[Wikipedia-l] Re: multi-headed VANDALS + PANIC button

[Daniel Mayer]

On Monday 29 July 2002 01:58 am, you wrote:
> Thinks:
> It would be interesting to know what fraction of Wikipedia users come
> from ISPs with/without valid reverse DNS lookup set up for their IP
> addresses. If the fraction from clueless ISPs is small (and it should
> be), then we could
>
> * ban customers of crap no-reverse-delegation ISPs from editing by
> default (which will capture a lot of "grey" IP addresses, too), and
> * offer suitably privileged users the option to issue the appropriate
> warning (as above)  on a per-ISP basis, based on the reverse lookup domain.
>
> Of course, things should never get this far in the first place, but
> having the tools in reserve would be nice.
>
> Neil

Whoa! I don't think we are at that point yet, but I will file your email away 
for future reference. Our vandal problem is simply not bad enough yet to 
warrent such drastic counter-measures. However I see no harm in looking ahead 
to that eventuality, doing some research, and preparing the systems needed -- 
but I don't think there is any urgency yet. 

What I do fear is some script kiddy with a couple dozen rotating proxies and 
a ship-load of bots flooding the database with junk and overwriting 20 
articles a minute. A panic button to lock-down the site would then be nice 
(Sorry, I can't protect pages fast enough). Then that would give a sysop the 
time needed to block all the IPs of the vandal. But again, I don't think we 
are at that point yet.

We should think about different ways to optionally protect wikipedia from 
these types of more sophisticated attacks. Although I would be /very/ wary of 
categorically excluding ISPs when there have been no vandals from that ISP 
(although that may be part of any panic button). ISPs that fail to act on our 
complaints of documented vandalism are fair game as far as I am concerned 
though.

--mav