|
Grex > Coop11 > #47: Banning a site from Grex; a discussion of when to do this | |
|
| Author |
Message |
| 25 new of 264 responses total. |
steve
|
|
response 130 of 264:
| 
Dec 7 23:27 UTC 1998 |
Most interesting. It would explain the strange responses I got.
|
levi
|
|
response 131 of 264:
|
Dec 8 03:44 UTC 1998 |
Well KRJ, iam the one who possibly informed you in the party that IITS doesnt
alow their students to telnet to other sites . Well there are 5 IITS in India
and that's policy of each institution. Moreover the folks who log in from
GE.COm ips also do it without any legal permission from either the Indian
companies they work or for that matter the GE network . In fact its illegal
to use the GE network for telnetting to cyberspace or arbornet. but since
most of the Indian students cant afford to have an email , they use this as
an email facility.
|
krj
|
|
response 132 of 264:
|
Dec 8 04:15 UTC 1998 |
Levi, yes it was you. Thanks for contributing here. Your response
raises a *fascinating* ethical issue for us here on Grex. I have
started a new item #54 (item:54) for that discussion, so that we
don't drift in the item about the current situation with IIT KGP.
|
steve
|
|
response 133 of 264:
|
Dec 8 04:42 UTC 1998 |
Thank you for your comments, Levi. Do stick around and participate
here.
Interesting that they can't legally get here, but are anyway.
|
rcurl
|
|
response 134 of 264:
|
Dec 8 05:41 UTC 1998 |
If there is a bootleg gateway involved, IIT should do something about that
too.
It is a minor matter, but so not to corrupt the spelling of our colleagues
from India: explanation; permanently.
|
steve
|
|
response 135 of 264:
|
Dec 8 12:08 UTC 1998 |
I fixed those in the text that got sent out. You can proofread the
final version in ~steve/p2.m ;-)
|
rcurl
|
|
response 136 of 264:
|
Dec 8 16:00 UTC 1998 |
The typos were still in the motd this a.m.
|
aruba
|
|
response 137 of 264:
|
Dec 8 17:47 UTC 1998 |
I just fixed them in the MOTD, and changed "the Grex" to "Grex".
|
steve
|
|
response 138 of 264:
|
Dec 9 02:26 UTC 1998 |
oh! in the MOTD--oops. I didn't look at that nearly as much as
looking at the main letter sent to everyone.
|
devnull
|
|
response 139 of 264:
|
Dec 10 10:27 UTC 1998 |
It seems to me that perhaps configuring newuser to not allow people to
create accounts in the standard way from that site might be an effective
block that wouldn't cause as much trouble for people. You could have some
mechanism to allow people to get accounts with some amount of manually looking
at the request to decide whether to make the account, perhaps.
|
remmers
|
|
response 140 of 264:
|
Dec 10 12:05 UTC 1998 |
How would that help? I think it's unlikely that vandals would state "Oh
by the way, I'm a vandal" in their account requests.
|
steve
|
|
response 141 of 264:
|
Dec 10 12:23 UTC 1998 |
Joel, we could (or already do) have a technical mechanism to stop
newuser from creating the account so someone can look at it, but that
is a very fundemental change to the operation of Grex, and one that I
hope we never never do.
For one thing, it would be a heck of a lot of work, looking at
all the requests. On a busy day we'll get 220 new accounts created
here, so you can imagine how much work that would be, if it took
just 30 seconds to examine each one.
But the greater problem with it would be that we'd be in the mindset
to 'examine' people when they came to the door, and I'm not sure that
"wanting" (more like demanding) full identification might not come next.
As it is, the vandals come in with the rest of civil society, and
we haven't had that much of a problem. Certainly there have been some
problems from time to time, but still--and remember, I'm one of the
ones who deals with them--most, the vast majority of people who come
in here are perfectly fine people.
IIT is about the only time I have ever seen a situation where
teaching newuser to do something special with a certain IP address
would be possible. Because that is a gateway, we could block it off
(as we did) or something else, but in thinking about it, that is the
only time I can think of in which the vandals of a certain site have
come in through a guaranteed address.
|
samsoft
|
|
response 142 of 264:
|
Dec 10 14:49 UTC 1998 |
Pardon My illiteracy in computers. I wanted to ask if there is a way that an
user is restricted to run a executable in his home or tmp directory.Anyway
nobody logs into grex to run his program. But if such a restriction is
possible then maybe noone could run programs which might affect the
performance of grex machine.Ofcourse I might have said a trivial things
infront of the experts but I was wondering if that is possible
|
steve
|
|
response 143 of 264:
|
Dec 10 19:20 UTC 1998 |
In the case of a malicious program like a fork bomb, it doesn't matter
where the user runs it. So if we restricted a user to their home directory,
they could still run such a thing and hurt the system.
But if I understand your question, the answer is no. There isn't any
way to restrict people from running programs whereever they find them,
without restricting their access to the "shell", which is one of the neat
things about Grex.
|
samsoft
|
|
response 144 of 264:
|
Dec 10 20:48 UTC 1998 |
I guess what I meant was that an user still has access to shell but he cannot
run an executable which is residing in his home directory. He can only run
executable which are created by root.like "ls party etc etc". Which means even
if I load a fork bomb executable in my homedirectory still I cannot execute
it since it is created by me.But I could still use my normal shell and execute
programs created by root which maybe in /bin etc. So my question was is there
a way of restricting the execution of a file based on who created it.
|
scott
|
|
response 145 of 264:
|
Dec 10 20:55 UTC 1998 |
No. Anyway, we *want* people to be able to write and run their own programs.
Some people learn a lot on Grex that way.
|
steve
|
|
response 146 of 264:
|
Dec 10 21:23 UTC 1998 |
There is no sane way to do that, though I could scheme up some grand bizarre
things to do that.
But as Scott says, being able to write code here is one of the nifty and
cool parts of Grex. Grex is an open system, as much as it possibly can be,
and I don't want to change that.
|
steve
|
|
response 147 of 264:
|
Dec 10 21:42 UTC 1998 |
To get this item back on track to the discussion of IIT and site banning,
we have heard that IIT has been blocked again, but this time from the IIT
system administrators. We do not have official word on this yet.
|
samsoft
|
|
response 148 of 264:
|
Dec 10 23:36 UTC 1998 |
Ok Scott I get it. Rather I support it and thats why grex is a cool place :)
|
steve
|
|
response 149 of 264:
|
Dec 11 02:36 UTC 1998 |
thanks
|
levi
|
|
response 150 of 264:
|
Dec 11 19:54 UTC 1998 |
So steve as i had told here before , IIT KGB sys admin folks blocking the
gateway was bound to happen anyway . Whether its loss of an email id and other
stuff for some considerate users from IIT KGB , i think it is .
I hope the other IITS wont go this way and poosibly prospective fork bombers
would think twice before doing anything nasty in GREX
|
spiff
|
|
response 151 of 264:
|
Dec 12 09:38 UTC 1998 |
i think it's time for a user of the banned site to make his side of the matter
visible. i am a user from that site, and believe i have some legitimate points
to make.
+ the ip address you tracked is 164.100.25.83 this ip address is a *free*
gateway for telnet, and there is no way anyone can track who logged on as
whom, as there is *no* login. it's free!
+ the actions *does* smack of racism as the focus drifted from 'XXXX
University' to an 'Indian' site.
+ the reason users of this site use grex is:
a. it's a way of keeping in touch with their friends/relatives abroad.
b. our telnet and internet gateways are diffrent, and the telnet
bandwidth is 6 times faster than the internet. surfing the web thru grex, or
any other telnet site is thus *faster*.
c. we have got dedicated e-mail servers, but they cost a lousy 500
bucks and free accounts are available *only* to non-freshers.
+ in response to your 'complain' our uni has already blocked access to grex,
and no further response is necessary, as they are not (and should not be)
concerned with the problems of a free service located in a small US town.
+ 30th November to 3rd January are holiday time here, and *nobody* is there
to respond to your diatribe. we were caught unawares.
+ our uni cannot be held responsible for the actions of a few misguided
hackers, as there is noway to invidually deal with and respond to the 5000+
students that study here or the 3000+ non academic staff that lives in the
campus.
+ ours is *not* a 'small' technical college. ours is a Technical Institute
of national repute, ranked 104 in the world (not bad for an indian
university).
+ the users from this site in particular and indians in general, have had
to suffer severe racist rudeness directed to them, at grex and other
international sites.
particular instances had been mailed to steve (i hope you got them).
+ steve's statement regarding *not* revealing the name of the 'offending'
site was a sham as he boldly announced it on the message of the day,m when
the users of this site were not present to defend their case.
+ your action *would not* stop the attacks, as the perpetrators would
continue from other places, however it succeeded in stopping all the innocent
users from here.
+ if such a drastic action was indeed pertinent, all the offending users'
login coulda been erased, or perhaps *all* the users from this site blocked,
instead of publicly humiliating the majority of users who had nothing to do
with it. THEN we would not have complained.
+ as i said in the beginning, there is no way the university can determine
WHO did the crime, and thus no way to deal effectively with it.
+ the reasons you have sited other than the fork bombs, are frivolos and an
excuse to block us from grex. it was brewing for a longer time i suppose.
+ rest assured, nobody from this place is ever going to use grex again, altho
i would keep coming back to see the response to my message.
Congratulations.
|
mdw
|
|
response 152 of 264:
|
Dec 12 11:35 UTC 1998 |
Who do you propose *should* be responsible for "the actions of a few
misguided hackers"? There are more than 25,000 active accounts on grex,
which almost certainly gives grex a consideably worse "staff/user" ratio
than IIT.
I work for the University of Michigan, a large midwestern university,
probably at least 4 times the size of IIT. People here take computer
vandalism very seriously. If someone here were to use university
resources to repeatedly attack an external site, somebody at UM *would*
make it a point to track that person down, and hold them accountable for
their actions. There are lots of reasons why UM finds this policy
essential. Some of them are purely practical. UM has enough computing
power (and network bandwidth) that a serious vandal attack can seriously
disrupt a lot of people's lives, both on campus and off. If UM allowed
vandals free reign, there wouldn't be any network left for the rest of
us campus denizens. Also, under US law, vandalism is illegal. If UM
didn't track these people down, UM might be considered an accessory.
There is also the matter of academic reputation. UM wants to be known
as the home of fine scholarly activity, not as a hotbed of vandals and
other similar low-life scum. People remember bad stuff much better than
they remember good stuff, so the actions of even a few annoying vandals
will make a much greater impression elsewhere than any number of quiet
scholarly types minding their own business. In addition, as an academic
research institute, UM does not stand in isolation. It shares efforts
with many other research and teaching institutions elsewhere. This
means that it would materially *hurt* UM for there to be any sort of
data block between it and other institutions. Now, at *least* 99.9% of
the people at UM are perfectly wonderful people who wouldn't harm a fly
on the internet, -*but*- UM is a big place, and there *are* the
occasional exceptions. So, UM finds it worth its while (however
regretful the reason) to have several full-time people who worry about
computer vandalism, including that directed from elsewhere, that
directed to elsewhere, private incidents involving people pissed off at
each other entirely within the university, and people who try to use
university resources to send mass mail, both within and without the
university.
UM is not an exception in this regard. *Every* major university in the
US, *every* ISP, and many smaller organizations devotes sometimes
considerable efforts to combat computer vandalism, and in many cases,
these institutions have several *decades* worth of experience in dealing
with these problems. The people who invented the internet, BBN, were
thinking of "computer vandals" (although they called them "grad
students") when they designed the original internet IMPs - they ordered
specially military hardened computers from honeywell, that came in
really big heavy cases that were designed to withstand the sort of abuse
a computer might expect to endure being shipped from point to point
along the front of world war 2. (Generals like to fight the last big
war over again when they buy things.) I should point out that
vandal-fighting activities are still a *relatively* small part of the
the business of most of these organizations, as it should be. UM may
have 2-3 people who deal with vandals full-time, but it has hundreds,
gosh, maybe even thousands of people who deal with computers on
basically a full-time basis. A "small" ISP like IC-net may have only
2-3 technical people. Their number one hassle is not vandals (who are
most likely an occasional nuisance) but the phone company, which, being
a monopoly, doesn't have a good benchmark against which to improve its
customer service.
30 Nov - 3 Jan is an awfully long holiday, much longer than any holiday
in the states. The chrismas/new years holiday is probably the most
significant holiday here, it basically lasts for about a week, and less
than that for many people.
|
mta
|
|
response 153 of 264:
|
Dec 12 13:49 UTC 1998 |
Spiff, yours is a very well stated opinion.
I'm sorry you felt it was a racsit act for the staff to protect 25,000 users
of Grex from the actions of a few vandals. Regretfully it required
inconveniencing about 1,000 users from IIT. The action was not taken without
consideration of those 998 good grexers who would be effected but who had no
hand in causing the problem. No one liked that, be we could see no other wway
to deal with the problem after our more usual methods failed to have any
result at all.
Is there racism on Grex? I'm sure there is. Any time you collect 26,000
people together, you'll turn up most of the worst (and best) traitys that we
humans have to offer. I'm sure thatif you investigate any group, anywhere,
you'll tuen up a few stupid, frightened people among th masses of ordinary
and extraordinary people.
Did racism motivate this decision? No, I'm quite sure it didn't. Not because
I believe the Grex staff and board are perfect. Oh heavens, no! <grin> We
we all know a lot about each others warts by now. But because I've worked
and socialized with the people who made the decision for many years now. Some
for longer than Grex has been around. I've seen the excitement in their eyes
as they speak of meeting people from all over on our little system. I've seen
the pain in their eyes when faced with situations where fairness to everyone
isn't feasible. They have flaws, we all all them.. Racism isn't one of the
flaws I've ever seen in a Grex staffer or board member.
True, you have only my word for it and you don't know me. But you don't know
any member of the staff and board except at some distance. Just as you say
it isn't reasoable to hold IIT adminsitrators, students and staff responsible
for the actions of a few misguided vandals, please understand that any racism
you have experienced her on Grex is not coming from (and is unknown to) anyone
on the Grex board and staff. If such situations are reported to us, we'll
do what we can to put an end to it. But we can't be responsible for what we
don't know.
As to "just deleting the accounts" of vandals...with an open newuser program,
that just puts the vandal at an advantage. At least if the vandal uses a
familiar ID, we know who to watch. If the vandal uses a new ID every time,
we can't know who they are until the trouble starts.
|
aruba
|
|
response 154 of 264:
|
Dec 12 14:32 UTC 1998 |
Re #151: We're certainly sorry that everyone at your site was blocked. That
was never what STeve or anyone else on the board and staff wanted.
Marcus and Misti answered better than I could. Erasing all the logins created
from your site wouldn't work, as Misti said, so do you have any other
suggesetions for how to get someone there to do something about vandals? I
have to fervently agree with Marcus that if the administration there really
is unwilling to track down problem users, they are being "bad netizens", and
we may have no choice other than to ban the site from Grex. What else could
we do?
|