I need to contact someone's ISP and let them know I'm tired of deleting posts that this moron make on my guestbook.

This has been going on for almost a year! I've a lot of his information... maybe I should just go to his house and let him know who he's messing with...

My GB text:
http://www.angelfire.com/mo2/cbch21/2/Posts.txt

His IP address:
24.117.25.253

Information I have so far:
http://whois.org/whois.cgi2?d=circusmobile.com

His latest post:

***
Thu May 22 22:07:11 2003
Submitting Host: 24.117.25.253

C: This site Blows!!! May you outta' try selling more then just clocks... you ****'n mudduck
N: Whatever
L: USIDBOIS


The location "L" is a script on my site that tells me approximately where the visitor is from. This matches the one I have on my contact page (the IP address match also).

The email:

The following data was submitted via your form:

VName: Mo Watt's
VEmail: wads24@yahoo.com
VDate: Thu May 22 20:08:37 MDT 2003
VGeog: USIDBOIS
Continent: North America
Country: United States
City_State: Idaho
Comments: Just wanted to let you know that I liked your site... Take care... Keep Dx'ing alive!
Browser: Unknown


It seems like his whole internet live is around Yahoo... email address, and it looks like a YahooDomain name.

Who/How do I contact yahoo about this idiot? :mad: :mad:

Who/How do I contact yahoo about this idiot?
http://add.yahoo.com/fast/help/yahooligans/cgi_feedback
(I'didn't immedeately see anything else)

I don't know what sort of site you have and if you use some scripting, buth i'd set up a blacklist with IP numbers to automatically redirect from your site + add his emailadress to your mailfilter.

Where'd you get this circusmobile.com?

That isn't an ISP.

I ran a trace on the IP Address you specified. The IP address is part of a block owned by CableOne. The person is slightly southeast of Seattle, Washington. There were 10 hops between me and the IP address.

Here is the information on CableOne
Registrant:
Cable One, Inc (CABLEONE3-DOM)
1314 North Third St
Phoenix, AZ 85004
US

Domain Name: CABLEONE.NET

Administrative Contact:
Cable One, Inc (20393810O) phoenix@CABLEONE.NET
Cable One, Inc
1314 North Third St
Phoenix, AZ 85004
US
602-364-6000 fax: 602-364-6014
Technical Contact:
Cable One, Inc. (TE78-ORG) tech@CABLEONE.NET
Cable One, Inc.
1314 N. 3rd Street
Phoenix, AZ 85004
US
602-364-6000 fax: - 602-364-6010

Record expires on 17-Jan-2005.
Record created on 16-Jan-1998.
Database last updated on 25-May-2003 18:58:09 EDT.

Domain servers in listed order:

NS1.CABLEONE.NET 24.116.0.201
NS2.CABLEONE.NET 24.116.0.202


And these CableOne people seem be going though AT&T to access the internet.

How can you guys know all that with only an IP adress??
And how do find the IP adress?

My guess is a whois on the IP, find the ISP from the whois, then do a whois on the ISP

wtf?


and what's a whois?

Using a server-side language you can obtain the IP address of the person viewing the page, so his script just saves it. Just like these forums do. If you noticed in the bottom right-hand corner of every post it says IP: Logged.

Using various programs you can obtain a lot from someone's IP address. The location usually gets fuzzy on the last hop or two because of firewalls and such. For example when I ran www.codingforums.com it loses a location on the 9th hop of 15.

I read where this guy had the same problem...A visitor would come every day and use his tell-a-friend to send the someone a rood email...It went on for about 10 months before he burnt out. The internet attracts some veeeeeeery strange people. :rolleyes:

Originally posted by zoobie
I read where this guy had the same problem...A visitor would come every day and use his tell-a-friend to send the someone a rood email...It went on for about 10 months before he burnt out. The internet attracts some veeeeeeery strange people. :rolleyes:

Very true, some how people get some kind of entertainment out of it. I dunno how they find that humorous.

Besides contacting his ISP, just do what others have already mentioned and filter out his IP and email addresses.

Block his IP from your website using a Server-Side lang

Well, doesn't his IP change everytime he logs on to his ISP? You'd just be chasing a ghost. Surely, there's a better way (and don't call me shirley). :D

Yeah but you could use a wildcard ip block and block anyone from that ip extension. If I got something like this I know that it would be in the possible actions list if the ISP failed to do anything.

Well, doesn't his IP change everytime he logs on to his ISP?

From what i read in his post, it's someone with a static IP. Not everyone has a dynamic IP. It's possible to manipulate your IP so keeping an IP's blacklist is not bulletproof, but it's an easy first step. Everyone that is a bit concerned about denial of service attacks on his webserver will probably check the clients IP and compaire it to the previous requests and set a counter on that, so it's a small effort to check it also against some sort of blacklist.

If he has a dynamic IP, you can only contact the ISP which keeps logs of which customer had which IP at a given time. I know my provider takes these calls (spam, virusses, hacking) very serious and closes an account if it gets more then 1 complaint about a user.

But in this specific case, if he has a static IP, i find it's in the first place the application developpers task to set up the IP check and free his app (or his clients app) from this kind of abuses because it can be done and it is fairly easy. (First install a lock, then call the police --> it's nice to free the internet from these guys, but my first concers would be my (clients) sites)
Just my opinion of course.

Surely, there's a better way
Yes. If you would throw all privacy concerns overboard, and could tempt all processormanufacturers to have a new go at it, then you could possibly identify his processor. (Intel tryed that once with the PIII (i believe they all have a unique identifier)). Then you could have a blacklist of these.
Or you could try to store a cookie on his PC with the sessionID in it, and then build a blacklist of the sessionID's from bad posts (which will give some problems if you use ASP and the application is restarted or if he doesn't accept cookies or uses multiple browsers.)
Or you could simply require the users to log in (cookie-login or loginform). Just like here. And send the initial password through mail and keep a blacklist of mailadresses.

do you have email capabilities on your server. You see you could make a script to detect him and then add a note at the top and have it automatically emailed to his ISP.

scroots