Thread: Spam Killers Alert

I have a static IP by choice at my house, but cable internet is known for using dynamic IPs. Regardless, there is a way around that so that I could have a different IP each time I connect to any website - and have that IP change every 30 minutes.

Originally Posted by OLD_SCHOOL

We had one earlier today, advertising same stuff. Seriously, just ban their IP address, then they cant create a new account every other day.

The biggest problem with banning IPs is the fact there are finite numbers of IPs around. There is a gorwing problem in that the internet has no more IPs and more are being increasingly shared. There was an article I read recently when a Wiki moderator blocked an entire country from editing Wikipedia because that country had only one IP to serve all internet users there.

Originally Posted by Mike_ratliff

That only works if they have a static IP address...
It might stop them for a day or two, but it also runs the risk of cutting off any other members who are with the same carier.

They need to make SRP have a persistent cookie, maybe a java one that can be activated by a moderator for these spammers.
That way once a spammer is identified, the cookie can basically burn their identity into their computer, don't allow them to sign out, and make it automatically redirect them elsewhere when they try to open the site.

This isn't illegal, or immoral, it isn't even difficult. They come in as one id, spam, get banned, and the next time they try to access the site instead of seeing SRP come up on their screen, they are automatically redirected to Barney's web site...

and because the SRP cookie is made to be persistent, and to not allow them to log out they would have to erase the cookie before they can access the site again under a different ID. This is easy with regular cookies, but still takes time, with Java cookies, it's darn near impossible.

The plain and simple truth is these spammers don't have time to mess around with sites that fight back. They come in post until banned and move on to their next ID. Many of these spammers are probably the same individual with several member names.
Why should the Moderators have to bann the same guy 10 times a week.

Quality spyware/malware programmes take care of stuff like that, though.

Originally Posted by OLD_SCHOOL

I thought only dial-up uses a non static IP address no? Or you think they might have one of them IP hiding devices?

I have wireless, and if I reset my router I can get one of about three different IPs- I'm guessing they are shared among all the computers that use my ISP in the area.

Originally Posted by peas_and_corn

The biggest problem with banning IPs is the fact there are finite numbers of IPs around. There is a gorwing problem in that the internet has no more IPs and more are being increasingly shared. There was an article I read recently when a Wiki moderator blocked an entire country from editing Wikipedia because that country had only one IP to serve all internet users there.




Quality spyware/malware programmes take care of stuff like that, though.




I have wireless, and if I reset my router I can get one of about three different IPs- I'm guessing they are shared among all the computers that use my ISP in the area.

Java cookies won't be cleared by a spyware or mal ware program, because too many of them are required to run web sites properly, and the companies that deal with them only search out and destroy ones that are prevalent in the thousands, and meet a specific parameter.
a SRP Java cookie would not be listed on the list of removable items because it wouldn't be recognised as malicious. Frankly the cookie need only identify the user, the redirect could be a command from a list on the SRP site. They already use cookies to recognise us, and let us know when we have PM's.

The difference would not be the practice of using cookies, but simply creating a directory of banned users, and using a cookie hidden on their machine to uphold it. You take away their option of signing out because they can't get to the site to sign out. It would be an unnoticable change to all of the rest of us, because we wouldn't be on the list of individuals who get redirected.

And by using a java cookie, the clear history and clear cookies command would not remove the java cookie. Those are much harder to remove.

Frankly we could all be switched over to java cookies, and we would never know the difference, they function in the same manner. but if I decide to sign in as JoeSpammer, and cause trouble. the JoeSpammer java cookie would be on my computer. next time I tried to go to SRP, the SRP web site would see JoeSpammer, and would send me on my merry way to some other site. Essentially I would type SRP.com, and end up at Barney.com... SRP wouldn't even appear to me, it would be as if it didn't exist. You could even make it so that an error message popped up and said that site didn't exist... "Sorry you have reached the end of the internet, please go back and try again."

Or better yet... SEND THEM HERE

I have spyware programmes that do flush out all cookies- though I have to do a scan to find them. It's evident when I return to forums such as this and I have to click 'remember me' again.

Originally Posted by peas_and_corn

I have spyware programmes that do flush out all cookies- though I have to do a scan to find them. It's evident when I return to forums such as this and I have to click 'remember me' again.

Those are cookies that are stored in HTML, Java cookies are harder to remove. I don't know of any spywae or adware programs that remove them.
Simply put they are considered too important to allow a clean sweep...

Banks use Java cookies to recognise your computer when you log on, as an added form of security...
If a Java cookie was used, the spammer would be hard pressed to overide the block. The easiest way would be on a different computer...
Even a HTML cookie would give a spammer a very hard time, they would be redirected, and would have to clear their cookies, before they could attempt another identity. If they just move on, and don't clear their cache, they will get hit by the cookie whenever they try to go on to SRP. depending on how intelligent they are, this may cause a pretty good reduction in the amount of spam.


The whole idea here is that once banned they can't click log out, because they are automatically redirected before they ever see SRP. So they have to be computer savvy enough to know how to get rid of the cookie on their end before they can get back and try to get a knew ID.
If the cookie is hidden, like Java cookies are, they won't be able to delete it.
Thus the spammer will not be able to see, or spam SRP on that computer again without going to great lengths.
Not to mention that spam site is just evil.

Frankly I would set it to save both a HTML and a Java cookie, and try it... It's no different than a regular ban, they just have to change a few minor settings, and instead of having it post a message that a member is not allowed, have it redirect them. The redirect will automatically prevent them from signing out, because it sends them away before they can click on the button that says "sign me out"

It's a simple enough concept, think of it as a detour.
It's just another measure against spammers, it isn't fool proof, but it makes them work harder, and hopefully takes a bit of that work off of the moderators. Not to mention the satisfaction Doc will get knowing he is banishing a spammer to Spam.com...

All the above are good ideas, but I think that a very useful thing would be a "Report Spam" button (similar to the "Thanks" button) that would notify the mods of a potential problem. There are, after all, many more users than mods.

just like the exclamation point found on the lower left hand of this screen.

Originally Posted by fritz

All the above are good ideas, but I think that a very useful thing would be a "Report Spam" button (similar to the "Thanks" button) that would notify the mods of a potential problem. There are, after all, many more users than mods.

as Doc so delicately put it, we do have a button to report bad posts...
that is where we go to report spam.

I'm just saying that banning them like they do now is like chasing a stray cat out of your yard. as soon as you go back inside, they come back.
We need a way to tag them as spammers so that they can't just make a new user name and post more.
That's why I want them tagged with a java cookie that is very hard to find and remove, and then redirected so they can't log out.
For the rest of us the transition to Java cookies would be pretty much seamless, We might come back, and find ourselves logged out, because the HTML cookies in use are no longer valid, but a good programmer can even work around that. Once it's switched to java cookies, the program administrator just needs to make minor changes to the message that is sent when a user is banned. Instead of sending them to a page on SRP that says you've been banned, send them to an outside link. such as...
spam.com

Because their ID is stored on a Java cookie, it isn't cleared with the regular history, or when deleting cookies, or even when restarting the computer.
Because they are automatically redirected before they can access the SRP web site, they can't log out.
In essence you haven't just locked them out, you've hidden the whole house from them.
It's hard to graffitti a wall that you can't see. and unless they read this thread before they get banned, they aren't going to know how they were banned, or even what to look for to bypass the bann.
If the administrator wanted to be subtle, and really comnfuse them, they could be redirected to something that is similar, so they think they misspelled the web address... Send them here, or here, or here...
It might take them a while to figure out what's going on.

You can also send them to something totally unrelated like this site

That site is evil... and interactive. I was digging clicking on all the characters. The spamburger's noises are a bit disturbing tho...