TROLLS !!!!!!!!!!!!!!!

[tommyhardhouse]

hello everone:D i have a troll problem .  I'm pretty new so sorry if it really shows in this post  LOL  So i have this troll problem i think the trolll is making new names - anyway to track that except by ip address . i'm pretty sure there number keeps changing and i cant block all of atnt.
are there any handy troll tools maybe ? something to help identify and block/ban/kill lol i'm really clueless , my boasrds just starting and i am trying to keep the trolls away " help please any ideas would be great

[dakotaroar]

I like trolls.  They stimulate conversation, if nothing else.

[H]

There isnt' anyway of tracking trolls if they know about proxies, free e-mail providers etc

[Code Wrangler]

Unfortunately, given the wide availability of proxies, there really isn't a handy way to keep someone out who really wants in.  You may want to set your registration to administrative approval.  That way, at least you get the opportunity to approve them before they can get into your forum and run amuck. 

[elfishtroll]

You have different types of trolls,

those people who are tactless, say things out of the norm of good behavior and are argumentative on the board ( some may find that a plus. people tend to react to 'issues' not 'topics' if you know what I mean)

Then you have those we are just deliberate malicious, and because of the anonymity they feel behind a proxy behave the worst on your forum and poison the  environment.

The first thing to do is set up fire walls to limit the damage they can do.

1st thing: LIMIT PM's - no more than 2/hour, 1 at a time for the first PM member group, NO PM ability for the newbies with less than 5 posts.

2. Limit posting in the general site until members have 1 or 2 posts in the introduction board or Sandbox.


3. Ban the ip address range of the proxy farms. You wont ban all of them, just enough so that they have to WORK to find the rest.

TROLLS DONT LIKE WORK.

when you DO ban them, dont "ban them" - just change the email address and change the login password. Have them spin their heels in frustration for a bit trying the "remind me" function


Some just want to be noticed/made to feel important! sometimes if you just engage them in conversation you disarm a situation!

(of course, some are truly assh*les)

but it CAN be done!

[K0H_K1u]

I always block this 72.232.162.50 it is the IP of various different Proxy sites like hidemyass.com (the popular stuff).

Also, did he originally use his real IP? If so report him to his ISP.

[elfishtroll]

I always block this 72.232.162.50 it is the IP of various different Proxy sites like hidemyass.com (the popular stuff).

Also, did he originally use his real IP? If so report him to his ISP.

I dont just block that IP, I block the ENTIRE CIDR range

deny from 72.232.0.0/16
deny from 72.233.0.0/17

thats Layered Technologies, and yes, they are a proxy server/hacking farm.
I've never gotten one non-hacking hit on my web sites from those (are we allowed to say "motherf[censored]ers" on this forum? )

lol

[K0H_K1u]

I always block this 72.232.162.50 it is the IP of various different Proxy sites like hidemyass.com (the popular stuff).

Also, did he originally use his real IP? If so report him to his ISP.

I dont just block that IP, I block the ENTIRE CIDR range

deny from 72.232.0.0/16
deny from 72.233.0.0/17

thats Layered Technologies, and yes, they are a proxy server/hacking farm.
I've never gotten one non-hacking hit on my web sites from those (are we allowed to say "motherf[censored]ers" on this forum? )

lol

I love it when script kiddies try outdated exploits on my site and XSS attempts in a freaking post (ROFL). I usually ban them and in the ban message give them there IP and what they did. They usually wet there pants I hope.

[elfishtroll]

There pants are ALREADY wet imho! ( you should see some of the referrer sites they are coming from just before they visit to mess with your site! LOL)

The key thing is to have your site REQUIRE Javascript and/or Flash

You can do it several ways easily, the simplest way is whith a script /noscript tag

for the Noscript, have a CSS statement that shifts the screen all the way out of sight

<noscript>
<style>body {margin: 3000px;background-color:#000000}</style>"
<img id="script" src="/public/U_need_JS.gif"  z-index:3; style="position: absolute; left:43px; top:265px;" />

<H3  z-index:2; style="position: absolute; left:323px; top:265px;" >I'm sorry, YOU NEED TO ACTIVATE JAVASCRIPT!<br></H3>
</noscript>

What that does (and without changing anything else on your site) is to shift the body waaay of screen so that they cant use it - but without messing with the other code.

If they approach with JS off, then they cant see anything! (there are ways to code around what I did -i..e. Greasemonkey, platypus scripting etc. - but you can also extend this further too, by making your site pull its scripting and even text via AJAX so that it just wont work without it.

Most proxies dont even work w/o JScript anyway, so that alone keeps most of them off

What I've done sometimes is to set up honeypots and post them to the proxylists so I can capture the naughty ones !

[K0H_K1u]

There pants are ALREADY wet imho! ( you should see some of the referrer sites they are coming from just before they visit to mess with your site! LOL)

The key thing is to have your site REQUIRE Javascript and/or Flash

You can do it several ways easily, the simplest way is whith a script /noscript tag

for the Noscript, have a CSS statement that shifts the screen all the way out of sight

<noscript>
<style>body {margin: 3000px;background-color:#000000}</style>"
<img id="script" src="/public/U_need_JS.gif"  z-index:3; style="position: absolute; left:43px; top:265px;" />

<H3  z-index:2; style="position: absolute; left:323px; top:265px;" >I'm sorry, YOU NEED TO ACTIVATE JAVASCRIPT!<br></H3>
</noscript>

What that does (and without changing anything else on your site) is to shift the body waaay of screen so that they cant use it - but without messing with the other code.

If they approach with JS off, then they cant see anything! (there are ways to code around what I did -i..e. Greasemonkey, platypus scripting etc. - but you can also extend this further too, by making your site pull its scripting and even text via AJAX so that it just wont work without it.

Most proxies dont even work w/o JScript anyway, so that alone keeps most of them off

What I've done sometimes is to set up honeypots and post them to the proxylists so I can capture the naughty ones !

Where would the code go (sorry im not a webdev) boardtemplateindex?

[elfishtroll]

yeah, you can put it anywhere that outputs HTML code, it doesnt matter you just drop it in!

[Coldfx]

Uh, what about people with Javascript not enabled?  And almost ALL proxies I know of allow JS, espically the major ones like Tor-based proxies.  Sorry, but that idea is very harmful to a small number of potentional users.

[elfishtroll]

well, you can block TOR -The Onion Router quite easily, and the PlanetLAB/Codeen Networks.. all of them issue a proxy signature anyway so you can block them in realtime w/o maintaining a list

Now, the proxies do ALLOW javascript to be clear, but then you can use that same javascript to pierce their anonymity!

You can use the Javascript to seriously sniff the browser, and detect if they browser is a spoofed one (Like Opera pretending to be IE6) or a legitimate one.

You force GZ encoding, and reject connections that try to access with 'ACCEPT ENCODING' set to blank or 'none' or an unrecognized string.

HTTP hacking tools, that intercept the browser traffic to analyze your AJAX calls for example, want an uncompressed stream, so my methods will kick those out as well

For ppl with javascript disabled, well they get redirected to cellphone content - a daily generated semi-static page, and the unwrapped forum since SMF has WAP support.

they have to key a special token to access the site (because cell phone isp are really proxies, many people share IPs)