What about old games where this(ese) players were involved in? Are those still counted or is their a procedure that cancels/draws them?

Yesterday I banned the account PBSmassacre for being a clear multi. At this point I also find Bearnstien points and was going to discuss the issue with another mod before probably leaving Bearn to play on with a warning.
Soon after this Bearnstien started claiming to control a number of accounts, and others of you also gave accounts that you believed were his. I have looked through and most of them look to be separate from Bearnstien, although this investigation is ongoing.
This morning I came on to find several threads started by Bearnstien making unreasonable demands and just generally being a nuisance. I have an inappropriate PM, and so have banned Bearnstien.
To the other main accounts implicated, especially if I've messaged you, I would like you to get back to me soon, or you may find my patience has been rather worn down.
Figlesquidge

I would love to see IP bans implemented. So that banned players cant re-register and return under a different alias..

Haha, that'll teach me to pretype my threads again.
Hmm, to be fair most of the games he was in were fair(ish). Certainly it doesn't look to me that there were any other multi's around, although as mentioned above the investigation is ongoing.
A far more difficult question is whether he and his friends were guilty of serious meta-gaming, and if so we will have to find appropriate punishment and compensations

IP bans were implemented a while back, but are not a good thing in my opinion. Most ISPs tend to give out different IPs when people disconnect then reconnect. So, if one of these was banned the player would just need to turn off their router for an hour or so (depends on the ISP), turn it back on and get a new IP. Thus they would avoid the ban, and as the banned IP would now be back in the 'pool', it could mean that others were unfairly blocked from the site.

Ok thanks again.

figlequidge, isn't it possible to discover remote MAC addresses? These are a little bit harder (read: more expensive) to change than IP addresses.

I didn't think ISPs disclosed MAC address'?

Maybe not willingly. :-)

It's been a while since I messed with these kind of things and I am sure there are more knowledgeable people here than me.

Of course, one way would be to insert code that the players browser would run to discover and submit MAC addresses.

I'm not confident its available through legitimate means, so to me it seems that would have to be a worm, which probably isn't feasible!

Make it part of the sign-up process. You can try the site out for some period of time with the provision that if you want to continue after that you agree to have your MAC addresses reported.

Yeah, fuck that.

In doing so you'd be locked to one PC, couldn't have family or friends ever use yours and it would scare away a lot of people...
I would hope that'll never happen!

No matter what system of control you try to implement, there's a way around it if you care enough. Resorting to such measure would only serve to alienate legitimate community members who have the decency to follow the rules.

Unfortunately trolls like this are things we must deal with as best we can.

Bearnstwho?

thanks figle, job well done.

Good work figle.

Oh, sorry. I didn't know I was supposed to post here only.

*bump*

And he is banned? Thank goodness.

this new guy with "bears" in his name seems perfectly legit, guys

I know Acosmist. I was thinking the same thing!

The---- Bears, The-----Bears, The----Bears, The----Bears. The----Bulls, The----Bulls, The----Bulls, The-----Bulls!

You like my name? I'm frickin in love with SNL!

So, figlesquidge, are you considering a full time job as the Bearnstien banner? This is becoming quite an undertaking.

And don't forget that external IPs are shared across internal networks at workplaces and universities. I could go up to any computer in my office and check their external IP and they would all be the same. My ADSL authentication server also does dynamic internal IPs (DHCP) and routes the traffic from external sources to their correct internal address based on additional info in the packets. But every request from one of the laptops in my office would have the exact same IP. It's only cookies and session state that allows the site to know which is which for the responses. And even if you looked at the packet headers and identified the specific internal subnet, ti could be reset at my end by the user resetting their network connection (flip of and on their WiFi or do a "repair" on their gigabit wired connection).

Amateurs who don't truly understand the fluid nature of ISPs and subnets really should leave it to the experts.

@gjdip - depending on the system, they can be easy to change and the MAC address on a request from a subnet, usually is the MAC address of the router doing the translation, not of the source machine. You coudl potentially get the ports, but that could ban an entire wifi segment or a secondary switch as well. There really is no good way to implement bans like that.

Good point.

Any MAC address you receive over the Internet will just be the MAC of the last computer involved in sending the packet to you (the last "hop"). If you ban it, you will probably eliminate the entire user base.

Here is an example of why MAC and IP address banning is so difficult. We just expanded the seventh floor of our Corporate HQ, building 12 new cubicles and offices. At the same time, we completed our sixth floor complete with 30 new cubicles (we closed our old downtown HQ and moved the people into the new corporate HQ, strictly an office consolidation as we had out grown the one in the other location, and have the top three floors we are building as we grow at our new HQ).

Anyhow, I now have a T3 coming in which runs to our DMZ/firewall which has its own IP and MAC. That then runs to the public server switch, which has it's own IP and MAC and that in turn runs to our public web server farm. The other side of the firewall actually splits off the segment that is our internal network, running to the switch for the internal servers. that switch has the 6th floor and primary 7th floor switch attached to it, and will eventually have the 5th floor switch attached to it. Right now, the 7th floor switch has a second switch attached to it that runs all the new cubes and offices on 7. So, to get to some of my 7th floor laptops, you go through a firewall and three switches all with their own MAC codes and pakcet overheads to know where to route the packets. Half of the stuff isn't even visible to a web browser as it is part of the encrypted packet header and not part of the HTTP protocol headers the web servers can see.

When we complete the 6th floor, I will have to add another switch there and will probably have two by the time we have filled the 5th floor as well. We are only at 80 people right now, but grwoing and already a remote web browser would find it nigh on impossible to identify a unique computer based on header packets alone.

Good job Figle! I am sure that he hasn't stopped making accounts but I would like to see a list of all the people that have been banned or under questioning

Hmm, a list of banned people, fair enough. Those under questioning: no chance. Innocent until proven guilty.