[MUD-Dev] Re: Trusting the Client (Re: Laws of Online World Design)

[Steve Sparks]

> 
> [> > = Jon Leonard, > > > = Steve Sparks]
> 
> I think we're discussing this from very different perspectives.  It's clear
> that you're skilled at tracking down troublesome users.  I'm much more
> interested is setting up systems where I don't have to.  As such, I'm
> worried about a hypothetical highly skilled troublemaker, who leaves minimal
> clues.

Its interesting to see how both sides of the issue are related and be so
different. 
 
> It sounds like my hypothetical troublemaker is rare enough that you're not
> that worried about him.  This is good to know!
> 
> [Tracking down a user via dynamic IP]
> > Yea, Automation would be impossible to fix problems like this other than
> > not allowing connections from "problem prone" domains.
> 
> Is this done much commercially?  I'd presume that a commercial service
> would hate to do that, but I could be wrong.  I know it's used as a method
> of last resort on for-free MUDs.


It is not uncommon for someone to turn off a block of addresses when there
is a serious problem. Things like ping floods or denial of service attacks
can prompt this type of action. Actions that involve any type of service
disruption including attempts as accessing a system can also prompt
filtering out networks. Some systems can turn on and off filtering based
on time delays and pre programmed parameters based on the type of problem. 

> 
> Got it.  I'm just not convinced that people always leave tracks.
> 


Your right sometimes it is next to impossible to find the root of the
problem but on the internet you have to come from point A to point B and
someone somewhere is logging at least some of this activity. The hard part
knowing who and what and hoping the person logging the data keeps it
around long enough for you to find it and use it. 

Good Luck with your game!

Steve