On 8/15/06, Tim Starling t.starling@physics.unimelb.edu.au wrote:
We can use a dedicated IP for scanning, to make automatic blocking of that IP by firewalls irrelevant, and we can set up an informative reverse DNS entry and a webserver on that IP, to ward off some of the abuse complaints.
It was the abuse complaints that I was wondering about. If those wouldn't be a problem, this would seem to be the sensible course. Assuming portscans aren't that expensive (I know that there's some latency involved, but that's okay for this), anything listed as an open proxy could be invisibly scanned and deblacklisted if appropriate anytime it tried to edit, which solves the problem of outdated entries. Any IP that's not blacklisted as an open proxy could be portscanned and whitelisted if appropriate when it tries to edit, with some expiry period. A block could force reevaluation of the appropriate address(es), just in case something is whitelisted and becomes compromised within the expiry period.
Now who wants to write this and set it up? :)
On 8/15/06, Jan Kulveit jk-wikitech@ks.cz wrote:
-how to develop the rbl ... I think it could be done the wiki way
That would require a ton of effort keeping the list up-to-date that's really not needed. You'd also have to constantly field complaints of misblocked IPs, which would be solved in days rather than seconds. An automated solution is the way to go for this.