Info on SORBS, blocking of open proxies

List overview All Threads
Download

newer

older

Re: [Wikipedia-l] Info on SORBS,...

censorship

Elisabeth Bauer

30 Mar 2005 30 Mar '05

4:21 p.m.

Hello, Since yesterday the blocklist of SORBS is used on the wikimedia servers to block open proxies. If someone is having troubles to edit now, here are the steps he can do to solve the problem: * he first has to determine the IP address wikipedia is blocking, that's not too hard, it's on the blocking page * then he has to get someone on another computer to check if it's an open proxy. the procedure is described here: http://www.sorbs.net/faq/proxy.shtml * if it is, then he should complain to whoever controls the server to fix the configuration * if not, he should request a retest (http://www.sorbs.net/faq/retest.shtml) to be taken out of the list. the status of the proxy might have changed since it was last scanned. Please translate/forward this to your project to inform people. greetings, elian

Show replies by date

Walter van Kalken

30 Mar 30 Mar

5:14 p.m.

Elisabeth Bauer wrote:

...

So we have to go to another project to get unblocked on wikipedia. This is unbelievable and sickening W

Andre Engels

5:26 p.m.

On Wed, 30 Mar 2005 21:14:05 +0700, Walter van Kalken <walter(a)vankalken.net> wrote:

...

So we have to go to another project to get unblocked on wikipedia. This is unbelievable and sickening

Actually, in your case you need to first singlehandedly change Thailand's biggest ISP and THEN go to another project. Andre Engels

Tony Sidaway

5:29 p.m.

Walter van Kalken said:

...

Elisabeth Bauer wrote:

So we have to go to another project to get unblocked on wikipedia. This is unbelievable and sickening

Why do you find this sickening? This is the internet. The SORBS identifies open http proxies, which are usually *not* open through any choice of the owner, but because the owner has not made them secure. Using SORBS protects Wikipedia from the negligence of your ISP.

Andre Engels

5:34 p.m.

On Wed, 30 Mar 2005 15:29:44 +0100 (BST), Tony Sidaway <minorityreport(a)bluebottle.com> wrote:

...

With the happy side effect of also protecting us from Waerth and a few million Thais. Great!</sarcasm> Andre Engels

Tony Sidaway

5:44 p.m.

Andre Engels said:

...

On Wed, 30 Mar 2005 15:29:44 +0100 (BST), Tony Sidaway <minorityreport(a)bluebottle.com> wrote:

With the happy side effect of also protecting us from Waerth and a few million Thais. Great!</sarcasm>

Presumably this is due to the activities of the Thai government rather than Wikipedia. I still don't see why it should be regarded as "sickening" that Wikipedia doesn't provide a one-stop proxy doctoring service. The developers and systems people are run off their feet just keeping the servers running.

Gregory Maxwell

6:02 p.m.

On Wed, 30 Mar 2005 15:21:13 +0200, Elisabeth Bauer <elian(a)djini.de> wrote:

...

Since yesterday the blocklist of SORBS is used on the wikimedia servers to block open proxies.

Are users able to login and then edit if they are behind a SORBS IP? My guess is that we use SORBS because it is ineffective to play wack-a-mole with IP banning on such offenders because there are so many open proxies. I would think that limiting these addresses to edits by logged in users would be a more cautious position. It would be unfortunate if we block a user for what he chooses to do outside of wikipedia (for instance running an open proxy on his IP). It is not necessarly true that all hosts listed in orbs are misconfigured, I've seen a few 'first edits' to wikipedia take the form of a warning that wikipedia is misconfigured. :)

evan＠bad.dynu.ca

6:30 p.m.

On Wed, Mar 30, 2005 at 03:21:13PM +0200, Elisabeth Bauer wrote:

...

Since yesterday the blocklist of SORBS is used on the wikimedia servers to block open proxies.

SORBS is for email proxies, isn't it? What's the advantage of blocking open email proxies from using Wikimedia sites? ~Evan

Gregory Maxwell

6:37 p.m.

On Wed, 30 Mar 2005 10:30:35 -0500, Evan Prodromou <evan(a)bad.dynu.ca> wrote:

...

On Wed, Mar 30, 2005 at 03:21:13PM +0200, Elisabeth Bauer wrote:

Since yesterday the blocklist of SORBS is used on the wikimedia servers to block open proxies.

SORBS is for email proxies, isn't it? What's the advantage of blocking open email proxies from using Wikimedia sites?

SORBS also maintains a list of open web proxies.. since web based spamming has become a large issue as well.. (think blogs and wikis)

Tony Sidaway

6:44 p.m.

Gregory Maxwell said:

...

On Wed, 30 Mar 2005 10:30:35 -0500, Evan Prodromou <evan(a)bad.dynu.ca> wrote:

On Wed, Mar 30, 2005 at 03:21:13PM +0200, Elisabeth Bauer wrote:

Since yesterday the blocklist of SORBS is used on the wikimedia servers to block open proxies.

SORBS is for email proxies, isn't it? What's the advantage of blocking open email proxies from using Wikimedia sites?

SORBS also maintains a list of open web proxies.. since web based spamming has become a large issue as well.. (think blogs and wikis)

The FAQ URL that someone cited seems to demonstrate a technique that can be used by a spammer to use an open http proxy to get trusted access to an email server on the same system, bypassing the relay rules and compromising the mail server. This is pretty serious stuff. Web proxies *should not* be open.

Tim Starling

7:02 p.m.

Tony Sidaway wrote:

...

Right, the CONNECT method. Here's a session showing me connecting to mail.wikipedia.org via Walter von Kalken's proxy: [1553][tstarling@zwinger:~]$ telnet 203.144.143.6 80 Trying 203.144.143.6... Connected to 203.144.143.6. Escape character is '^]'. CONNECT mail.wikipedia.org:25 HTTP/1.0 HTTP/1.1 200 Connection established Proxy-agent: BlueCoat-Security-Appliance 220 mail.wikimedia.org ESMTP Postfix (end quote) At this point I could have sent a couple of thousand spam messages and vanished into the night. This is the reason SORBS, who work on preventing email spam, and Blitzed, who work on preventing IRC spam, both list HTTP proxies. Note that we're not blocking other kinds of spam relay, SORBS gives a means to distinguish between the various types. Although at the moment, we're not effectively blocking anything at all, see my foundation-l post on this subject. -- Tim Starling

Kat Walsh

6:54 p.m.

On Wed, 30 Mar 2005 15:21:13 +0200, Elisabeth Bauer <elian(a)djini.de> wrote:

...

Not that efforts to stop vandalism aren't needed, but it might be more difficult than that for legitimate users to get around. I would have been blocked by this a few months ago myself -- the IP address I had was listed in SORBS for something a previous customer of my ISP had set up. SORBS ignored the request for a retest since I am not the administrative contact, and the ISP ignored complaints as there *was* no open relay, and they don't consider it their concern what customers run on their own systems anyhow. After a service outage our IP changed or I'd still be blocked at the moment. Fortunately I wasn't blocked from anything I particularly cared about, but I would be upset if I could not edit Wikipedia. (No comments about withdrawal symptoms, now...) I see at least one active editor has been affected; is there any workaround for logged-in users who would otherwise remain blocked? -Kat [[en:User:Mindspillage]] -- "There was a point to this story, but it has temporarily escaped the chronicler's mind." --Douglas Adams

6960

days inactive

6960

days old

wikipedia-l@lists.wikimedia.org

Manage subscription

11 comments

8 participants

tags (0)

participants (8)

Andre Engels
Elisabeth Bauer
evan＠bad.dynu.ca
Gregory Maxwell
Kat Walsh
Tim Starling
Tony Sidaway
Walter van Kalken