How does a ban recognize you?

harryhood

macrumors regular
Original poster
Mar 15, 2006
236
0
I got banned from a website a long time ago. I have the same computer I was using, but as of now, I live in a different state and have a new ISP obviously. I signed up for this website then was banned again shortly after, they still recognized me as the old user..

How is this possible? Any way to get around this?

Other than ISP address, email address, username, what else could they recognize you by?

hmm
 

harryhood

macrumors regular
Original poster
Mar 15, 2006
236
0
So I would need to change my MAC address and my IP address? Thats the only way you can be recognized?
 

0098386

Suspended
Jan 18, 2005
21,553
2,886
I've got around bans, Rapidshare limits etc just by rebooting my router.
 

harryhood

macrumors regular
Original poster
Mar 15, 2006
236
0
If I wanted to reset EVERYTHING, make all identifiable properties brand new, what would I have to do?

as far as i know at the moment:

router addy
isp addy
mac addy

edit: do you know if torrent clients are recognizable? should i reset anything? i use vuze.
 

yg17

macrumors G5
Aug 1, 2004
14,888
2,480
St. Louis, MO
A website can't, but network forensic tools can.
No it cannot. The source MAC address on a packet is changed each time it goes through a router, because the router slaps its own MAC address on it as the source, and it's likely going through at least 10 routers somewhere in the world before it reaches its destination server. Even if he isn't using a router at home and plugs directly into his modem, there is no way to determine his MAC address.

It is 100% impossible, even with the most advanced forensics tools, to determine the MAC address of a website visitor's computer.

In short, to answer your question:
If I wanted to reset EVERYTHING, make all identifiable properties brand new, what would I have to do?

as far as i know at the moment:

router addy
isp addy
mac addy

edit: do you know if torrent clients are recognizable? should i reset anything? i use vuze.
You do not need to change your MAC address.

And I'm not sure what sort of site banned you, but if it's a forum, it's possibly behavioral. I've administered a few forums, and troublesome members who come back may change their email address, etc, but you recognize the same pattern of behavior pretty quickly and get suspicious.
 

snberk103

macrumors 603
Oct 22, 2007
5,484
87
An Island in the Salish Sea
Lets check the easy things first.

1) Are you using the same email address? I know its kinda obvious, but....

2) Look for a cookie in your cookies folder. Move your cookies folder somewhere the browser can't find it, and then try the website again. If your ban is miraculously lifted, look for a cookie that identifies you to the website. If you are still banned, then its something more complicated.


PS Oh, and don't get yourself banned again. I'd hate to think I was helping someone do something that they shouldn't be doing in the first place. Makes me an accessory, eh? :)
 

dukebound85

macrumors P6
Jul 17, 2005
18,055
1,183
5045 feet above sea level
No it cannot. The source MAC address on a packet is changed each time it goes through a router, because the router slaps its own MAC address on it as the source, and it's likely going through at least 10 routers somewhere in the world before it reaches its destination server. Even if he isn't using a router at home and plugs directly into his modem, there is no way to determine his MAC address.

It is 100% impossible, even with the most advanced forensics tools, to determine the MAC address of a website visitor's computer.

In short, to answer your question:


You do not need to change your MAC address.

And I'm not sure what sort of site banned you, but if it's a forum, it's possibly behavioral. I've administered a few forums, and troublesome members who come back may change their email address, etc, but you recognize the same pattern of behavior pretty quickly and get suspicious.
Care to explain how Sony can permanently ban ps3's by thier MAC address? rendering the device useless online? They go through alot of rounters too to get to the final destination
 

bobfitz14

macrumors 65816
Oct 14, 2008
1,266
2
Massachusetts
Lets check the easy things first.
1) Are you using the same email address? I know its kinda obvious, but....
[...]
honestly that's what i was thinking as well. like when you sign up for an account and it asks for name/email and whatnot (depends on the site) if you used your same info and it just recognized you as the same person that way...haha i don't know about you guys but it makes sense to me
 

yg17

macrumors G5
Aug 1, 2004
14,888
2,480
St. Louis, MO
Care to explain how Sony can permanently ban ps3's by thier MAC address? rendering the device useless online? They go through alot of rounters too to get to the final destination
Sure. Easy. Sony has their own proprietary protocol. When the PS3 comes online, it sends a message to Sony that says "My MAC is blah. Am I banned?" And Sony will reply back and say if it is or isn't. And if you do something on your PS3 to get banned, it will send a message to Sony saying "My MAC is blah. Ban me for I have done something stupid"

That is all in the data portion of the packet, what is commonly referred to as a payload. You can put whatever the hell you want in a payload packet and it won't be changed en route to the destination (hopefully, if it is, there's a huge security breach somewhere, but that's another subject).

HTTP, the protocol used for web browsing, and TBH, just about every other protocol out there, does not include MAC addresses in the payload. There are sections in the packet for source and destination MACs, and those are what's changed each time it goes through a router.

Here's basically what a packet looks like visualized:

The only part of the packet that is untouched is what's inside the blue box (and the green box, encapsulated in the IP segment of the packet). The stuff outside the blue box is changed each hop.

When you first send a request, the source MAC is your local computer, and the destination MAC is your router. Your router will then replace the source with its MAC and the destination of the MAC with your modem (or not, if you have an all in one). Then your modem's MAC becomes the source, and your ISP's router becomes the destination. Basically, each router puts its MAC in the source and the next router's MAC in the destination as it makes its way across the internet. By the time it reaches the destination server, the packet's source MAC is their local router.

Sony sends the PS3's MAC address inside the data segment since it's a specific message querying if a MAC is banned. HTTP does not send the MAC along with the request.
 

Matthew Yohe

macrumors 68020
Oct 12, 2006
2,198
129
A website can't, but network forensic tools can.

Yeah, a fairly unknown and obscure network forensic tool called ARP...

Also, no you cannot determine the MAC address of a machine outside of your local network. It doesn't work that way. Local link only.


harryhood: Who knows how they're doing it. You setup a new email address for this new account?
 

harryhood

macrumors regular
Original poster
Mar 15, 2006
236
0
I am not using the same username or email address.

So I need to erase all my cookies - done.

I think I'm using the same router that I was using when I was most likely banned, So I'm sure I need to reset that.

Then what and how do I need to do next to make sure I am completely unidentifiable?
 

Matthew Yohe

macrumors 68020
Oct 12, 2006
2,198
129
I am not using the same username or email address.

So I need to erase all my cookies - done.

Then what and how do I need to do next to make sure I am completely unidentifiable?
Wait, are you signing up for a torrent website? Are they actually banning you or just your torrent client? Because that's different than being banned from their site.

Also, if they ban your account because you were previously banned, isn't it common on these sites to go back up the tree of invites and ban who handed out an invite to you? Or is this just an open signup site?
 

t0mat0

macrumors 603
Aug 29, 2006
5,425
263
Home
You were "banned again shortly after" i.e. there was a period when you'd got a new account, and it was using.
Begs the question of what was the website... Behavioural could easily be the clue - you leave comments, use the forum etc of the website?
If it was a torrenting site, maybe you had a certain MO or fist?
 

steve2112

macrumors 68040
Feb 20, 2009
3,023
6
East of Lyra, Northwest of Pegasus
The site may be using Flash cookies. These things are annoying. They stick around for a long time, and they are not deleted when you use the normal cookie deletion options in your browser. Check out this article on them. It also lists some ways to delete them. I found it amusing that Wired talks about how bad they can be, then has a disclaimer at the bottom that wired.com uses Flash cookies. :)


http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/
 

snberk103

macrumors 603
Oct 22, 2007
5,484
87
An Island in the Salish Sea
The site may be using Flash cookies. These things are annoying. They stick around for a long time, and they are not deleted when you use the normal cookie deletion options in your browser. Check out this article on them. It also lists some ways to delete them. I found it amusing that Wired talks about how bad they can be, then has a disclaimer at the bottom that wired.com uses Flash cookies. :)


http://www.wired.com/epicenter/2009/08/you-deleted-your-cookies-think-again/
Sneaky SOBs.... thanks!
 

Ttownbeast

macrumors 65816
May 10, 2009
1,135
0
No, a website cannot determine your MAC address.
Depends on the tools the web host offers to it's clients--it is possible to ban a machine based on a mac address.

If you erase and reinstall an OS on an existing ISP account they gotcha
if you get a new computer on an existing ISP account they gotcha
If you get a new ISP with your old machine they gotcha.

New machine new ISP? you might stand a chance.