[Web4lib] City blocking suspected 'criminal' networks

Cloutman, David DCloutman at co.marin.ca.us
Mon Feb 2 14:22:41 EST 2009 

This isn't exactly identical to your situation, but for a while our
patron feedback form was getting a lot of spam advertising porn and
virus sites. As a temporary patch I blocked the IP addresses for all the
major Russian and Chinese ISPs, and 90% of the spam stopped. I later
replaced the script with something I had written that was more secure
and did some serious data validation, and undid the blocking. Unless our
patrons were trying to reach us while they were out of the country, I
don't think anyone legitimately using the form was impacted.

Honestly, if the Wikipedia article is correct, I'm not certain how a
legitimate business could buy hosting from this company. 

"The business is difficult to trace. It is not a registered company, and
its domains are registered to anonymous addresses. Its owners are known
only by nicknames. It does not advertise, and trades only in untraceable
electronic transactions."

I think the city may be doing your staff member a favor. It is possible
that the birdseed company in question is engaged in some sort of
nefarious activity such as money laundering. 



---
David Cloutman <dcloutman at co.marin.ca.us>
Electronic Services Librarian
Marin County Free Library 

-----Original Message-----
From: web4lib-bounces at webjunction.org
[mailto:web4lib-bounces at webjunction.org] On Behalf Of Barkovich, Greg
Sent: Thursday, January 29, 2009 2:38 PM
To: web4lib at webjunction.org
Subject: [Web4lib] City blocking suspected 'criminal' networks


Hello,

Following up on a patron complaint recently we learned that our city's
firewall consultant had blocked at least one webhost (russian business
network - rbn) from our network. We were not consulted on this change
and it has resulted in the loss of access to an unknown number of
websites. 

We are aware of at least three legimate sites that anyone within the
city's network can no longer access; including one home business from
rural eastern Canada from which a staff person has bought birdseed for
several years. So despite RBN's apparent criminal ties (see entry in
wikipedia or do an article search) we know they host an unknown number
of legitimate sites.

We have begun a conversation with the city's IT managers but for now RBN
and possibly other networks remain blocked.

Have any of you encountered anything similar? This is not a conscious
attempt to filter but is motivated by security concerns. Of course the
net result is loss of access to an unknown (unknowable?) number of
websites and we have, as noted, already received complaints from our
patrons.

Do any of you block IPs suspected of criminal activity from your
networks? If so are you working from a list or how are you determining
which addresses to block? And how have you approached the concerns about
intellectual freedom?

Thanks,

Greg

greg barkovich
Burnaby Public Library, 6100 Willingdon Ave, 604-436-5437, fx
604-436-9087

_______________________________________________
Web4lib mailing list
Web4lib at webjunction.org
http://lists.webjunction.org/web4lib/


Email Disclaimer: http://www.co.marin.ca.us/nav/misc/EmailDisclaimer.cfm

More information about the Web4lib mailing list