Timwi wrote:
Wouter Steenbeek wrote:
We must take an emergency measure: block ALL open proxies. Only that can prevent the guy from constantly returning and practicing his infamous deeds. But we don't know for heaven's sake how to do that.
I'm sure that any lists of open proxies he has available, will be available to you. Try to Google for them and block all their IPs.
Unfortunately, that's all the advice I can give. I'd hate to see an active project go to waste because Wikimedia folk are too slow to react, or because the software doesn't have adequate tools to fight organised vandalism. How many active vandals does it take for a smaller Wikipedia to receive attention and assistance? :/
Timwi
The software _does_ have the ability to use an active open proxy scanner: BOPM http://www.google.co.uk/url?sa=U&start=8&q=http://blitzed.org/bopm/&e=10313, I think. This is currently switched off, since it generated many complaints from less-than-clueful people who had "personal firewall" software and interpreted its checks as "hacking" attempts.
However, if this active scanner was to be enabled on li: alone, I would imagine that the amount of complaints would be negligible. Perhaps this might help the li: administrators?
-- Neil
I'm working on a tool/skin/interface for wikipedia that makes use of pages visited to enable a statistically-driven (centroid cluster) recommendation system.
I would like to be able to use the wikipedia apache logs for the purpose of inferring interest clusters. I certainly won't need the user's IP addresses as they appear in the logs, and I would be willing to write a script that would encrypt each logs, using standard encryption technology, before it is made available- which would leave users distinct but anonymous. Also, I do not need to know the order or even the day that the pages are accessed- an accumulated week or month without dates is still useful, as long as I can be sure that the data is valid. This data could perhaps also be made available to others who are doing statistical research.
Would this be acceptable use?
Thanks, Tony Pryor
Neil Harris wrote:
The software _does_ have the ability to use an active open proxy scanner
I know. But it doesn't have a way to revert changes faster than a vandalbot can create them.
This is currently switched off, since it generated many complaints from less-than-clueful people who had "personal firewall" software and interpreted its checks as "hacking" attempts.
We don't normally care about less-than-clueful people who have no authority. Primarily it is off because the hosting provider have a policy against this activity (which they quite appropriately call "port scanning" and not "hacking"). At least that's what I gathered from the relevant discussion here at the time.
However, if this active scanner was to be enabled on li: alone, I would imagine that the amount of complaints would be negligible.
Unfortunately, the terms of service of the hosting provider apply to li: too.
Timwi
wikitech-l@lists.wikimedia.org