On 1/27/07, Luiz Augusto <lugusto(a)gmail.com> wrote: I suppose we could try to record massive request rates from the same IP, but then you'd probably catch some large-scale proxies too. So not really. They just request a page like anyone else, and the request is superficially impossible to distinguish reliably from a request made by an ordinary user.

Some remote loaders use a rotating open proxy list, for example tramadol.tfres.net (warning, site contains some nasty javascript). This makes them slow, but apparently fast enough for the search engines to index them. What can we do about that, besides DoS the website?

Some remote loaders use a rotating open proxy list, for example tramadol.tfres.net (warning, site contains some nasty javascript).

This makes them slow, but apparently fast enough for the search engines to index them. What can we do about that, besides DoS the website?

Platonides wrote: That's all very well, until they use a proxy that we don't want to block. It's been our policy so far to block anonymous editing from open proxies and p2p anonymity networks, but to allow page views. If they were blocked at the squid level, neither would be possible. Gregory Maxwell wrote: Their money apparently comes from an affiliate scheme with DriveCleaner, which apparently is a scam where the "free version" of a purported spyware/virus checker reports a threat, and recommends that the user buy the "full version" of the software in order to remove it. It's been known to Symantec since June 2006, and what have the authorities done in that time to stop it? You can still go to drivecleaner.com and pick up a copy. There's a lack of international coordination, a lack of political will and a lack of funding. And if they can't stop a blatant scam, defrauding people of money every day, so what makes you think they could be bothered to stop a borderline abuse of service? As for vigilante action, we know from anti-spam activities that a technical attack could well be met by with revenge in kind, and we know that we could easily find ourselves outgunned. I don't really want to spend my time dealing with multi-gigabit DDoS attacks against Wikipedia once every week or two. Civil action may be the only remaining option, but of course it is expensive. The hosting providers, ISPs and banks will defend their clients' right to privacy every step of the way. Welcome to the Internet. -- Tim Starling