Neil Harris wrote:
And, just to link several discussion threads together, how about a nice
hook routine, set_BOPM_candidate(), that could be called from various
places in the code to mark an IP as eligible for a BOPM scan?
How about an offline script that anyone can run to check IPs for being
an open proxy? That way it's not Wikimedia's responsibility because the
"portscans" will be coming from Wikimedians' own home computers.
A failed BOPM scan would then apply only a _short
term_ IP block to the
open proxy: perhaps a week
I don't like this because then vandals only need enough proxies to fill
a week, and then they can re-use the old ones because the blocks will
expire.
Instead, I think they should be blocked indefinitely, but anyone wishing
to edit from such an IP should get a sensible message about the
open-proxy problem and NOT a screen telling them they're "blocked".
Timwi