preventing proxy-abusing trolls from spammng servers?

Hey people, myself and a small handful of people have been trying to deal with this problem but haven't been as successful as I'd like.

For the last 3-4 months, some lowlife(s) have been trolling the Doomshack Zandronum server cluster quite religiously. Doesn't matter the time of day, these losers watch like hawks until someone joins, then they immediately follow with fake (or more often, impersonating) usernames and begin spamming all kinds of vulgarities non stop. They've somehow modified their clients to ignore the spam block timer that Zand (and other cs ports) have.

We can ban their IPs, but not 10 seconds later, they generate brand new IPs and reconnect and do the same old shit until the server is totally cleared out. They watch my cluster in particular and there isn't a time of day where they won't strike - clearly they have no lives, no jobs and no friends. Those assisting me are 99% sure this is Shogun/Shadowfox's doing.

Anyone have any ideas at all? Will ask at Zand soon too. Any help is greatly appreciated, I don't want to take Down the Zand cluster just because of a few stray retards. Thanks!

When you say brand new IPs I assume you mean not even in the same IP range? You might really be in a tough spot if that's the case.

Since I'm not too familiar with Zandronum I can only offer ZDaemon-way suggestions of solving this.

There's a command in ZD that lets you chatblock someone. You could maybe put an instruction in MOTD if there's a similar command available in Zandronum. In ZD there are also ways to check for spam even if the built-in spamcheck isn't enough if you're knowledgeable about setting up stuff like that. (I'm not actually privy to how it works exactly but I witnessed it in action.) Maybe it's possible to configure something similar in Zandro. Finally, if you had the help of Zandronum admins they could find out some additional info about the modified client and connections and would be possibly able to block them more effectively.

Thanks for the info, KD - Hopefully Zand has similar features in place. On a side note I'm happy to say the ZD and Oda clusters haven't been targeted so I still have a means of playing online, but having a whole port essentially blocked from use sucks arse. Much appreciated!

I had/have this problem also where they would join and often change the round time to 1 minute. I ended up making a wrapper that checks their IP against http://getipintel.net and check for certain callvote/chat messages and kick them. I really need to get around to finishing it

Why does Zandronum even allow changing your username, EVEN if it's an exact duplicate of an already existing one? I can't think of a better recipe for a trolling disaster.

Because we aren't a maximum security prison with an account system (we have none), and zandronum 3.0 fixed that second part.

I wrote a small utility that detects and bans proxies. It parses Zandronum logfiles for IP addresses of connecting players, and if it the score is high enough it adds their IP to a Zandronum banlist with a message of your choice.

https://github.com/AlexMax/zanproxy

I have been using it for many months on FUNCRUSHER with a reasonable amount of success. As a bonus, it is a great source of entertainment to see troublemakers keep trying to connect to the server only for the proxy detector to immediately toss them out again.

Crispy is working on converting that for our servers, thanks a ton for making it in the first place Alex.