Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Enhancement Requests
Author Message
Ex82nd
Client


Joined: Apr 18, 2004
Posts: 17

PostPosted: Sat Jul 31, 2004 10:02 am Reply with quote

In light of the attacks on Nukescripts.com and my web host, I would like to see an IP Blacklist started. I think if this was implemented, we could simply add the IP's of the people doing these attacks and send a message that not only can't they access the sites they've already been block from, but all Sentinel users.

PS.. Please feel free to send me the IP's of those people who repeatedly attack your sites and what hack they're using and I'll be happy to add their IP's to my blocked list.
 
View user's profile Send private message Send e-mail
beetraham
Regular
Regular


Joined: Dec 13, 2003
Posts: 94
Location: Finland (EU)

PostPosted: Sat Jul 31, 2004 3:04 pm Reply with quote

Cheers,

Not that I would like to mess with the crackers more than it is necessary, I do however sense a great risk for people getting mass-banned from the PHP-Nuke sites without a possible true reason. I do understand the utilization of the blacklists as a form of pre-defensive action - a form of intelligent anticipation, and not questionable, as long as the source and the mechanism providing this input is trustworthy - which bring us to a question - which instance is it?

So, a question is aroused now. Which instance is trustworthy enough to validate and to ensure that the associated source IPs brought into the widely shared blacklist fill the criteria for deserving a global IP ban? Global IP ban - w00t? Yes, I believe that in this case it would be quite realistic to speak about a global IP ban. These IPs brought up into the blacklists would be the ones to get banned at global level as a huge number of PHP-Nuke sites would be sharing the blacklists.

Any workaround or substitute fot the blacklists? Oh, yes there is... Smile In my opinion - it is the very Sentinel itself. Supposing that the Sentinel is as effective in its rage in the future as it has proven to be now, there really should be no reason to get involved with the blacklists.

It's not the pre-defensive attitude that I fear of - it's the vision of tje generally applied means of letting the cracker hatred shine.

So, what do I possibly care? Please let me tell you in short the personal arguments for beeing strongly up against the utilization of blacklists.

The thing is, that I'm currently being banned from a major league PHP-Nuke site without a reason of any kind. Clearly this ban must be due to made IP Block for a range of IPs in which my IP exists along with true cyber punks. Needless to say, I feel very unconfortable with this situation. So - the point...? Imaging that this sort of accidental or pre-defensive blocking would exclude/de-cover my web presence even to more a great extent due to generally/automagically applied blacklists, I would propably drop down and die. Absolutely no reason to live whatsoever. Sad

In case that the blacklisting would be considered as an option, the mainframe solution for creating such shared blacklists would probably rely mostly upon a parallel solution with the PHP-Nuke core XML based data presentation (analogy with backend.php, backendforums.php, etc.) in which the banned IPs would be pulled out of database into a XML file for everyone with a capability/permission to share the file.

As I'm not that familiar with legislation, but just as a hunch - the *open* implementation might cause some unexpected surprises depending on which side of the globe you locate. (and more specifically which parties you publically show beeing banned). Am I totally lost with thoughts? Anybody?

In my opinion, maintaining the blacklists and sharing a peace of those cakes is a freedom choice as long as it is lawful. However, it is should be carefully considered prior to applying such option at global community level due to possibly awaited phenomenom as described above.

This was a very interesting subject to reply - I look forward to further discussion upon the Topic.

Nukem' good! Wink

Kind Regards,

-beetraham
 
View user's profile Send private message
Muffin
Client


Joined: Apr 10, 2004
Posts: 649
Location: UK

PostPosted: Sat Jul 31, 2004 4:04 pm Reply with quote

I agree with beetraham. If people use an ISP that assigns an IP each time they sign on, which happens a lot here in the UK, then someone who is assigned a blocked IP when they sign on, even though they are innocent would get blocked from a site for no reason.

_________________
Classic Mini rules the bends & bends the rules!
[img] 
View user's profile Send private message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17086

PostPosted: Sun Aug 01, 2004 12:33 am Reply with quote

Dynamic IP's are the curse and cure at the same time. The curse because they will eventually be reassigned and an innocent will be banned and a cure to the lack of available IP's. I will say that so far I have only had 2 instances of a clash and the person sent an email and I released the ban. Personally I have never been in favor of IP blacklists, mainly because it is so easy to get a new IP. And, some food for thought, what would stop an IP from getting on a banned list out of spite or jealousy? There are several good people that have been banned from some sites just because the 'staff' didn't like their comments (hmmmm.). Therein would lie the problem.

BTW, beetraham, you post was very well articulated. I would appreciate your active participation here!
 
View user's profile Send private message
Doodle
Hangin' Around


Joined: Jan 26, 2004
Posts: 46
Location: 127.0.0.1

PostPosted: Tue Aug 03, 2004 9:53 am Reply with quote

Mass banning blacklists imho are an option that some webmasters would love to implement within their own sites. I have 7 nuke sites running sentinel and I would love to have the ability to autoban an IP from all my sites not just the one that gets the attempt. I have been toying with the idea of running a cron script or some other method of sharing the IP's but have been waiting for sentinel to go to final version first. Btw I want to thank you guys for the EXCELLENT work on this script. You are truly a benefit to our community!

_________________
Independent Network Solutions Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login! Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
Raven
PostPosted: Tue Aug 03, 2004 9:59 am Reply with quote

While an autoban is not [yet] possible in NukeSentinel, especially across diverse servers, you do have the ability to manually add IP's to the ipban table through NukeSentinel administration. Thanks for the kudos!
 
Doodle
PostPosted: Tue Aug 03, 2004 10:03 am Reply with quote

Most of my sites run in virtual server space on the same server so the db is still localhost (cpanel/whm setup). Publishing to an XML output that gets picked up and read by a cron triggered script would work I think. Is this a feature that would merit some attention do you think?
 
Ex82nd
PostPosted: Tue Aug 03, 2004 3:04 pm Reply with quote

What's the worst that could happen by using a Blacklist??? Is it any worse than me having to send a request to someone to accept an email from me because I'm not in their address book?

If someones IP was blacklisted by a site who's integrity I could trust... I would use it without question. If someone was blocked and really wanted to see my site... They can email me and get the block rescinded.
 
peace
Worker
Worker


Joined: Mar 11, 2004
Posts: 209

PostPosted: Wed Oct 06, 2004 8:43 pm Reply with quote

Crying or Very sad
 
View user's profile Send private message
jonmcc33
Hangin' Around


Joined: May 17, 2004
Posts: 40
Location: Dayton, OH

PostPosted: Wed Oct 06, 2004 9:32 pm Reply with quote

Ex82nd wrote:
If someone was blocked and really wanted to see my site... They can email me and get the block rescinded.


And how would they get your e-mail if they can't even go to your website?
 
View user's profile Send private message Visit poster's website AIM Address ICQ Number
Raven
PostPosted: Wed Oct 06, 2004 9:33 pm Reply with quote

Doodle wrote:
Most of my sites run in virtual server space on the same server so the db is still localhost (cpanel/whm setup). Publishing to an XML output that gets picked up and read by a cron triggered script would work I think. Is this a feature that would merit some attention do you think?
Did you ever pursue this?
 
Raven
PostPosted: Wed Oct 06, 2004 9:38 pm Reply with quote

jonmcc33 wrote:
Ex82nd wrote:
If someone was blocked and really wanted to see my site... They can email me and get the block rescinded.


And how would they get your e-mail if they can't even go to your website?
Blocking on port 80 does not interfere with port 25 and 110. Peace can attest to the fact that he has been banned a couple of time from here due to me banning at a 2 octet range. Now I only ban at 1 octet so hpefully he won't be at as much risk. Anyway, he can, of course, still send me email as that is not port 80.
 
jonmcc33
PostPosted: Wed Oct 06, 2004 10:35 pm Reply with quote

I'm saying how would he/she get your e-mail address if they can't come to the website? I'm thinking of a new visitor and not a previous visitor that has contacted you before.
 
Raven
PostPosted: Wed Oct 06, 2004 10:39 pm Reply with quote

jonmcc33 wrote:
I'm saying how would he/she get your e-mail address if they can't come to the website? I'm thinking of a new visitor and not a previous visitor that has contacted you before.
Thanks for clarifying that. I wasn't getting it Laughing
 
jonmcc33
PostPosted: Wed Oct 06, 2004 11:05 pm Reply with quote

LOL! No problem. I was pondering why you were mentioning ports and all. My bad for not being clear enough. Bang Head
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> NukeSentinel™ Enhancement Requests

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©