[sub_ubi]

Quote:

Originally Posted by CMX_CMGSCCC

What I would do is something like this: (It would not be full proof, but it would be a good start)

1) Save all of the IP's that a user logs in from. (I believe the vB does this already now.) You could add a number of times each IP has logged into that account as well to see which ISP is the most used.
2) Check if there is multiple sessions with the same username. If there is more than 3, start the extra check in number 3.
3) Check if the IP's are close together, or far apart. (i.e. make sure the xxx.xxx.*.* parts match up or are very close. (Even resolve the hostname to see if its the same ISP but a different IP address because it was dialed in.)
4) Have a check in to set the account to banned if it detects x number of sessions logged in the time period of y. (Both x and y would be settings that the owner can set.)
5) If it detects say over 20 ISP's of the account and all are different ISP's, ban the account automatically.

I think with the above stipulations, you could catch a number of accounts on www.bugmenot.com for example. You might get some legitmate users here and there, but some of the Untachy hacks I have seen would hit some legitmate users sometimes too I think.

-CMX

That would be a very nice hack.

To make it simpler, just check the domain. If more than x domains are logged into the same account over a period of y, do z.

"z" doesn't have to be automatically banning the account, changing the pass, or anything drastic. It could simply make a note in a text file for an admin to read.