About Hostbot Banning systeme

[almalama]

Hello everyone!

I'm new in Ghost systems and if you may help me i would be pleased a lot.
We're running a server and we use IRC for controlling the Hostbots / Banns / Updates.

My question is about the banning system.
We use simple !lip [username] to get the information about the user IP / Owner(mac) /accounts.
We use !addban [username] [owner] [time] [reason] as banning.

Many of users can simply slip trough our banning system and they can easily change the mac / tcpip , create new account and join the server.

My superior told me that he can make sometling like a global bann, and ban "the pc" so the user won't be able to use his PC even if he changes the MAC/IP.
He told me to come here and look for some information, ask for some help, because he doesn't know the english language.
So my question is:

How can we provide to ban someone for good. Our bans lats for 3-7 days depending on users behavior.
We controll everything manually.
What are the excact ban parameters?
What is excatly banned when we bann someone, and is there any way to slip trough them? (Not the MAC / IP)
We want to make the server safer, and more organized, so please i'm asking you for some help / links about it.
This is a PvPGN server*

I'm a newbie in this, i'm sorry if i may look stupid or ask stupid questions, i hope someone can help me with that.

Thank you, I'm waiting for your answer.

Sincerely, Peter

PS: I'm sorry if i made the topic to wrong place and sorry for my bad english also.

[uakf.b]

Codelain.com isn't really the best place to ask about this.

[almalama]

I'm sorry then I tought there is everything about Hostbots / Ghost.
Where should I try then? Can you offer me something?
I'm kind of desperate atm..
Thank you

[uakf.b]

http://www.google.com/search?q=computer+unique+id

http://stackoverflow.com/questions/99880/generating-a-unique-machine-id

From what I understand, what you're asking doesn't have to do much with GHost. It has to do with identifying a user on the client-side, something GHost isn't meant to support because of it's Battle.net environment.

[almalama]

Okay well i was reading about the Unique ID and some of them i did understand, but i still don't get it.
Can users change all of their Unique ID (Fingerprints) or not.
There are things that can be changed like MAC, IP ... and what about the rest?
-CPU
Systen Drive Serial Number
-Memory
..

We use the Hostbot via IRC mysql ...etc on a PvPGN so i was thinking that this is the place to ask about this.
Thank you!

[almalama]

I can't find an answer and everywhere where I try to make a post they close it or delete it, so i'ts hopeless for me.
I just don't get it at all ..

[uakf.b]

It's not possible to create a fail-proof machine fingerprinting ban system. Anything can be spoofed with software (especially virtual machines) or hardware, and what you are doing only achieves security through obscurity. You could make a player-based ban system if you required them to provide their social security number, address, etc. and have a way to confirm that information, but obviously you don't want to do this.

So the only thing you can achieve is to make it difficult to bypass a ban, not impossible. There are also many criticisms of machine fingerprinting: they violate user privacy and don't really solve the underlying problem. For example, DotAlicious loses a lot of players because they do something similar without fully informing the player of what information is being gathered about them.

We use the Hostbot via IRC mysql ...etc on a PvPGN so i was thinking that this is the place to ask about this.

Just because this indirectly involves a GHost host bot doesn't mean that it relates to this website. Codelain.com is for Warcraft III hosting-related development and support, which IMO doesn't include client-side modifications that have to be separately installed and try to intrude on user privacy to gather their machine data. There's plenty of information just by searching for "machine fingerprinting", I am surprised you can't find it yourself.

[Freaky]

For example, DotAlicious loses a lot of players because they do something similar without fully informing the player of what information is being gathered about them.

Why would they lose players? It only checks some .DLL files in System32

[uakf.b]

If it checks more than things contained within the DotAlicious process itself, then it's intrusive.

[0x6D48]

Why would they lose players? It only checks some .DLL files in System32

Some people voluntarily install spyware on their computer. Those are usually the same people who install trojans without even knowing.

[Freaky]

Yeah ESL is known for spreading malware...
Better it checks some .DLL files ONCE (it does it only when you want to approve your account) than installing a service like Punkbuster.

[0x6D48]

In most cases you do have a choice .. like using DotAlicious. Other times you don't have a choice and have to deal with like like it's the case with Punkbuster, VAC and WoW.