On 24/06/05, Jake Waskett jake@waskett.org wrote:
On Friday 24 June 2005 17:53, David Gerard wrote:
As can be readily seen from a reverse DNS query, this IP address is a transparent proxy server, use of which is forced upon NTL users (a large UK telco). manc-cache-5.server.ntli.net
Trouble is that admins can't actually see what IP a username is coming from. So there's no indication until someone calls it to their attention.
Hmm. There seems to be a clash between anonymity and usability here, as is so often the case with security systems.
Perhaps we could allow admins to see part of the reverse DNS, but not all of it. If we strip off the last two parts of the name (in this example, leaving just "manc-cache-5.server"), we'd get something that nine times out of ten would identify a proxy or not, but would not be personally identifiable.
Hmm. Set recent-changes to show only anons; 250 edits comes to about 175 unique IPs (busy people, these - one was there four or five times). Converting them to names, then stripping off the two trailing sections, we get this list - http://www.generalist.org.uk/wiki.txt (somewhere along the line it went to 126 addresses. Buggered if I know why.)
Of those, only 20 have proxy or cache in the name.
Thoughts on how useful this sort of data would be, given the reasonably sized sample above?