Who is blocking "hacker" countries by default from their proxy servers?

Lolis, John jlolis at WHITEPLAINSNY.GOV
Fri Apr 10 22:51:41 EDT 2015


It's quite coincidental that you bring this up.  At one time, after
noticing so many intrusion attempts from China, I had wanted to block by
country code, but our director didn't care for that, raising the question,
"What if one of our patrons travels to China?"  ​But after reading the
message below on the ezproxy listserv earlier today about a forum in
Persian that provides EZProxy passwords, I may raise the issue again, at
least as far as blocking access from the .ir top level domain to our
ezproxy port.  And of course, blocking access by country code doesn't
totally block would-be hackers from those countries... all they'd have to
do is go through some proxy outside that country.

###

Hi folks,

We’d been having some sustained intrusion attempts, (skipping around on IP
addresses etc.) so I’ve been keeping an eye on our log files. Started
noticing an interesting referring url from the .ir domain.



They have an entire forum for EZproxy passwords (viewing through Google
Translate):

https://translate.google.com/translate?hl=en&sl=fa&tl=en&u=http%3A%2F%2Fforums.weare.ir%2Findex.php%2Fforum%2F97-ezproxy%2F



Original url:

http://forums.weare.ir/index.php/forum/97-ezproxy/




John Lolis
Coordinator of Computer Systems
White Plains Public Library
100 Martine Avenue
White Plains, NY  10601

tel: 1.914.422.1497
fax: 1.914.422.1452

http://whiteplainslibrary.org/

On Fri, Apr 10, 2015 at 7:58 PM, Annie Platoff <platoff at library.ucsb.edu>
wrote:

> We are interested in finding out what libraries are using a “blocked by
> default” strategy to help reduce abuse of their proxy servers.  Please
> respond to my questions below…
>
>
>
> What library/university do you represent?
>
>
>
> What type of proxy server are you using?
>
>
>
> Which countries are you blocking by default?
>
>
>
> What mechanisms are you using to activate proxy server access for your
> legitimate users who are traveling to your countries?
>
>
>
> Once a legitimate user is activated, is that access permanent or do they
> have to renew it occasionally?  If they have to renew, how often?
>
>
>
> Thanks!
>
>
>
> *Annie Platoff*
>
> *UCSB Library*
>
>
> ============================
>
> To unsubscribe: http://bit.ly/web4lib
>
> Web4Lib Web Site: http://web4lib.org/
>
> 2015-04-10
>

============================

To unsubscribe: http://bit.ly/web4lib

Web4Lib Web Site: http://web4lib.org/

2015-04-10
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listserv.nd.edu/pipermail/web4lib/attachments/20150410/5e496e28/attachment.htm>


More information about the Web4lib mailing list