About all international matters regarding Wikipedia.org, the free encyclopedia (closed)

Walter Vermeir | 20 Mar 2004 20:29

Picon

Picon

The Proxy blocker; important notice to all Wikipedias

I have discovered there is now a robot active on I believe all 
Wikipedias whit the name "Proxy blocker".

It blocks automaticly all users who are using a open proxy server.

It looks like a action form the English Wikipedia.

This is likely a violation of the blocking policy on most Wikipedias so 
inform your users about this and discuss it.

To trigger the Proxy Blocker go to http://www.publicproxyservers.com and 
  use a "transparent" proxy.

--

-- 
Contact: walter AT wikipedia DOT be

Brion Vibber | 20 Mar 2004 21:27

Picon

Re: The Proxy blocker; important notice to all Wikipedias

On Mar 20, 2004, at 11:29, Walter Vermeir wrote:
> I have discovered there is now a robot active on I believe all 
> Wikipedias whit the name "Proxy blocker".
>
> It blocks automaticly all users who are using a open proxy server.
>
> It looks like a action form the English Wikipedia.

Tim plugged this experimentally into the wiki in response to a massive 
spambot attack a few days ago that worked through open proxies. It's 
not a vigilante robot, but an automated part of the wiki that runs a 
check when a given IP address first makes an edit. (This should have 
been announced; if it wasn't, I hope Tim will remember to do so next 
time.)

Of course if any wikis decide they don't want this, we'll be happy to 
disable it for you.

I should point out that _proxies_ are not a problem, but _open proxies_ 
are often a serious security risk. They are usually simply 
misconfigured, and like open mail relays are taken advantage of by 
spammers and malware to disguise their attack vector. A proxy meant as 
a firewall but left completely open may also allow external attackers 
to get at internal servers which were intended to be better secured.

> This is likely a violation of the blocking policy on most Wikipedias 
> so inform your users about this and discuss it.
>
> To trigger the Proxy Blocker go to http://www.publicproxyservers.com 
> and  use a "transparent" proxy.

(Continue reading)

Brion Vibber | 20 Mar 2004 21:27

Picon

Re: [Intlwiki-l] The Proxy blocker; important notice to all Wikipedias

On Mar 20, 2004, at 11:29, Walter Vermeir wrote:
> I have discovered there is now a robot active on I believe all 
> Wikipedias whit the name "Proxy blocker".
>
> It blocks automaticly all users who are using a open proxy server.
>
> It looks like a action form the English Wikipedia.

Tim plugged this experimentally into the wiki in response to a massive 
spambot attack a few days ago that worked through open proxies. It's 
not a vigilante robot, but an automated part of the wiki that runs a 
check when a given IP address first makes an edit. (This should have 
been announced; if it wasn't, I hope Tim will remember to do so next 
time.)

Of course if any wikis decide they don't want this, we'll be happy to 
disable it for you.

I should point out that _proxies_ are not a problem, but _open proxies_ 
are often a serious security risk. They are usually simply 
misconfigured, and like open mail relays are taken advantage of by 
spammers and malware to disguise their attack vector. A proxy meant as 
a firewall but left completely open may also allow external attackers 
to get at internal servers which were intended to be better secured.

> This is likely a violation of the blocking policy on most Wikipedias 
> so inform your users about this and discuss it.
>
> To trigger the Proxy Blocker go to http://www.publicproxyservers.com 
> and  use a "transparent" proxy.

(Continue reading)

Neil Harris | 21 Mar 2004 23:03

Picon

Re: Re: [Intlwiki-l] The Proxy blocker; important notice to all Wikipedias

Brion Vibber wrote:

> On Mar 20, 2004, at 11:29, Walter Vermeir wrote:
>
>> I have discovered there is now a robot active on I believe all 
>> Wikipedias whit the name "Proxy blocker".
>>
>> It blocks automaticly all users who are using a open proxy server.
>>
>> It looks like a action form the English Wikipedia.
>
>
> Tim plugged this experimentally into the wiki in response to a massive 
> spambot attack a few days ago that worked through open proxies. It's 
> not a vigilante robot, but an automated part of the wiki that runs a 
> check when a given IP address first makes an edit. (This should have 
> been announced; if it wasn't, I hope Tim will remember to do so next 
> time.)
>
> Of course if any wikis decide they don't want this, we'll be happy to 
> disable it for you.
>
> I should point out that _proxies_ are not a problem, but _open 
> proxies_ are often a serious security risk. They are usually simply 
> misconfigured, and like open mail relays are taken advantage of by 
> spammers and malware to disguise their attack vector. A proxy meant as 
> a firewall but left completely open may also allow external attackers 
> to get at internal servers which were intended to be better secured.
>
A suggestion: instead of blocking auto-detected open proxies

(Continue reading)

Timwi | 22 Mar 2004 05:31

Picon

Re: [Intlwiki-l] The Proxy blocker; important notice to all Wikipedias

Neil Harris wrote:

> A suggestion: instead of blocking auto-detected open proxies 
> indefinitely, they should only be blocked for a limited period such as 
> one week. This will mean that they will automatically drop out of the 
> block list if they get fixed, but they will still only need re-testing 
> at most once a week if not fixed. Otherwise, the block list may grow to 
> be very long over time, making it awkward to manage, as almost all the 
> entries on it will be permanently blocked proxies.

Alternative suggestion: Keep the blocks themselves as "indefinite", but 
run an extra cron job in the background which goes through the list of 
IPs that were banned by ProxyBlocker and checks if they are still open 
proxies, and if not, lifts the ban.

This way, you would prevent the following from happening: Suppose 
someone has a list of hundreds of open proxies. They can rotate through 
them, have them all banned in sequence, and by the time they get to the 
last, the ban on the first one will have expired again.

Timwi

Brion Vibber | 22 Mar 2004 07:06

Picon

Re: Re: [Intlwiki-l] The Proxy blocker; important notice to all Wikipedias

On Mar 21, 2004, at 20:31, Timwi wrote:
> Alternative suggestion: Keep the blocks themselves as "indefinite", 
> but run an extra cron job in the background which goes through the 
> list of IPs that were banned by ProxyBlocker and checks if they are 
> still open proxies, and if not, lifts the ban.
>
> This way, you would prevent the following from happening: Suppose 
> someone has a list of hundreds of open proxies. They can rotate 
> through them, have them all banned in sequence, and by the time they 
> get to the last, the ban on the first one will have expired again.

...and it's automatically blocked again when used. What's the problem?

-- brion vibber (brion  <at>  pobox.com)

Timwi | 22 Mar 2004 10:28

Picon

Re: [Intlwiki-l] The Proxy blocker; important notice to all Wikipedias

Brion Vibber wrote:

> On Mar 21, 2004, at 20:31, Timwi wrote:
> 
>> Alternative suggestion: Keep the blocks themselves as "indefinite", 
>> but run an extra cron job in the background which goes through the 
>> list of IPs that were banned by ProxyBlocker and checks if they are 
>> still open proxies, and if not, lifts the ban.
>>
>> This way, you would prevent the following from happening: Suppose 
>> someone has a list of hundreds of open proxies. They can rotate 
>> through them, have them all banned in sequence, and by the time they 
>> get to the last, the ban on the first one will have expired again.
> 
> ...and it's automatically blocked again when used. What's the problem?

OK, maybe I'm not understanding quite right how this ProxyBlocker works. 
Does it actually scan the IP address of all contributors prior to 
accepting an edit? If so, doesn't that slow editing down considerably?

I thought it checked the IP later, so everyone could always make at 
least one edit.

Timwi

Brion Vibber | 21 Mar 2004 23:51

Picon

Re: Re: [Intlwiki-l] The Proxy blocker; important notice to all Wikipedias

On Mar 21, 2004, at 14:03, Neil Harris wrote:
> A suggestion: instead of blocking auto-detected open proxies 
> indefinitely, they should only be blocked for a limited period such as 
> one week. This will mean that they will automatically drop out of the 
> block list if they get fixed, but they will still only need re-testing 
> at most once a week if not fixed. Otherwise, the block list may grow 
> to be very long over time, making it awkward to manage, as almost all 
> the entries on it will be permanently blocked proxies.

Agreed; I'm quite surprised it's listed as indefinite now.

-- brion vibber (brion  <at>  pobox.com)

Return

Return to gmane.science.linguistics.wikipedia.international.

Advertisement

Project Web Page

About all international matters regarding Wikipedia.org, the free encyclopedia (closed)

Search Archive

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane