|
The way vBulletin (and most message boards work) is that when you log in several cookies are created that allow you to maintain session without constantly logging in every time you want to post, for example.
When you log out, those are all deleted to be recreated the next time you log in.
But they don't have to be. They could just be written and left on your computer until some defined expiration date. This is how online advertising networks work. When you visit site A, the cookie is written to your computer and when you later visit site B the cookie is seen and reported back to the advertising network. So they know that you visited both Site A and Site B.
So, you could track a single computer sock puppet by making a persistent cookie.
When they log in as User A:
If cookie-x does not exist, create it including Username A. If it does exist, add Username A to cookie and report to server all Usernames listed in cookie.
Then they log in as User B:
If cookie-x does not exist, create it including Username B. If it does exist, add Username B to cookie and report to server all Usernames listed in cookie.
The result of this is that you would know that User A and User B had logged in from the same physical computer. But your software probably does not have any inbuilt ability to do this and a hack would have to be put together to implement it.
But this wouldn't help if they are posting from different computers as different people or if they can make a legitimate claim that someone in the house is posting as well.
|