(OT?) Where's Where's George?

Euro tracking discussion in English

Moderators: avij, Phaseolus, Fons

joergb30
Euro-Master
Euro-Master
Posts: 3883
Joined: Thu Oct 30, 2003 1:59 am
Location: Kassel, Germany

Post by joergb30 » Tue Apr 08, 2008 1:08 am

.
Last edited by joergb30 on Sun Jan 11, 2009 9:01 pm, edited 1 time in total.

diburning

Let me explain.

Post by diburning » Wed Apr 09, 2008 3:42 am

Hank, the owner, webmaster, and the guy who started wheresgeorge, gets a lot of spam attacks from different international IPs and has to ban them so as to protect the site. It's unfortunate, I agree, but sometimes these measures have to be taken.

User avatar
Licht & Feuer
Euro-Master
Euro-Master
Posts: 1740
Joined: Tue May 10, 2005 5:44 pm
Location: Im Osten des Westens der auch als Süden des Nordens betrachtet wird
Contact:

Post by Licht & Feuer » Wed Apr 09, 2008 1:19 pm

So spammers never use .com-addresses or hide behind proxis? :?

Simply banning all the fair international users without any notification as some kind of "collateral damage" seems just arrogant to me. :evil:
Where's George is certainly not the only big internet community who has to defend against attacks but as I've never heared of such harsh measurements before, I'm quiet sure that there ARE other and better ways to handle this.

Now I've managed to reach the site with a proxi but couldn't log in because
Where's George wrote:Sorry, but we can not log you in - it appears that your browser does not support cookies.
But it does :!:

User avatar
helloggs
Euro-Master
Euro-Master
Posts: 1340
Joined: Sat Oct 02, 2004 1:17 pm
Location: Berlin, Germany
Contact:

Post by helloggs » Wed Apr 09, 2008 3:47 pm

Licht & Feuer wrote: Simply banning all the fair international users without any notification as some kind of "collateral damage" seems just arrogant to me. :evil:
Do you actually read what has been written here? Not all non-US IPs have been blocked. Besides, it is their (or "Hank's", for that matter) prerogative to decide who can use this service. That applies to virtually all internet activity, at least the stuff that is free of charge. You better continue to use your energy and anger on the Tibet thing... :wink:

tabbs
Euro-Master
Euro-Master
Posts: 1000
Joined: Sat Apr 09, 2005 1:25 pm
Location: NW · DE · EU

Post by tabbs » Wed Apr 09, 2008 4:09 pm

Maybe some of the anger expressed here does not have much to do with the fact that this US site shuts visitors from major German ISPs and some other non-US providers out - as you wrote, who they let in and who they don't want to visit or use their site is their business. The two issues or concerns I have are:

We should make sure that EBT does not have to resort to such measures. So if things get as bad here as they apparently did for Where's George, and we have to keep spammers or malicious attacks out, I hope it can be done in a somewhat more selective or intelligent way. Also, some other web sites that have geographic filters have the courtesy of telling unwelcome aliens ;) why they cannot proceed. I'm not a techie and thus don't know how this is achieved elsewhere. But a mere "Forbidden" alert is not that terribly helpful ...

Christian

User avatar
Dakkus
Euro-Master
Euro-Master
Posts: 4734
Joined: Tue Jun 24, 2003 3:59 pm
Location: No Helsinkiem, Somijas / Iš Helsinkio, Suomijos
Contact:

Post by Dakkus » Wed Apr 09, 2008 6:45 pm

tabbs wrote:Maybe some of the anger expressed here does not have much to do with the fact that this US site shuts visitors from major German ISPs and some other non-US providers out - as you wrote, who they let in and who they don't want to visit or use their site is their business. The two issues or concerns I have are:

We should make sure that EBT does not have to resort to such measures. So if things get as bad here as they apparently did for Where's George, and we have to keep spammers or malicious attacks out, I hope it can be done in a somewhat more selective or intelligent way. Also, some other web sites that have geographic filters have the courtesy of telling unwelcome aliens ;) why they cannot proceed. I'm not a techie and thus don't know how this is achieved elsewhere. But a mere "Forbidden" alert is not that terribly helpful ...

Christian
I am not going to believe the situation is really that bad. They are just being paranoidic or very very lazy with their coding. No other sites have had even discussions on whether they'd need this kind of policies or not.
But whatever, I see dollars anyway only about once a year, I think I can live without WG. The US dollar will be history in no time, anyway :)
Ko saka āboliņš? Pēk pēk pēk!

User avatar
avij
Forum Moderator
Forum Moderator
Posts: 5732
Joined: Mon May 27, 2002 10:45 pm
Location: Helsinki Finland
Contact:

Post by avij » Wed Apr 09, 2008 7:03 pm

Dakkus was kind enough to open a new topic on WG forums about the issue, see here (if you can..)

Some people have already contacted us and asked if we know anything about the status of WG. I just sent an inquiry via the contact form of WG about the situation, and pointed the webmaster to this topic on EBTF. We'll see how this develops..
Money makes the world go round. We track how the money goes round the world.
EBT Tech WG leader. Do not PM me if your question is not related to Tech WG or the association.

User avatar
avij
Forum Moderator
Forum Moderator
Posts: 5732
Joined: Mon May 27, 2002 10:45 pm
Location: Helsinki Finland
Contact:

Post by avij » Wed Apr 09, 2008 7:49 pm

From the aforementioned WG topic:
Hank wrote:Please post this response on the EBT thread, too.

Where's George? is a very large website, and as such, is a HUGE target for form spamming and other attacks. The site gets hundreds of thousands of such hits EVERY SINGLE DAY.

So, I selectively block incoming connections when they start form spamming my site. There are millions of computers running as part of "bot-nets" that form spam my site thousands of times everyday.

The only way to prevent this abuse and spamming is to block the IP addresses when it happens.

Unfortunately, the majority of these attacks come from overseas, where enforcement by the ISPs to block or prevent this type of traffic is lax (Mexico is a particularly bad source of attacks).

To answer some questions, no, I'm not "paranoid or very very lazy with my coding" - -in fact it takes quite a bit of sophisticated coding to prevent false positives.
So spammers never use .com-addresses or hide behind proxies?
Sure they do, and when the proxies hit my site and spam it,they're instantly blocked. I have a running list of over 6,000 active proxy servers which are blocked. Sure, there are thousands I don't have, but the list grows everyday.

And I am not blocking all non-US ISPs. Like I said, I only block an IP address, IP netblock, or in some cases an entire ISP when needed, based on the severity of the attacks.

I don't usually do this, but here is the list of servers currently being blocked in Germany:
clients.your-server.de
adm-muenchen.de
alicedsl.de
bulanda.de
ccc.de
che.base-server.de
cyperfection.de
dd-3.de
einsundeins.de
ingoalnetwork.de
ipxserver.de
ivu.routing.wtnet.de
kabel-badenwuerttemberg.de
keksserver.de
lynx1.vc-server.de
ruhr-uni-bochum.de
fullservicesolutions.de
server4you.de
software-and-design.de
tor-or-anonproxy.cryptobitch.de
humanistische-union.de
triplexmonitor.de
uni-passau.de
v1099.ncsrv.de
vserver.de
t-dialin.net
This does not include proxy servers or IP connections in Germany that do not resolve to a hostname.
Simply banning all the fair international user
I do not do this.
For what I know Where's George is banning all non-US IP address (.de, .fr., .uk, .it and so on), only the providers with .com can still have access (I can access from home (.it) but I do it from work (.com))
Absolutely NOT TRUE.
Where's George is certainly not the only big internet community who has to defend against attacks but as I've never heard of such harsh measurements before, I'm quite sure that there ARE other and better ways to handle this.
Like how? CAPTCHAs ? They totally suck, and there's no way I could require a CAPTCHA on every single bill entry. I'd see my daily bill entries go from 80,000-100,000 per day to may 10 or 20 people who would be willing to put up with it. Any other solutions? You can't criticize what I've done to solve the problem unless you can provide a better solution.
No other sites have had even discussions on whether they'd need this kind of policies or not.
Because other sites are either too small, or just don't care. Or they employ people to moderate the spammed content. I have no employees.
__________________
-Hank
Any replies should probably be written to the WG forum topic.
Money makes the world go round. We track how the money goes round the world.
EBT Tech WG leader. Do not PM me if your question is not related to Tech WG or the association.

tabbs
Euro-Master
Euro-Master
Posts: 1000
Joined: Sat Apr 09, 2005 1:25 pm
Location: NW · DE · EU

Post by tabbs » Wed Apr 09, 2008 8:20 pm

servers currently being blocked in Germany
(...)
alicedsl.de
(...)
einsundeins.de
(...)
t-dialin.net
Wow. That sure explains a lot. :mrgreen: Thanks for letting us know. Guess I'll put this matter (ie. the topic and Where's George) to rest now.

Christian

User avatar
Dakkus
Euro-Master
Euro-Master
Posts: 4734
Joined: Tue Jun 24, 2003 3:59 pm
Location: No Helsinkiem, Somijas / Iš Helsinkio, Suomijos
Contact:

Post by Dakkus » Wed Apr 09, 2008 9:00 pm

tabbs wrote:
servers currently being blocked in Germany
(...)
alicedsl.de
(...)
einsundeins.de
(...)
t-dialin.net
Wow. That sure explains a lot. :mrgreen: Thanks for letting us know. Guess I'll put this matter (ie. the topic and Where's George) to rest now.

Christian
How much is the list as percentages? Does anyone have even a roughish estimation. Like, is it 30-40%, 50-70% or 75-90% of Germans?
Ko saka āboliņš? Pēk pēk pēk!

User avatar
avij
Forum Moderator
Forum Moderator
Posts: 5732
Joined: Mon May 27, 2002 10:45 pm
Location: Helsinki Finland
Contact:

Post by avij » Wed Apr 09, 2008 9:55 pm

Dakkus wrote:How much is the list as percentages? Does anyone have even a roughish estimation. Like, is it 30-40%, 50-70% or 75-90% of Germans?
I compared the list of blocked hostnames to the hostnames used by German EBT users, and came up with a figure of 39% (the vast majority of them being the three ISPs quoted by tabbs). YMMV.
Money makes the world go round. We track how the money goes round the world.
EBT Tech WG leader. Do not PM me if your question is not related to Tech WG or the association.

User avatar
Crazy Bob
Forum Moderator
Forum Moderator
Posts: 7213
Joined: Sun May 01, 2005 6:29 pm
Location: Rotterdam, Netherlands

Post by Crazy Bob » Wed Apr 09, 2008 10:25 pm

from the following Dutch servers, I can't connect to WheresGeorge:

xs4all.nl
direct-adsl.nl
uunet.nl

For the latter, switching to their international proxy server on uu.net makes connecting to WG possible.
Rotterdam #3, South Holland #11, NL #39, Int'l #314
My profile

User avatar
alex77r
Euro-Master
Euro-Master
Posts: 2282
Joined: Mon Jul 05, 2004 5:24 pm
Location: London Heathrow (UK)
Contact:

Re: (OT?) Where's Where's George?

Post by alex77r » Fri Aug 22, 2008 8:00 pm

Same problem with a uk adress
The Shortcodes List/Bilan des Codes-courts recensés - website on stand-by
User Control Panel>Board preferences>Edit global settings>(1) Sélectionnez le thème "Subsilver2" pour avoir une apparence ressemblant à l'ancien forum (2) Forum en français désormais possible!

Klute72

Re: (OT?) Where's Where's George?

Post by Klute72 » Sun Aug 24, 2008 6:20 pm

How do I use I proxy? I also keep getting that error message. I just travelled back from the States and was really looking forward to entering the bills I brought back - unfortunately I can`t access the site.

Some of you said try using a proxy. How can I do that? (I have no clue about computers so please explain for dummies - thank you!!! :oops: )

tabbs
Euro-Master
Euro-Master
Posts: 1000
Joined: Sat Apr 09, 2005 1:25 pm
Location: NW · DE · EU

Re: (OT?) Where's Where's George?

Post by tabbs » Sun Aug 24, 2008 6:48 pm

Don't know, don't care. If the site owners want to limit access to their sites, that is up to them. There may be situations when I may consider such a "WE DO NOT WANT YOU HERE" sign to be an invitation to try workarounds out. :mrgreen: This is not one of them.

Christian

Post Reply

Return to “Site and Euro-tracking Discussion (English)”