Banwave 10-11-2016 Discussion

Can you explain me what is trip wire?

 

I bought another account, you guys think its safe again use HB to questing?

 

Nothing is safe anymore, don't bot if you can't get over a ban, which will come sooner or later.

 

I got nailed on two accounts during ban wave but a third just got banned today for botting and i have no bots installed on my computer...

 

My main account its ok, but this is for my farm account, i know this account will be banned, but i dont want it happens sooner kkkkk

 

Soap just got hit now.

 

was your third account botting and/or around before the ban wave or did you just buy a new account after the banwave was over?

 

I don't believe half the crap conspiracy theories out there about brand new accounts being banned from having same IP as previous bots unless it is under extreme circumstances that warrant close monitoring (massive 25 bot farmer selling hundreds of millions of gold). Most of us here have been through a handful of banwaves and the ones who are still here immediately just started new accounts and caught back up in no time. I keep a clean account just to have access to all the guild gold/resources. I have been caught in every banwave in the last 2-3 years and my clean account played on the same computer/IP as multiple banned bots has never been touched. This is probably not the "smartest" thing, but I play on my clean account WHILE multiple bots are running side by side with no VM's, VPN's, or anything.

I am playing an account right now that was released from the last banwave, immediately after this one just happened (Obviously I am at HIGH risk of botting again, yet this account is still fine). So again, except for extreme circumstances that warrant Blizz closely watching your every move, all the evidence I see and all my personal evidence points to casual botters who level alts, grind WQ's, etc, are very unlikely to be watched one on one like a hawk and get brand new accounts banned before ever even successfully logging in. Blizz openly stated that while they will not lift your current ban, you are more than welcome to make a new account (under the same email, computer, and IP).

TLDR; if you're a casual botter, I wouldn't believe half the crap about buying new accounts and getting insta-banned before even logging into the game and other things people are posting that just don't make sense or have evidence.

 

<My 2cents>
The financial year is about to close, we are on the last trimester.
I wont be surprised if all this huge perpetual banwave magically stops once we hit the new year.
Not telling that no more banwave will occur, but not with this frequency.
</My 2cents>

 

Thank you for your response, but i do not think you understand networking.

First of all, there is a reason i mentioned NAT, and i was not at all talking about an internal subnet.

My example of 1000 users needing 4000 subnets from the ISP, has nothing to do with the internal network of a household.

The smallest possible subnet in a class C network, is 4. 2 useable IPs, 1 network ID, 1 broadcast address, and 2 useable host addresses. Each subnet, represents a network, each network must be advertised through a routing protocol, such as ospf, EIGRP, or most likely IS-IS.

A network with a lot of smaller networks will result in packet congestion casaused by network advertisements, in order for a packet to reach a network, the rest of the network must know of all networks, which is done through advertisements.

Now everytime maintenance is done on a network, which can probably happen once a month, maybe once every 2 months during night hours, your router will reboot or be down for an hour or more, this actually happens very frequently, but as it is done late at night or early in the morning, very few people realise. When this happens, dynamic IPs are often returned to the pool, without you knowing resulting in a changed public IP.

Blizzard serves millions of users across the world, implementing an IP flagging system would result if tenths of thousands, if not hundreds of thousands of flags, every single week simply because IPs are recycled in the pools. This is a very ineffective detection system, when they can simply do software detection like they have the past 4 HB banwaves, and catch all HBs without using some ineffective IP flagging system, that would only cause a much higher workflow.

 

yep, Ip flagging when they have software detection going on is absolutely useless, that's a clear fact. That's the current situation, at least that's what it sounds like.

So, let's get back to a possible situation where , due to the lack of an easier detection method, IP do matter.

Why would a billion dollar company use IP flagging without considering Computer ID at the same time?
Well, of course they don't.
But when a computer is found using bots in a certain IP at a given time, they do inspect all the concurrent clients using that same IP at that moment. When they found all of them are using bots, they ban them all. When they find a big enough amount are using bots and a few don't, under specific circumstances they do ban ALL accounts, even those not being attached to the bot at that time, or without association. That's an IP BAN.

Of course, there are cases when, even just the IP serves as an indicator. Nobody really know their procedures, but if botting is found in the same IP several times, that would be a clear indicator of a static botting IP( or non-dinamic enough, which do also happens often-certain ISP only change IPs on a 2+ month basis) . Or a VPN Ip.

TLDR, No one is saying Blizzard flags botting IPs without considering another factors like 1) times that Ip has been caught with bots 2) Ip+whatever HWID or GUID they use to ID machines 3) IP+ wow installation Hash. That would be ineffective, as you mention.

But what would be extremely ineffective is not using the resources at their disposal to reduce the amount of IP's to be investigated. And that's where IP flagging does shine. Even in the worst circumstance, it would be more effective checking Known-offender IP's than checking the whole IP pool, wouldn't it?

 

So do you think a VPN would help?

 

The glory days of honorbuddy is long over. Most of the combat routine developers have left. That section is really dead. Most of the original group has left. It is safe to say that this program is DETECTED. may it rip a slow death.

 

You have no idea wtf you're talking about. The users who bot on their main are simply retarded, and that isn't even what comprises most of the bot population. People running bot farms are what make it up. And those people are happy to see banwaves, myself included. Less bots, more gold to be made, and covering the investment is done in less than 5 days usually. So no, HB is not dead, and won't be dead for a long time. It will however be less used by noobs on their mains, which frankly is also great, because a portion of those will resort to botters for gold. WIN-WIN-WIN

 

Under current circumstances, not on the slightest.

"Current circumstances" assume that the latest banwave was due to process detection, which seems to be the current consensus.

Perhaps the "little changes made to tripwire" do help. But that is a matter of opinion, since they can't or won't provide more information. What we know is that nothing real was found , just theories. And the "little changes" paragraph sounds too advertising to me.

 

LMAO at wanna be pimp....

Boy you are the clueless one with your stupid IP Banning and Blacklisting crap that was displaced a million years ago. Taking individual tools that they have and making them seem like it's a god tool when it only plays a minor role.

And yes when you start looking for multiple accounts not directly caught by a detection yeah all things come into play even your friend the IP address but so does mac address and pattern analysis and a plethora of other things.

I am going to stop arguing with you because it's not wise to argue with a idiot because he will bring you down to his stupid level and beat you with experience.

And yes please make your head explode cause you will become smarter instantly!!

Demon out!!

 

VPN has it's uses Dr but it's not going to save you from a banwave if your account is detected. It might prevent them linking two accounts together where one account was detected and the other not which does happen especially when you are playing one account (Main) and botting to support or make money.

I have used VPN to protect my guild bank and it's guild master from being linked especially during a ban wave. I also have a few fail safes in place with the guild bank such as a rogue account which is a high enough member of the guild. I have friends who are in my guild and we do dungeons from time to time and I have toons in their guilds also for doing raids and I play my toons to keep it looking real.

Admittedly I am not a VPN master as others have a bit more experience there than I do. There maybe more creative ways to use VPNs that I have not dived into. There are many tricks out there I am sure but I can say that as for detection if you are detected you are basically screwed. Once they investigate the account they will find what they are looking for.

 

VPN have only 1 use.

Inbetween banwaves, you may get banned from player reports, you can often appeal these bans and get them overturned if you can convince them that you were hacked.

During banwaves, which is what is killing HB atm, a vpn is absolutely useless, the bot is software detected, they know 100% that the account ran botting software over an extended period of time, they aint gonna negotiate with you, which is why everyone that tries to appeal these banwaves, fail.

 

Now all of a suddenly you say I am right. And then you start spouting crap you know nothing, like usual . MAC address. Omg. Routing is done on IP level, kid. Mac address don't go beyond your ethernet or wireless. /facepalm

You should have stopped talking sooner. Not even you dare to talk about VPN's. You don't know about anything.

I'm done with you for good. But anyone listening to any word you write will notice you are just the latest lamer know-nothing fanboy. Good riddance, we will all be here long after you are gone.

 

MAC addresses CAN be used (in non-standard ways) to uniquely identify a machine...

Just trying to stop a war before it starts...

The MAC address was designed for use in packet transport headers. MAC addresses in transport headers are replaced each time the packet changes networks [size=-2](e.g., leaves your LAN headed to the ISP)[/size]. So, Pimpampum is right in that the MAC addresses never 'escape' from your local network when used in transport headers.

However, there is nothing to prevent a program from capturing your machine's MAC address(es), wrapping it up in a data packet, and sending it to a server. Doing such a thing pretty much makes your machine 'uniquely identifiable'. [size=-2](We're not saying Bliz does this, but it is certainly possible for them to do this.)[/size]


MAC addresses are assigned by the manufacturer [size=-2](from a range specified for that manufacturer by the IEEE)[/size], and are universally unique [size=-2](for all time and space)[/size] to the ethernet adapter--whether it be Wifi or hard-wired. There are exceptions that can break the 'universally unique' contraint:

• It is possible for devices to spoof a MAC address.
  You see this feature present on many routers.
• There are programs that allow users to alter a machine's MAC address.
  This is just another form of spoofing.
• VPNs and VMs will use a synthesized MAC address.

So in practice, the 'MAC address universal uniqueness' is not strictly true, but is a very reasonable assumption. Local 'uniqueness' must be guaranteed for you to have a functional network. So, at least on your local LAN, each MAC address—whether it be hardware-based, spoofed, or synthesized—must be unique.

'Clever' programs running on your machine can weed out all the synthesized and spoofed MAC addresses used by your box, and obtain the [size=-2](one or more)[/size] real, hardware-assigned MAC address. Keep in mind that if your machine is using a spoofed/synthesized MAC address, then you must have at least one hardware MAC address available. Most modern machines have at least two hardware MAC addresses—one for the wireless 802.11 adapter, and one for a wired 802.3 adapter. Most modern machines also have a Bluetooth 802.15 adapter.

It is these hardware-based MAC addresses that will be of interest to a 'clever' program—since they are guaranteed to be universally unique. Any one of these hardware-based MAC addresses can uniquely identify your machine. And, modern machines typically provide two or three to pick from. So, even if you've spoofed or synthesized a MAC address, it will be meaningless in the presence of a 'clever' program. And 'yes', there are techniques for obtaining this information that work even in the presence of VMs.


So in summary, both of you are correct...
Pimpampum is correct if the MAC address is used solely as it was designed to be used.
Demondog70 is correct if the MAC address is used in 'other ways'.

We are not addressing the 'bigger picture' here of whether this is actually done or not. Its just technically possible to use a MAC address to uniquely identify a machine.

Let's not get into a battle.

cheers,
chinajade