Main Menu |
Most Favorited Images |
Recently Uploaded Images |
Most Liked Images |
Top Reviewers |
cockalatte |
650 |
MoneyManMatt |
490 |
Jon Bon |
400 |
Still Looking |
399 |
samcruz |
399 |
Harley Diablo |
377 |
honest_abe |
362 |
DFW_Ladies_Man |
313 |
Chung Tran |
288 |
lupegarland |
287 |
nicemusic |
285 |
Starscream66 |
282 |
You&Me |
281 |
George Spelvin |
270 |
sharkman29 |
256 |
|
Top Posters |
DallasRain | 70831 | biomed1 | 63764 | Yssup Rider | 61304 | gman44 | 53377 | LexusLover | 51038 | offshoredrilling | 48840 | WTF | 48267 | pyramider | 46370 | bambino | 43221 | The_Waco_Kid | 37431 | CryptKicker | 37231 | Mokoa | 36497 | Chung Tran | 36100 | Still Looking | 35944 | Mojojo | 33117 |
|
|
09-17-2016, 07:34 AM
|
#1
|
Lifetime Premium Access
Join Date: Dec 31, 2009
Location: US
Posts: 691
|
IP Address Blocking and TOR/I2P/Proxy
hi
This question is really for the ADMIN's
First of let us know if you know how TOR/I2P/Proxy operates...
How do you justify a "IP Address Blocking" as a mechanism to prevent spammers and weird members here, in the days of Proxy Severs, TOR, and I2P ?
I have been a premium lifetime member here using TOR all the time for and once in a while I run into this "IP Address is blocked" because some weirdo using TOR caused a problem for ECCIE...
SJ
|
|
Quote
| 2 users liked this post
|
09-17-2016, 08:02 AM
|
#2
|
Administrator
User ID: 16
Join Date: Mar 7, 2009
Posts: 7,631
|
Yes, the site's admins do understand how they work.
You're not allowed to mask your IP here. If you try to do so, your access to the site will be hit and miss.
We don't need to justify our security protocols. We'll do what we feel we need to do to protect the site. Sometimes regular members may feel the effects of measures designed to curb malicious activity. Kinda like having your credit card declined for fraud prevention when it was a legit charge. It's a hassle and a pain in the ass. We understand that, and accept that reality.
Thanks for understanding. Have a great day!
|
|
Quote
| 2 users liked this post
|
09-17-2016, 08:14 AM
|
#3
|
Valued Poster
Join Date: Jul 25, 2016
Location: south ar
Posts: 154
|
Why doesn't eccie offer https? It's easy and free with letsencrypt now. It would prevent nosey ISPs (think small town ISPs), and malicious tor exit nodes from reading everything we do (including our PMs). Or even worse - using firesheep to log into our accounts and do ANYTHING.
|
|
Quote
| 2 users liked this post
|
09-17-2016, 09:42 PM
|
#4
|
Lifetime Premium Access
Join Date: Dec 31, 2009
Location: US
Posts: 691
|
Quote:
Originally Posted by TallAndSkinny
Why doesn't eccie offer https? It's easy and free with letsencrypt now. It would prevent nosey ISPs (think small town ISPs), and malicious tor exit nodes from reading everything we do (including our PMs). Or even worse - using firesheep to log into our accounts and do ANYTHING.
|
+1 for that...
|
|
Quote
| 1 user liked this post
|
09-17-2016, 09:44 PM
|
#5
|
Lifetime Premium Access
Join Date: Dec 31, 2009
Location: US
Posts: 691
|
Quote:
Originally Posted by St.Christopher
Yes, the site's admins do understand how they work.
You're not allowed to mask your IP here. If you try to do so, your access to the site will be hit and miss.
We don't need to justify our security protocols. We'll do what we feel we need to do to protect the site. Sometimes regular members may feel the effects of measures designed to curb malicious activity. Kinda like having your credit card declined for fraud prevention when it was a legit charge. It's a hassle and a pain in the ass. We understand that, and accept that reality.
Thanks for understanding. Have a great day!
|
I also understand, being a admin myself somewhere else, but there are other options like cloudfare etc which you could use. (seeking arrangement and ashley madison seem to be using them)
|
|
Quote
| 2 users liked this post
|
09-17-2016, 09:49 PM
|
#6
|
Lifetime Premium Access
Join Date: Dec 31, 2009
Location: US
Posts: 691
|
Quote:
Originally Posted by St.Christopher
Yes, the site's admins do understand how they work.
You're not allowed to mask your IP here. If you try to do so, your access to the site will be hit and miss.
We don't need to justify our security protocols. We'll do what we feel we need to do to protect the site. Sometimes regular members may feel the effects of measures designed to curb malicious activity. Kinda like having your credit card declined for fraud prevention when it was a legit charge. It's a hassle and a pain in the ass. We understand that, and accept that reality.
Thanks for understanding. Have a great day!
|
Also, if you have a 'malicious' IP you could check it against the TOR list obtained from
https://check.torproject.org/cgi-bin/TorBulkExitList.py
If the address matches that list, then more than likely the 'malicious' guy is going to get another IP in about 5-10 mins, so there is no point blocking that IP address.
There may be a similar list for I2P but I am not aware.
SJ
|
|
Quote
| 1 user liked this post
|
09-18-2016, 02:16 AM
|
#7
|
Account Disabled
Join Date: Oct 24, 2013
Location: Over the rainbow
Posts: 2,997
|
I havent read the previous posts but if you are using a mac device, download Tob its just a browser that makes things far easier. Just look into it.
|
|
Quote
| 1 user liked this post
|
09-20-2016, 05:09 PM
|
#8
|
Account Disabled
|
...
|
|
Quote
| 1 user liked this post
|
09-21-2016, 03:59 PM
|
#9
|
Valued Poster
Join Date: Jul 25, 2016
Location: south ar
Posts: 154
|
You mean tor? I searched for tob but couldn't find anything. Tor masks your IP and st.chris said above that isn't allowed here. HTTPS wouldn't require IP masking. Tor exit nodes can still hijack your eccie account anyway so I'd trust my ISP more than a random tor exit node. I think implanting HTTPS should be critical priority for eccie admins. I'm even willing to help them do it if that would help get it done faster. Not having HTTPS is putting every hobbiest at risk of exposure.
|
|
Quote
| 1 user liked this post
|
09-22-2016, 09:46 AM
|
#10
|
Lifetime Premium Access
Join Date: Dec 31, 2009
Location: US
Posts: 691
|
some guy has compiled tor and released in the itunes appstore and calls it 'tob'
hard to find, but has leaks as I understand, and of course runs in the closed-source iOS of course...
will not come with the snowden stamp of approval :-)
SJ
|
|
Quote
| 1 user liked this post
|
09-22-2016, 09:46 AM
|
#11
|
Lifetime Premium Access
Join Date: Dec 31, 2009
Location: US
Posts: 691
|
some guy has compiled tor and released in the itunes appstore and calls it 'tob'
hard to find, but has leaks as I understand, and of course runs in the closed-source iOS of course...
will not come with the snowden stamp of approval :-)
SJ
|
|
Quote
| 1 user liked this post
|
09-22-2016, 12:21 PM
|
#12
|
Valued Poster
Join Date: Nov 8, 2013
Location: okc
Posts: 1,264
|
Quote:
Originally Posted by sjdude
some guy has compiled tor and released in the itunes appstore and calls it 'tob'
hard to find, but has leaks as I understand, and of course runs in the closed-source iOS of course...
will not come with the snowden stamp of approval :-)
SJ
|
You need to read what Carnegie, has been doing with the FBI and NSA. I do not worry about the exit nod, I worry more about the relays. The early relay cells have been patched, look for new misbehaving relays. The first sign switch out and find a new bridge or jump over to outside TOR, routes. TOB and some of the other,new DW tools are most likely C.M. and NSA coop.
|
|
Quote
| 1 user liked this post
|
10-03-2016, 07:34 AM
|
#13
|
Valued Poster
Join Date: Jul 25, 2016
Location: south ar
Posts: 154
|
Google announced that starting Jan 2017, any website that uses passwords and doesn't use HTTPS will be labelled as non-secure by Chrome. This is great because it will force sites like ECCIE to enable HTTPS.
source: https://security.googleblog.com/2016...ecure-web.html
|
|
Quote
| 1 user liked this post
|
|
AMPReviews.net |
Find Ladies |
Hot Women |
|