|
Grex > Coop11 > #47: Banning a site from Grex; a discussion of when to do this | |
|
| Author |
Message |
| 25 new of 264 responses total. |
richard
|
|
response 70 of 264:
| 
Dec 3 22:47 UTC 1998 |
one thing I wonder is if the fork-bombers really came from that site.
There were some people here and on mnet just rabid about site-blocking
the Indians. Surely someone from somewhere else could have accessed
that ISP, and telneted through it to grex, *just* to send forkbombs to
provoke staff into the site-blocking itwouldnt do otherwise?
My feeling is that site-blocking is futile because these folks will
just find other ways to get in. Is it now policy to site-block all
sites that have users doing these kind of things?
And how does grex want to be treated if the situation was reversed?
What if other sites start start site-blocking grex because one or two grex
users are using grex to send evil code or something? Is that fair to
everyone else who uses grex? Has grex ever been site blocked actually?
|
robh
|
|
response 71 of 264:
|
Dec 3 23:08 UTC 1998 |
Generally, our staff members actually respond to the e-mail
they get about vandals here. And deal with it. If the
Indian site's staff had responded to our e-mail, we wouldn't
have blocked the site, no matter who was doing the bombing.
|
steve
|
|
response 72 of 264:
|
Dec 3 23:13 UTC 1998 |
Yes, Richard, the fork bombers came from that site. Must you question
everything that is said?
Grex has been told a couple of times now, that it could be blacklisted
from a site (most notably a IRC site) if certain users didn't stop doing
things from here (like send mail). If Grex were to have some users who
did obnoxious things from here, if we didn't clean it up I would *expect*
that that other site would block us. Thats only reasonable.
Site blocking is not an ultimate tool for this sort of problem, but in
this particular case I thought that the vast majority of users from this
site did not have other access to the net. That has proven true. One or
two people seem to be on from another site, but just one or two as far
as I have been able to tell.
As for your last paragraph, I'm sure there are places that HAVE blocked
us in one way or another, because of something that some user did here.
We've had 160,337 accounts created on Grex now, so it's quite reasonable
to assume that somewhere, someone did something that pissed someone off
and we were blocked in one way or another. However, you're missing the
larger point--Grex isn't a place where 467 users all go to some spot on
the net every day. Any site that blocked Grex for whatever reason wouldn't
be seen by many people, except for some few sites like hotmail, altavista,
etc.
So Richard, let me ask you something. What if you had been on during
the time when the fork bombs went off here? What would your complaints
have been, when Grex ran hundreds of times slower than it should? For
some reason, I can't think that you wouldn't have complained.
|
albaugh
|
|
response 73 of 264:
|
Dec 4 00:12 UTC 1998 |
Oh my God, richard has come up with a conspiracy theory for a grex hate crime!
That's gotta be his best ever! :-)
|
scg
|
|
response 74 of 264:
|
Dec 4 01:43 UTC 1998 |
Given that there have been misguided people calling for banning Indian users
fora while, the theory that some racist American broke in to that system and
then started attacking Grex from there does seem possible. If the Staff's
goal in banning the abusive site was to block out abusive Indians, as opposed
to abusive people, it would even be a cause for concern. In fact, though,
it's irrellevant. If a vandal is trying to do bad things to Grex, it really
doesn't matter if that vandal is from India, or Ann Arbor, or Mars. It's
still a problem. The administrators of the site the vandal is coming from
still has a responsibility to deal with the person or people, either by
disciplining or cutting off authorized users who are causing problems, or by
patching security holes that are allowing unauthorized users in. The problem
is that that site has been causing us lots of problems, and its administrators
haven't responsed to attempts to contact them.
|
aruba
|
|
response 75 of 264:
|
Dec 4 03:27 UTC 1998 |
The message sent via e-mail should probably contain a pointer to this item as
well.
|
steve
|
|
response 76 of 264:
|
Dec 4 05:07 UTC 1998 |
I've just sent off another letter to my contact about this.
Given that it is in the middle of the day there, I am hoping to
get a response. If not, then tomorrow I guess we'll go ahead
with the mail and reopening. I'll post the letter to all the
users here, first.
|
rtg
|
|
response 77 of 264:
|
Dec 4 05:38 UTC 1998 |
I find it hard to believe that this university gives its students telnet
access to the internet, and not an email server. STeve, if you have a
list of all accounts which were created from that subnet, how difficult
would it be to scan the .plan files of those accounts for alternate e-mail
addresses? If a significant number of the users have alternate e-mail,
then I would see it as unnecessary to unblock the subnet, and instead send
the explanatory e-mail direct to the alternate addresses.
Second, you did not explain exactly how the blocking was accomplished.
Does our router have some firewall filtering ability? If so, can it
filter by protocol as well as IP address? Would it be possible to open
the subnet to http traffic, so the affected users could read this
discussion via backtalk? If we do chose to unblock the site, how about
allowing telnet, but no FTP? THen they'd have to hand-key the source for
their bombs, at least. And it wouldn't impede the 'legitimate' users of
mail, party, and bbs.
|
steve
|
|
response 78 of 264:
|
Dec 4 15:24 UTC 1998 |
Rick, India is a very very different place. I can readily believe
it. I have a list, and some of them have alternate listings for email.
The actual block is being done with the Tcp Wrapper package, and
telnet, ftp, rlogin and finger are being blocked. Http access is not
being blocked, but they don't have many machines there that can do
that, as I understand it.
One of the reasons Grex is so popular, is that we're tremendously
well connected compared to them. We have a fast connection(!) such
that its extremely attractive to use us. So if they do have ready
email access there, it may well be the case that mail can arrive
here many times faster.
|
steve
|
|
response 79 of 264:
|
Dec 4 15:42 UTC 1998 |
I sent another mail off to the contact person. They are trying
to contact the people at the actual site, but so far they haven't
made a connection yet.
|
mta
|
|
response 80 of 264:
|
Dec 4 16:00 UTC 1998 |
My understanding from some conversations I've had with several gentlemen from
universities and corporations in India is that generally there is one e-mail
account for everyone and you find your mail by scanning the subject line for
your name. No privacy at all.
That was a couple of years ago,m and it may have changed -- but maybe not,
or maybe not everywhere.
|
senna
|
|
response 81 of 264:
|
Dec 4 16:12 UTC 1998 |
If that's the case, that would fully explain the desire to get email on here,
although I'm still not comfortable with grex being used as little more than
a giant email server.
|
krj
|
|
response 82 of 264:
|
Dec 4 17:30 UTC 1998 |
I should stop responding. I'm in a sour mood today.
|
jiffer
|
|
response 83 of 264:
|
Dec 4 18:23 UTC 1998 |
That makes wonderful sense to use a place like grex. However, let me put this
is simple terms for Richard's sake, if someone (or some people) are going to
harm grex, or potentially harm grex, then we should, at best block that site.
Its like in elemmentary school when Tommy wouldn't shut up in class so you
all had to write an essay. There, an comparison for those that didn't get
the logic of normal thought.
Well, hopefully the contact people did something about it so that it will be
fixed, otherwise I am sure its back to reblocking. =/
But there are several places to get free email, hopefully people will find
them.
|
steve
|
|
response 84 of 264:
|
Dec 4 18:43 UTC 1998 |
As I understand it, the contact people are establishing contact with
the administrators at the particular site.
|
steve
|
|
response 85 of 264:
|
Dec 4 18:46 UTC 1998 |
If I'm reading peoples thoughts correctly, we should re-open the site
after I've written tha mail to be sent to all accounts (and reviewed here)
and put a message in the MOTD.
Correct? If so, I'll be starting this tonight when I get home.
|
dpc
|
|
response 86 of 264:
|
Dec 4 19:23 UTC 1998 |
Correct.
|
rcurl
|
|
response 87 of 264:
|
Dec 4 19:39 UTC 1998 |
ASAP, please.
|
cmcgee
|
|
response 88 of 264:
|
Dec 4 20:50 UTC 1998 |
Yes, #85 is what I understood we agreed to.
|
scg
|
|
response 89 of 264:
|
Dec 4 23:10 UTC 1998 |
I disagree. I don't think it would be a good idea to reopen stufff to that
site before we have confirmation that the administrators there are dealing
with the problem. This site was not blocked as a punative measure, where the
sentance would have a definite duration. This site was blocked because it
was becoming impossible to have Grex function well for the rest of its users
while allowing that site to access us. At this point, we have somebody
upstream from there saying he's trying to contact people, but we still haven't
gotten any response from administrators actually at that site. We certainly
haven't gotten any confirmation that anything to improve the situation is
being done. As far as I can tell, the situation that cuased us to need this
block really hasn't changed. It's looking like it may, and when it does, of
course we should open things back up.
|
mdw
|
|
response 90 of 264:
|
Dec 4 23:16 UTC 1998 |
It is trivial to type in a fork bomb. This response is *much* larger
than a fork bomb. Blocking ftp will not impede any vandal wanting to
run a fork bomb on grex.
|
aruba
|
|
response 91 of 264:
|
Dec 4 23:54 UTC 1998 |
Re #89: But if we open up the link for a bit, and let the people from that
site see their mail, they will get the message we've worded here and then
hopefully pressure their administrators into taking action. In other words,
opening up the site again is a way to accomplish the goal of getting something
done about the vandals.
|
remmers
|
|
response 92 of 264:
|
Dec 5 01:11 UTC 1998 |
Re resp:89 - The reason for reopening is not because anybody thinks
the problem is solved.
|
scg
|
|
response 93 of 264:
|
Dec 5 01:34 UTC 1998 |
I know we're not opening this up because anybody thinks the problem is solved.
That's what I'm objecting to.
|
steve
|
|
response 94 of 264:
|
Dec 5 03:50 UTC 1998 |
I hear what Steve is saying.
Are there other people who agree that this shouldn't be lifted?
I'm working on the mail anyway.
|