

A friend of mine has a small web based BB. He banned someone, guy came back. Banned again, came back. Apparently he gets high anon proxy url from a list, configures browser, and re-registers. He has actually laughed at the board, saying he never turns on Java, Javascript or activeX.

If your friend can find a way of getting the mac address, and that the best way to keep him banned from the boards, is to ban the Mac adress of the NIC

Here's the Google Search results on banning Mac addresses.
http://www.google.com/search?q=bann...ient=firefox-a&rls=org.mozilla:en-US:official

 

[M11]

If your friend can find a way of getting the mac address, and that the best way to keep him banned from the boards, is to ban the Mac adress of the NIC
Here's the Google Search results on banning Mac addresses.
http://www.google.com/search?q=bann...ient=firefox-a&rls=org.mozilla:en-US:official

MAC addresses are no longer relevant once the data has passed through a router. MAC addresses are only used for localized Host->IP lookup.

 

[cisco guy]

thanx for taking time to answer, but this is way past cookie tracking

need some way to repeatedly look thru proxy to real originating IP address to block

guess we'll have to hire Kevin Mitnik

 

[MeatWad]

The best way is to make a report to his ISP on what he is doing, that the best way.

 

[cisco guy]

the guy has already boasted how he does it - he goes to http://www.stayinvisible.com/index.pl/proxy_list and goes to the proxy list and inputs the first working high anonymous proxy. The only thing we would have is the time of logon.

 

[cisco guy]

The best way is to make a report to his ISP on what he is doing, that the best way.

We dont even know his IP address

 

[M11]

If he uses a high-anon proxy, there is no way to get past that and find his real IP. You'd be better off just using a hellban/global ignore/new user moderation to address the problem. Every time you ban him outright, he'll just re-register.

 

[cisco guy]

yeah, thats what I figured

oh well.

 

[bigstusexy]

Well he said he doens run java and activex right, fid a program in one of thoese that tells you the IP address and but put it on the boards, but before you do make the site such that you have to have that features eabled. Tada! if he doesn't turn on java/activex what ever you choose or choose one out of them all that has to be enabled, he doesn't get in, if He does turn it on then you can have the program report to you his real IP address. Make it so that every pages checks for this.

or

Make a program to search the list at the site he goes to and set a short maybe to day ban on lets say the first 50, or complete High anonymity addresses it finds. As long as you automate it there is nothing to worrie about

 

[JTY]

Just ban anon-proxies from accessing the site. Just get a proxy list and deny those IPs.

 

[BobSutan]

^^^ Do what JTY and bigstusexy said. Both methods should do the trick.