Go Back   vb.org Archive > Community Discussions > Modification Requests/Questions (Unpaid)
  #1  
Old 07-17-2001, 04:24 PM
Ruth Ruth is offline
 
Join Date: Oct 2001
Posts: 171
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Could someone help me with this hack please, i am trying to prevent password sharing in vB, the hack is based on:

(a) limiting access to a specific account per one ip adress at the same time.

(b) if there are more than one ip adress, for the same account at the same time, the account will be reported to the administrator.

(c) limiting access to one account to a number of ips/day, for example if the there are more than 10 ips/account/day the account is reported &/or deleted.

Thanks
Reply With Quote
  #2  
Old 07-17-2001, 04:39 PM
AaronB
Guest
 
Posts: n/a
Default

You could present problems with IP restrictions. I, for example, login from home and work each day... so I have 2 IP's that I would come from and be reported every day.

Most modem users and all AOL users will get a different IP each time they log on. So if I have to get on and off because a family member needs the phone, I could have umteen IP's each day as a result.

I'm not positive on this one, but I think you can actually switch IP's with AOL while in a session. They can change you IP from just clicking from page to page.
Reply With Quote
  #3  
Old 07-17-2001, 04:55 PM
Ruth Ruth is offline
 
Join Date: Oct 2001
Posts: 171
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
, for example, login from home and work each day...
true but you wouldn't be using this at the same time i.e you will not be at home and work at the same time.


Quote:
Dynamic ips
i myself use a dynamic ip, thats why i asked for this option to be reported at least if not deleted, so that i can compare the ip adresses, dynamic ips will result in the last 3 numbers to change...

111.222.333.444 (444 in this case and sometimes 333) but it will be under the same company which is AOL for example.

also if you can set the number of ips/day to a certain number say 10/15/20 ips depending on the nature of users, before an account that can be deleted (if you want this option, otherwise reporting in dynamic ip community)

cheers,
Reply With Quote
  #4  
Old 07-17-2001, 06:49 PM
JGraham9382
Guest
 
Posts: n/a
Default

If someone made this I would DEFINATELY implement this in my board...plus I would kiss their feet...lol...
Reply With Quote
  #5  
Old 07-17-2001, 07:35 PM
BradC
Guest
 
Posts: n/a
Default

I always thought that.. all ISP and everyone had a common ip..

lets say I have 207.1.7.222..

I always thought that atleast 207.*.*... was the same, it was the number after that..
Reply With Quote
  #6  
Old 07-17-2001, 08:07 PM
MrLister's Avatar
MrLister MrLister is offline
 
Join Date: Oct 2001
Posts: 434
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

it is. users on cable almost always start with 24.*.*.*
Reply With Quote
  #7  
Old 07-17-2001, 08:16 PM
GameCrash GameCrash is offline
 
Join Date: Oct 2001
Location: Germany (Bavaria)
Posts: 262
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Why don't you work with cookies? It would be easier and better (I think)...
Reply With Quote
  #8  
Old 07-17-2001, 08:45 PM
Ruth Ruth is offline
 
Join Date: Oct 2001
Posts: 171
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

There are 2 type of IPs:

(1) Static IP
where the whole ip is the same...this is found on cable users...

(2) Dynamic IP
where the last few numbers change, but the DNS of the ip will show the same company (ISP), this is found on most dial up connections, and it changes with every new connection.

(3) Nevermind IP Spoofing

Quote:
Why don't you work with cookies? It would be easier and better (I think)...
GameCrash, i can't understand exactly how you want to use cookies for that purpose.

The idea of this hack is very protective for vB, for a simple question which is "what would be the case if 2 users logged to the same account in vB at the same time with 2 different ips?

Is there any security in vB for that?
Will it report this to the admin?
Will it delete the account?

All this will result in the account being abused, especially when it is not that easy to be a member of a certain vB, like mine

cheers,
Reply With Quote
  #9  
Old 07-17-2001, 09:45 PM
dabean dabean is offline
 
Join Date: Oct 2001
Posts: 247
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

You shouldn't assume that the first section of IP address will not change because most of the larger ISPs have IP allocations in completely different blocks. For example the US cable co roadrunner could dynamically allocate you a 24.x or a 65.x another example is aol where you could get 152.x or a 205.x or 172.x etc....

Secondly if the isp or the person browsing is using a proxy there is always the risk of recording the proxy address not the actual users address. In theory all proxies should forward the user ip but in reality many don't including some "transparent" proxies used by ISPs.
Reply With Quote
  #10  
Old 07-17-2001, 10:02 PM
Ruth Ruth is offline
 
Join Date: Oct 2001
Posts: 171
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
For example the US cable co roadrunner could dynamically allocate you a 24.x or a 65.x another example is aol where you could get 152.x or a 205.x or 172.x etc....
as i mentioned before in this case the DNS will show the same for the company or ISP

Quote:
the person browsing is using a proxy
Again, each user will have a limit of 10/15/or 20 ips/day, and after at least a week of recording the ips, you will know if thats a regular ip (or proxy) used by that user.

And why are you making it so complicated, take life easy, how many people will use a proxy? and if you find someone using a proxy s/he will probably use it forever (instead of showing the regular ip) not only for my vB!

take the idea of the script easy...start by understanding the need for detecting 2 users logging at the same time with the same account...don't go further...at least for now

cheers,
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 09:12 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05754 seconds
  • Memory Usage 2,255KB
  • Queries Executed 12 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (2)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (7)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete