[Amit1998]

Hello,

I'm trying to script a system to track alternative accounts(for example if I issue an IP ban on a player I want to see if he's back and evading).

What are your tips(not asking for codes or anything)?
I tried GPCI matching but it's bugged and not relyable

[saffierr]

I'd say; Create a command that checks a certain IP address and then check if there are more than one accounts registered on the same IP Address.

[Abagail]

I hope you're using a MySQL account system. If you are, you can just use a SELECT query to check if there are any other accounts tagged to an IP. One thing you could do is track each IP used per account in a table (each login, or connect) and check if there are any matches.

[10MIN]

If you use a MySQL system for bans, and you have a table structure like:

Код:

Name | Banned | IP

then you can use this query on login to view if he is ban evading:

PHP код:

SELECT * FROM bans WHERE IP = 'THE_IP_OF_PLAYER' AND Banned = 'THE_VALUE_ASSIGNED_IF_IS_BANNED' 


And use cache_get_row_count to get the number of rows. If there are any rows then he is ban evading, else he isn't.
PS:This is just an example, I don't know your Ban System.

[Vince]

Nothing will be completely watertight. The combination of computer id + IP is a good start.

Learn about CIDR, though. Most ISPs will not have exact /24 (a.b.c.*) or /16 (a.b.*.*) IP blocks assigned to them for distribution. For example, an ISP may be assigned a range 123.212.0.0 through 123.212.31.255 (/19 network) for distribution (~8192 customers) . Such range can't be banned with the conventional wildcard method.

So I stopped storing IP addresses as text a while ago, instead opting for the integer format (look up INET_ATON and INET_NTOA in MySQL). Makes it easier to sort and to define ranges. A text-based sort will usually produce an output like this:

Код:

125.47.54.58
125.47.54.59
125.47.54.6
125.47.54.60
125.47.54.61

Which is useless.

You can self-host a database of CIDR ranges (see my signature for a tutorial) or you can use an external API.

[Xeon™]

Quote:

Originally Posted by Vince Nothing will be completely watertight. The combination of computer id + IP is a good start. Learn about CIDR, though. Most ISPs will not have exact /24 (a.b.c.*) or /16 (a.b.*.*) IP blocks assigned to them for distribution. For example, an ISP may be assigned a range 123.212.0.0 through 123.212.31.255 (/19 network) for distribution (~8192 customers) . Such range can't be banned with the conventional wildcard method. So I stopped storing IP addresses as text a while ago, instead opting for the integer format (look up INET_ATON and INET_NTOA in MySQL). Makes it easier to sort and to define ranges. A text-based sort will usually produce an output like this: Код: 125.47.54.58 125.47.54.59 125.47.54.6 125.47.54.60 125.47.54.61 Which is useless. You can self-host a database of CIDR ranges (see my signature for a tutorial) or you can use an external API.

that can be a wrrong warning some times. (tell me if im wrrong please)

what about using Client Serial? https://sampwiki.blast.hk/wiki/Gpci
Note that the most official's servers are using ban system based on Serial banning.

[Kane]

GPCI wouldn't be so efficient. It would work but there are CLEOs that change a players GPCI or for instance, if a player gets new hardware and their GPCI changes.

There could also be false matches (source: https://sampwiki.blast.hk/wiki/Gpci) since it isn't unique. Wouldn't solely rely on it.

[Vince]

Quote:

Originally Posted by XeonMaster that can be a wrrong warning some times. (tell me if im wrrong please) what about using Client Serial? https://sampwiki.blast.hk/wiki/Gpci Note that the most official's servers are using ban system based on Serial banning.

That's why I said to combine it with GPCI. And the smaller the range the greater the chance that it's the same person. Resetting the modem can get you a new IP address but it will usually be in the same range as the previous one.

Also if you know the IP blocks of VPN services and open proxies then you can block those too using CIDR ranges.

[Sithis]

Check for accounts with passwords similar to the banned account. Even banevaders are lazy people that don't like to remember multiple passwords.

EDIT: I am not encouraging you to store passwords in plain text or to deliberately weaken your password storage. Don't ever do that

[10MIN]

@Sithis what if i join his server with password parola and someone,maybe you, or anybody else just registers and put his password parola? We both will have the same password, but different IPs. So this won't work.