[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bbs



>So they are using a whole bunch of accounts in an effort to conceal their
>identity? And they hope that one of the accounts will be approved 
>for full access to adult material, without the sysop really knowing 
>who they are?

     Yes, the intention is to get one approved without the SYSOP really
knowing who he approves.

>Do you always check the phone number supplied as part of the registration
>process or wait until the user abuses the BBS? It seems that someone
>could simply start taking names out of the phone book if he wanted to 
>conceal who he really is... 

     I used to check phone numbers, now I only check those of users with
strange names or wait until they abuse the system.  The first thing I check
when someone abuses my system is their identity.  If it's fraudulent, I put
the account in the system kill file and they can no longer login.  I use a
pretty good method for allowing access to adult areas.  A consent form must
be filled out and signed.  Then it is mailed to me with a photocopy of the
same person's driver's license (SSN can be blacked out, I'm not concerned
with it).  I file it away and give them access if it looks correct.

     Generally, I detect system abuse pretty soon after it occurs.  Then,
I handle the situation as quickly and efficiently as possible.  The same
user rarely tries it again.  I did voice validate all of my users, but that
got to be tedious, so I just check when something happens.  Many BBS's
require that they be able to call a user back directly before granting
full access.  This would not work over the Internet, a University modem
pool like many were using here, or long distance for the cheap SYSOP.
There are, however, a flurry of programs that perform "automatic call-back
telephone number verification."

Chael Hall

--
Chael Hall
[email protected], [email protected], [email protected]
(317) 285-3648 after 3 pm EST