# IP Bans - Rational

## Recommended Posts

Have you ever considered the implications of an IP ban and how it actually affects your IP address?

For those of you who study computer architecture and networking will know that an IP address (IPv4) is four bites of data (32-bits):

255.255.255.0

241.198.0.121

What are we being told by the address above? Well, the first three bytes are your network ID, the last byte is your host ID.

How do you know which bytes are network IDs and which are host IDs?

See dat mask? Those 225's are why. I'm keeping it simple so we're brushing over 'sub-netting'.

Basically, if you change those decimal numbers into binary numbers (1's and 0's), the 1's in the IP address will fit snugly in the 1's of the mask address:

255 = 1111 1111

241 = 1111 0001

If we flipped those numbers around, 255 would not fit in 241 because of dem 0's. 1 Does NOT fit into 0, but 0 fits into 1. (Crazy logic, rite?)

Is '255' the highest number allowed for each byte?

Yes, hexadecimal motherfucker. There be 8 bits per byte. (I dug up old thread that still has pic explaining it.)

What is a network?

Simply put: the connection between communicating devices. So a router would establish your network, because you and your family can connect to it.

What is the network ID?

The 'network ID' is a number that identifies your network from the billions of other networks around the world. It's required for routing protocols to have some kind of idea for where those nasty images of busty MILFs need to get sent to. When you order something, the network ID would be equivalent to the home address delivery information found on the package.

What is the host ID?

Well, when those images finally reach your network, your router needs to figure out with perv to deliver them to. Your special number distinguishes your PC/laptop/smartphone from your brother's/sister's PC/laptop/smartphone. ...And we can all agree it's better that way.

A MAC address is a special little snowflake of a number found on every device that can connect to a network. MAC addresses are printed straight onto PC/laptops/smartphones whilst in the factory.

Nowadays, it's common for routers to come pre-built with switches, and your router has a nice table of IP addresses and associated MAC addresses. When you connect to a network, your router takes stock of what MAC address is accessing the network and then assigns a random IP address to it.

When the router wants to send those busty MILF pics to your PC, it has to go through a 'switch'. A switch is a box that has ports and a table that takes stock of which MAC address is using which port. (I'm talking about devices wired to the network, Wi-Fi devices are strong and independent and don't need no switch.)

So when my IP gets flagged...

It's your network ID that's flagged. This just means that when you login to RuneScape from the same network, Jagex is already going to throw a bot-watch your way, because it's likely you're going to bot again.

The reason why Jagex doesn't just ban every IP on that network is because that network could be a school/uni network, or an apartment network, or even a MC Donald's Wi-Fi network. Simply put; if they banned every user on the network, a lot of legit players might also get banned. However, since the network ID is flagged, those legit accounts would be subject to bot-watch.

Also It may be likely that a flag on an IP address may expire. Well let's say Jagex bans one of your accounts on your home network, thereafter you play RuneScape and never botting once. Who's to say Jagex will continue watching you? It'd probably take a few months or so, but if you're given the all clear, then it would be cost effective for the monitoring to stop. Just economics. But of course the opposite to this is: more bans = more watching.

But it may also be likely that Jagex might ban an entire network ID. Consider goldfarmers; if accounts are systematically being watched and banned, all connecting from the same network, they could conclude that said network is simply being used for goldfarming and save time just by completely banning that network. However, then they have to weigh the possibility that the network is a VPN/Proxy that legit users may (though most likely not) use.

So how can I change my IP address?

Unless you're assigned dynamic IP addresses via your ISP, you'd need to contact them and request for them to change it. But that does mean that there's now a valid network ID, no longer being used, that has been marked as 'flagged' on Jagex's system. So this again supports my earlier statement about the expiration of bot-watch.

What about VPN's -- are they safe?

Well... That really comes down to how business-driven they are. If they're looking to keep you anonymous, then sure, otherwise if their business is to strictly sell you unique network IDs, then no, and this is because:

1. There are different classes of IP addressed, as VPN's (I would suspect) use Class B addresses.
2. VPN's would have to reserve network IDs, and it's the ISP who generates and assigns IP addresses, thus, network IDs.

• Class A has 1 byte for network ID, 3 bytes for host IDs. Not usable on the net, but very good for very, very, very, very large businesses. (16,277,214 host spots available -- every single one of them can be used for every PC/laptop/smartphone/printer/etc...)
• Class B has 2 bytes for network ID and 2 bytes for host IDs. Usable on the net, and can hold up to 65,534 hosts.
• Class C has 3 bytes for network ID and 1 byte for host ID. This allows for 254 hosts, and is the standard IP address doled out.

A money-hungry VPN would most likely subnet a Class B address because they can have more hosts than Class C, meaning more VPN users per IP address being used. This is bad because:

• It would be assumed that most players in RuneScape running on Class B addresses are probably goldfamers, since Class C is the standard.
• Switching between Class B and Class C addresses would be very, very suspicious.
• If the network ID for a class B address is flagged, every bot using that VPN is fucked.

If the proxy/VPN uses Class C addresses, however, you're more likely to be better secured, since the VPN would need to reserve more IP addresses for their ISP. It'd likely cost more to reserve Class C addresses, which is why I doubt they do. Read this for the different costs.

Why ISP chose costly static IP addresses over free dynamic ones?

Well they're not really free, but when you buy the internet, you get given an IP address. I suppose it's only 'dynamic' because it's just randomised each time. But static IP addresses have the following benefits:

• Security of having an IP address available to work with. (This is a problem for IPv4)
• IP address may be recognised as one being used by a VPN.
• Consistency for other private networks to set up their routing protocols to work with the static IP.

[PROBABLY NOT DONE EDITING -- TAKING A BREAK AND MAKING SURE I DON'T LOSE THIS]

[ALSO IF I'M TALKING CRAP, CALL ME ON MY BS, CUS NETWORKING ISN'T MY STRONGEST OF SUITS]

Edited by liverare
##### Share on other sites

If anyones curious about how 11111111 is 255, from right to left

as in you'd start from 11111111<-- that one

it goes:

1,2,4,8,16,32,64,128

Just in case anyone was curious.

Edited by twin 763
##### Share on other sites

If anyones curious about how 11111111 is 255, from right to left

as in you'd start from 11111111<-- that one

it goes:

1,2,4,8,16,32,64,128

Just in case anyone was curious.

sorry but this is one of the worst explanations of binary ever

##### Share on other sites

sorry but this is one of the worst explanations of binary ever

Yeah I read that over and thought it sounded really dumb, but whatever. Was just trying to show how it got to 255 :p because i'm sure just looking at that people would have no clue how 1111 1111 is 255.

##### Share on other sites

• (16,277,214 host spots available -- every single one of them can be used for every PC/laptop/smartphone/printer/etc...)
• Class B has 2 bytes for network ID and 2 bytes for host IDs. Usable on the net, and can hold up to 65,534 hosts.
• Class C has 3 bytes for network ID and 1 byte for host ID. This allows for 254 hosts, and is the standard IP address doled out.

I think you might have your view on binary applications in hardware slightly skewed.

You can store from 0 to (2^(#bits))-1 in a value that is #bits wide.

You are subtracting 2 for some reason every time you do a calculation. I didnt really read everything but I noticed you repeatedly did this.

For example, an 8 bit number can be from 0 to 255, not 0 to 254, same with 16 bit, 32 bit etc.

This is of course, assuming an unsigned value, which in the scope of what you are talking about, they are unsigned.

##### Share on other sites

Can't be that hard of a job copying 95% of your thread, that you have to take a break.

##### Share on other sites

I think you might have your view on binary applications in hardware slightly skewed.

You can store from 0 to (2^(#bits))-1 in a value that is #bits wide.

You are subtracting 2 for some reason every time you do a calculation. I didnt really read everything but I noticed you repeatedly did this.

For example, an 8 bit number can be from 0 to 255, not 0 to 254, same with 16 bit, 32 bit etc.

This is of course, assuming an unsigned value, which in the scope of what you are talking about, they are unsigned.

Oh forgot to mention that, yes, you have to subtract 2.

Basically:

127.0.0.0 and 127.0.0.255 are not usable. 127.0.0.0 = host group (or something to that effect), 127.0.0.255 = broadcast domain. The figure increases with the inclusion of more subnets.

Can't be that hard of a job copying 95% of your thread, that you have to take a break.

The tool you were using to check for plagerism checks against Google crawl bots that scour almost every forum. You can see them operating sometimes; they have non-linkable usernames. It states later down that those 'plagiarised texts' can be clicked:

"They are also links … feel free to click on any red lines and see the original source for your records. When the test is done, you’ll also be given an exact percentage that tells you how original or unique your article is."

Edited by liverare
##### Share on other sites

Oh forgot to mention that, yes, you have to subtract 2.

Basically:

127.0.0.0 and 127.0.0.255 are not usable. 127.0.0.0 = host group (or something to that effect), 127.0.0.255 = broadcast domain. The figure increases with the inclusion of more subnets.

The tool you were using to check for plagerism checks against Google crawl bots that scour almost every forum. You can see them operating sometimes; they have non-linkable usernames. It states later down that those 'plagiarised texts' can be clicked:

"They are also links … feel free to click on any red lines and see the original source for your records. When the test is done, you’ll also be given an exact percentage that tells you how original or unique your article is."

For the scope of your text I would say yes, generally you dont use those two addresses. ^_^

## Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

×   Pasted as rich text.   Paste as plain text instead

Only 75 emoji are allowed.