1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to deal with a constant troll? Please help!

Discussion in 'BlackHat Lounge' started by dandee0014, Aug 19, 2009.

  1. dandee0014

    dandee0014 Junior Member

    Joined:
    Jun 18, 2009
    Messages:
    106
    Likes Received:
    9
    There's a troll on my site who I've banned. I went so far as to ban his IP address. Now, he's coming back through a proxy and making death threats, all kinds of racist remarks, and doing other things to aggressively spam my site and damage my business. He doesn't stop. Probably 10 new accounts created nightly without fail.

    How would you suggest dealing with him here? Anything I can do to render his proxy ineffective? Any ideas for a page to redirect him to that may scare him enough to never come back again? Any suggestions are appreciated :cool: .
     
  2. trushafty38

    trushafty38 Regular Member

    Joined:
    Jul 24, 2009
    Messages:
    208
    Likes Received:
    99
    Occupation:
    I have many Hats, Including a black one.
    Location:
    My rep is ruined! lol
    shut down new log ins for awhile. Why would he be doing this?
     
  3. dandee0014

    dandee0014 Junior Member

    Joined:
    Jun 18, 2009
    Messages:
    106
    Likes Received:
    9
    It's a pretty high traffic site and I get a bunch of natural signups every day so I wouldn't want to do that.

    He's doing this because of sour grapes over the fact that he was banned to begin with...and he seems to be a bit mentally off, to say the least.
     
  4. shudogg

    shudogg Regular Member

    Joined:
    Sep 23, 2008
    Messages:
    412
    Likes Received:
    153
    Occupation:
    Internet Marketing
    Location:
    Indiana
    Home Page:
    lol, I feel ya on that.

    If you have vBulletin there is a plugin that will deny signups via proxy, or show their real IP.

    You should make the users first 5 posts moderated. Meaning that a new user who doesn't have 5 posts yet, when they make a post it won't show up and will go to the admin moderation queue. This ass you have, he won't know it at first and make a quick post. You will see his bad comments in your queue, just delete his account. Maybe he will see that his post never posted, and know about the moderation queue. Then he will have to make 5 legit posts. This might deter him, but if he really wanted to its easy for him to bypass.

    I would look in to blocking proxies completely on your registration form. Your host may be able to help, or look into Apache stuff.

    Are you sure he is using proxies? I had a guy that could easily change his IP (air card or DSL). The first set of numbers were the same, but the last set different. So I just blocked his IP range.
     
  5. boffmaster

    boffmaster Junior Member

    Joined:
    Jun 1, 2009
    Messages:
    144
    Likes Received:
    32
    I saw a vBulletin admin have a plugin that they could use to make a users experience very poor on a forum. For example, say user Frank is a pain in the butt. You use the plugin to give him all kinds of timeouts, a very slow connection, and fake crash screens. That way they won't bother making extra accounts because they think your forum is messed up. They eventually get so frustrated trying to post that they leave you alone. I'm sorry but I can't find the name of the plugin.
     
  6. zenerchi

    zenerchi Regular Member

    Joined:
    Jul 13, 2009
    Messages:
    322
    Likes Received:
    294
    Occupation:
    Building wealth and refreshing my stats page
    Location:
    Earth
    Make a button other members can press like `rep`and it sends a fart through his computer screen and into his face.
     
  7. blazen

    blazen Regular Member

    Joined:
    Mar 8, 2008
    Messages:
    471
    Likes Received:
    147
    You should also report him and his actions to his ISP. Tell his ISP what is he doing, spamming your forum, etc. By getting his ISP involved they can cut him off.

    Also like someone said above you can also get a plugin or script that blocks proxies.
     
    Last edited: Aug 19, 2009
  8. PepsiGuy

    PepsiGuy Registered Member

    Joined:
    Apr 25, 2009
    Messages:
    81
    Likes Received:
    130
    You should just manually approve new registrations if that isn't too overwhelming for you.
     
  9. heiny

    heiny Regular Member

    Joined:
    Dec 5, 2008
    Messages:
    227
    Likes Received:
    103
    Have new registered members approved. Also if you want to go more extreme ban emails created with hotmail, gmail or any other free service.

    Approve of messages written on the forum...

    The guy is just increasing ur workload by an hour a day unfortunately. Sucks though
     
  10. steveinsg

    steveinsg Newbie

    Joined:
    Aug 5, 2008
    Messages:
    47
    Likes Received:
    19
    Some people have far too much freetime it seems, ... or perhaps are just unemployable, mentally unstable, and on medication.

    I go with the moderate the first few posts option, keep hold of the IP addresses he uses, and if you find one that belongs to an ISP, email them, ... then ring them up and follow through over the phone to ensure (s)he gets investigated.

    Good luck - and don't let it ruin your day.
     
  11. Grizzy

    Grizzy Senior Member

    Joined:
    Nov 11, 2008
    Messages:
    919
    Likes Received:
    999
    Don't you have his real IP address from the first time you banned him? At the very least, the constant racist spamming will be enough to get his ISP's attention.

    You could also contact the HIS local authorities and let them know that someone in their jurisdiction is making death threats against you (that's pretty serious business). Hand his IP over to them, this is a criminal matter now..

    There are a several different things you can do to try to block his proxies, some of them are easy to implement, some are more complex, but none are 100% effective really. It's easier just to sick his ISP / local police on him IMO.
     
    • Thanks Thanks x 1
  12. shudogg

    shudogg Regular Member

    Joined:
    Sep 23, 2008
    Messages:
    412
    Likes Received:
    153
    Occupation:
    Internet Marketing
    Location:
    Indiana
    Home Page:
    Lol, I am sure the boys in blue or his ISP shutting off his internet will get him to leave you alone. :D

    His internet gets terminated. He calls them.
    Him: What is going on
    ISP: You are a douchebag. Violated our TOS by spamming and racist comments on the internet. Your account has been terminated.
    Him: fuck, guess I won't bother insertsitehere.com anymore.

    Apache has a way of rejecting connections via proxies. Your hosting company might be able to do this for you if you are on your own server. Below that is just the plugins for your forum script. I had/have one that will show their real IP even when using a proxy for the vBulletin registration page and when they make a post. I think if it determines they are using a proxy buy can't look through to see the IP, it won't let them register.

    The best solution, the apache mod to block proxies from your server completely. If you can't do that, then just install a vbulletin plugin for proxies like I mentioned AND moderate the first few posts of new members.

    Don't moderate all signups, thats too much overhead and people may not come back if they can't access the forum right away. Just moderate the first few posts, and he will give up.

    If he keeps going around it, pull up every IP you have for him and find his real IP (more than likely his original one he used on the first account). Run a lookup on his IP and find out his ISP and location. Call them up, report him. Ensure you keep all logs of his accounts. Don't delete them, just ban them. It may be wise to keep his posts around too so you can PROVE he said the threats. Without that, there is no support in your claim.

    To keep his threats, this is what you can do. Create a forum that is hidden to the public. Like only admins can see it. Every one of his bad posts, move them to that forum instead of deleting them. I think also there is a plugin to hide banned members from the members list so people can't find his name and see his posts. (not that they would dig through the members list). That way when the ISP wants proof, you still have ALL of his posts/threats/racist comments. Timestamped and his account name for each one. You still have all his accounts, emails, ips for each one.

    Other security you should have in general is, do not let other members email other members. Lower the number of people they can send a PM to at once, and raise the length of time they have to wait between each one. Install READPMs plugin for vbulletin. You can then see if he is mass PMing your members using tools/bots.

    Spammers will create an account, bash your forum, send a PM to every member, and an email to every member. So try to limit/cut off any means of mass communication. Normal members shouldn't need to send 1 pm at a time anyways, and shouldn't have an issue waiting 2 minutes between each PM sent.

    I also suggest using recaptcha on the signup form. Not that decaptcher and crap can't solve it, but it stops the simple bots and people who dont pay for captchas to be solved.
     
    • Thanks Thanks x 1
  13. pr0xy

    pr0xy Regular Member

    Joined:
    Mar 23, 2009
    Messages:
    224
    Likes Received:
    94
    Occupation:
    student
    Location:
    chi-city
    Well you can always block his gateway, cause maybe he is just using his dynamic ip privlages, or just use a script that blocks proxies...