Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Site Notices
1/25/2018 7:38:29 AM
Posted: 1/31/2006 2:28:20 PM EST
[Last Edit: 1/31/2006 3:03:57 PM EST by TREETOP]
... There is the appearance it was done for no reasons relating to the CoC

... Thanks in advance
Link Posted: 1/31/2006 2:58:02 PM EST
Man, he's about the nicest guy around. Do you have a link to the post in question?
Link Posted: 1/31/2006 3:07:14 PM EST
Link Posted: 1/31/2006 3:50:51 PM EST
Hey, Winston.

I appreciate you looking out for me, but my "banning" and subsequent "unbanning" transpired several months ago.

Apparently, in the staff forum, it was claimed I was a troll account for another banned member. Hence, I was banned without any communication from staff. A fellow formite, was gracious enough to ask "why?", and one of the staff here began an inquiry. A few days latter, I was subsequently unbanned. Again no communicaiton from staff.

The one time I asked for some type of an explanation, I was treated rudely, and the reply was dripping with disdain. Even though I have been on this site since 1998, and there was no reason to think I was a troll, staff continued to act like I was and that I should just "get over it". Apparently, in the hunt for troll accounts a little bit of collateral damage is acceptable.
Link Posted: 1/31/2006 4:11:21 PM EST
... my bad, carry on
Link Posted: 1/31/2006 5:17:54 PM EST
Free Joe_Blacke!...

Link Posted: 2/1/2006 5:42:44 PM EST
Link Posted: 2/1/2006 6:42:53 PM EST
[Last Edit: 2/1/2006 6:55:48 PM EST by Joe_Blacke]

As to what transpired in the Staff forum, I can only relate second hand testimony. I don't have access, so I don't know.

As to communication, I received no IM, or email, before my banning. I received no response to my email's asking what happened to get me banned. I received no IM's or emails letting me know my account was unlocked. I only found out that I was unlocked when I was finally able to log back in after a few days. Additionally, I was not the only member whose account got locked by someone without the skills to match IP address.

Most importantly, I was not, am not, nor ever will be some type of troll account. Whomever locked my account was in error. To take the "bullet" meant for someone else was more than a little insulting. To have it rationalized as being a necessity to prevent the spread of troll accounts, without so much as a superficial apology, was downright childish.

Wouldn't you feel a bit insulted if you account got locked for something another member allegedly did? How about if staff refused to communicate with you before, or during the lockout? Would you think it would be too much to ask/expect for staff to say "sorry, we goofed"?
Link Posted: 2/1/2006 7:11:10 PM EST
Link Posted: 2/1/2006 7:46:07 PM EST

Thanks for you insight, and the dialog. I am not asking you to apologize for whomever made the error, but the fact that you are willing to publicly acknowledge that I was not treated properly does mean a great deal.

Before I leave this poor horse alone, I will offer one final thought. I would gladly buy a beer for anyone who can prove that there was an exact IP match between me and a known "troll account". I post from two locations, my home, and my work. In both cases, I utilize NAT for converting an unroutable IP address into a routable public IP. For anyone to use the public IP of my work, they not only have to work for the same corporation, but utilize the same proxy (we have at least 12), and public firewall interface which is chosen dynamically based on internal network conditions. Odd's are not likely.

That pretty much leaves my home as the only viable option. Since I use a broadband provider, my public interface is a DHCP client, which means I lease a public IP address. Typically my public interface updates every 24 hours, and always renews the same IP from the DHCP server provided I haven't shut off my firewall. Effective lease of a single IP address usually lasts for about two months before I renew something completely new, or my ISP changes the DHCP scope/network ID. Then we also need to look at the chances of me obtaining a new DHCP lease that was previously used by another member. Well, for my DHCP scope, there is a possibility of 2048 IP addresses (subnet mask of results in a binary subnet mask of 11111111.11111111.11111000.00000000 assignable host range is 2 to the 11th power, =2048). Remove one for the gateway, another for the network ID, and a third is lost for the broadcast address. That means that there is a possible 2045 possible addresses. The last subnet ping sweep I ran indicated that there was slightly more than 140 leased addresses out of the 2045 available. Since the DHCP has so many unused IP's within the scope, it is extremely rare for it to issue a client anything but an unused IP. Chances are not good that out of 140ish customers of my ISP, at least one had all of the following apply: a member of this site, a troll account, and leased the EXACT same IP address I had held previously (or would lease soon thereafter).

Since I wasn't the only member here who had the same lockout problem, I'd feel much more confident in surmizing that whomever was doing the log analysis only matched a couple of the octects (out of four), and not the entire IP address, before pulling the trigger. It is very easy to match the first couple of octects (which would denote the network ID's of the provider), than the entire thing, which would require matching both the network ID and the host ID on that particular network.

But, then again, I'm just a lowly security architect who has about a dozen years in the system engineering/network architecture field under my belt. I could be wrong
Link Posted: 2/1/2006 8:02:05 PM EST
Link Posted: 2/2/2006 5:57:30 PM EST
Link Posted: 2/2/2006 6:26:57 PM EST
[Last Edit: 2/2/2006 6:31:23 PM EST by Joe_Blacke]

Originally Posted By VA-gunnut:
I'm about as skilled with the computer stuff as BK, but I did a quick check and over the past several months, you've logged in through over 30 different IPs.

I didn't go and check all of them to see which ones might have matched another members IP, but I would guess it's possible one would of matched.

I wasn't Staff when your account was locked, so it wasn't me that did it.

I'd be willing to bet that at least 20 of those were from the various public interfaces of my employeer. Most of those will register to a gateway located in either San Francisco, Minneapolis, Tempe, and Des Moines. While at work, I can only choose my proxy. The actual public interface of the gateway is chosen based on network load balancing. I might have my traffic filtered through a proxy in Tempe, but my actuall connection to the internet is routed across an OC48 connection into Minnepolis, where it is put onto the 'net.

I am only aware of one other member of this site who worked for my employer in AZ. I don't think Guzzler has posted here since 2002. He wasn't a troll either. I can assure you that none of the "banned" members worked for my employer.

The chances that at one point in time, me and a possible "troll account" leased the same IP from my broadband provider at home are very slim. To have that happen you will need: two users who have the same ISP (not too hard); both users are in the same geographic area (a bit more difficult); members of AR15.com (getting unlikely at this point); the alternate member is also a troll account (this would require a statistical analysis of the number of AZ members and a ratio to banned accounts/trolls, matched against the ISP range); on the same network subnet of the ISP; and and IP lease/renew situation that requires fantastic timing in regards to me shutting down my firewall until my lease expires, and the DHCP server leases a previously used IP rather than something that has never been assigned before (better odds could be found playing the lottery).

Now, I'm not interested in giving a dissertation on the finer aspects of subnetting an IP network, but rest assured that my ISP can utilize over 100,000 public facing IP addresses. An IPv4 address is 4 octets (32 bits) written in dotted decimal notation to represent a 4 binary octets. In binary, an IP address looks something like 11101101.00101101.11011101.00111011. Part of an IP address lists the network ID, and the last part of an IP address provides the host ID on the previously identified network segment. In my particular case, the network portion of the IP is the "11101101.00101101.11011" . The host portion is the last 11 numbers: "101.00111011" In the host assignable range, the DHCP server can assign any number from 100.00000000 to 111.11111111 (2048 total numbers. You have to know binary to decimal conversion to understant it, but if you typed the "100.00000000" into a scientific calcular on a binary setting and asked for a decimal conversion you would get 2048). That is 2048 possible IP addresses for a single network ID, or subnet. In other words, if it just so happened that the stars were alligned in such a way as to have me, and another member here who is a troll account, to use the same ISP, and the same network segment of the ISP, the odds of us using the same IP address is 1:2048. And that's only assuming we are on the same physical segment, which would take an astronomical ammount of luck.

Now, it is MUCH easier to match the first 21 bits of two know IP addresses. The odds of matching ALL 32 bits, when doing a statistical analysis, is about the same of winning the lottery on the same day you got struck by lighting while wearing a tu-tu.
Link Posted: 2/2/2006 6:41:16 PM EST
Link Posted: 2/2/2006 6:55:50 PM EST
Link Posted: 2/3/2006 3:09:12 AM EST

Originally Posted By thebeekeeper1:

Originally Posted By Joe_Blacke:

Thanks to W_W for dredging this up months later.

... FO - I apologized in this thread already for the time-frame goof.

... Thank you for coming in the Arizona Forums only stir more shit and defend a bad call. The only reason Joe_Blacke was banned is because you folks had a trigger happy vendetta against anyone that hailed from Arizona - and you damn well know it.

... Don't you have sometime better to do than than to further piss off this community?

Link Posted: 2/3/2006 3:19:31 AM EST
Link Posted: 2/3/2006 3:19:47 AM EST
[Last Edit: 2/3/2006 3:19:47 AM EST by VA-gunnut]
See my post above.
Top Top