|
|
Posted by db on 10/02/05 17:45
"Billy Joe" <see.id.line@invalid.org> wrote in message
news:dPadnZgogOsyrKLeRVn-hw@adelphia.com...
> db wrote:
>> "Billy Joe" <see.id.line@invalid.org> wrote in message
>> news:FYGdndgvcO8PNaDeRVn-gg@adelphia.com...
>>
>> Bloody hell, here it goes... :)
>>
>
> Bloody hell, well done db, good info - and much more clear now - thanks.
>
> <big snip>
>
> Trying to restate my position non-technically:
>
> My concern with IP blocking is the ease with which IPs can be changed.
> Beside which, you refer to the "dynamics" quite often. Also, the
> necessity for some one person (or many persons) being required to track
> malignant IPs and the propensity of we humans to make mistakes, especially
> when keying in numbers. A possible example: in the source URL you cited
> this appears "beyond the network:63.216.0.0-63.223.255.255." That's
> 458,752 IP numbers. If it's incorrect, that's a large number of IPs which
> can not connect to the WPN (should everyone eventually use the DLL). Can
> they all be malicious?? On another hand: Do we care? I don't, but you've
> said that you do.
Yeah that range does seem a bit excessive (understatement). I wouldn't
imagine that there were many, or even any, users operating WinMX from those
addresses, though, at a glance. I believe they're addresses that belong to
a huge colo host that would generally be housing powerful web servers, game
servers, etc. in huge racks. I don't know for sure, though, but suspect
that (sa with 'Global Internet Exchange' (Globix) hosts and such).
The dynamics are quite different, though, you are right. It does take quite
some work, but not too much for someone who knows what they're doing, to
maintain an accurate list. I think a handful of competent people could
easily handle that.
Regarding the propensity to make mistakes, well, I think the world would
stop turning if we were never to do anything for fear of making errors.
Making mistakes means you're still learning IMO. ;)
> I prefer behavior blocking. And yes, as you've noted, I'd allow the
> behavior to continue while, hopefully, dampening it significantly. The
> premise being, let the beast enjoy some success, rather than stir it to
> new levels of aggression.
It's an interesting view on things (and I'll bare your thoughts in mind).
However, one could also argue that there should be a counter to their
offensive rather than to turn a blind-eye; to be apathetic about it, for if
there was never any resistance then that could effectively grant them free
reign to do as they wish.
Spose you could ask yourself the same questions but replace 'media
companies' with 'governments'. Opposition is good, I think, in order to
help maintain balance.
You could quite well say any impact the 'DLL' fix might have may only ever
amount to 'some success' anyway, so maybe it would meet your wishes there
(to not be so effective as to "stir it to new levels of aggression").
> While I'd prefer closing the secondary connection when abusive behavior is
> detected - because it would then free up that access point for another,
> possibly legitimate, secondary - I fear that it would make it far too
> obvious to the beast that its effort was failing - giving rise to a new
> effort. Dampening the aggressors effect would benefit almost all
> primaries. In this scenario some DOS-like attacks would occur, but
> probably be weatherable by all but those who should never have been
> primaries to begin with (good riddance!).
>
> No matter what method is ultimately employed, it is right now a moment of
> opportunity - the WinMX community, in its entirety, needs a solution. I'd
> venture further to say that our typical RUSH TO IMMEDIATE SATISFACTION may
> have produced a methodology which is far from best. It instigates IP
> blocks. Somehow I see their people and our people sitting at consoles and
> typing madly like the schlockiest of TV melodramas with the fastest
> typist(s) hoisting one for the queens ;-0)
It's all pretty ugly for sure though with any luck things will mature after
a while (the crap ideas will fall by the wayside, etc)
> BJ
P.S. On an unrelated note and with regards your >4000 block, have a ganders
at the remote ports in the list below;
http://www.nodata.plus.com/ap2p/2005-09-30-03-dyn.txt
I think a >32768~ rule should cover it (in case you might want to try and
limit the collateral damage).
db.
[Back to original message]
|