Not logged in — Log In

• Home
• Administrate
• IP lookup and removal
• Using DroneBL
• Request a Key
• Activity Log
• Statistical breakdown
• DroneBL Blog!
• Source code

thoughts on tracking spammers and griefers

The types of services that DroneBL caters to (online real-time communities) have common problems of spamming and griefing (abusive threats toward what are usually administrators or channel owners, likely due to being banned for violations of community rules). In fact, in some cases the spam activity itself is a form of internet griefing.

On this topic, I wrote the following on the irc-security list, which I want to expand on here, because we intend to experiment with ways to deal with these problems next:

What we need to stop this undesired behaviour is extensive solidarity,
in many forms:

1) Services like DroneBL. These services can be used to stop his
spambot, by listing his IP immediately upon reports of spam.
Approximately more than 90% of known networks are using DroneBL as a
reference for banning. By adding his source IPs, this reduces his attack
vector by at least 90%.

2) Making it very clear that the IRC community will not condone networks
that harbour or condone his behaviour, or even worse, encourage as is
the current situation. In the current situation, the owner of
irc.darkscience.ws has been seen as saying that ep0ch is a friend of
his, and that he fully supports the activity. By speaking loudly to
upstream providers of this network and pursuing suspensions, this
behaviour will likely be curbed.

3) Making it very clear that the IRC community will not condone service
providers which profit from networks/servers benefiting from spam. The
IRC community has a voice with DroneBL, and other services like it, to
ensure that there are harsh penalties for service providers which
harbour spam sources or beneficiaries. 

While I do not typically believe in community lynchings of net trash, if
we really want this behaviour to stop, we must become more aggressive in
ensuring that it is infact stopped. That said, we should be very careful
that networks being spammed by people like ep0ch are not victims
themselves before taking direct action.

But, the basic idea is, "if you spam on IRC, there will be a penalty."
Or, something like that. Thoughts? Maybe I am just rambling crackaddled
thoughts here?

A large part of the problem is that there is no system for tracking the people behind the abuse. Without such an effort, there is no way that the communities DroneBL provides services to can deal with stopping them in some sense of full solidarity.

So, we need a system to deal with griefers like the person I describe on irc-security in that post. Is DroneBL itself that system? No!

But, is such a system related to the mission of DroneBL? Yes, it is. However, such a system needs to be designed where the community can collaborate on collecting as much evidence of abuse as possible. Collection of large dossiers of abuse against IRC spammers and griefers will be helpful in taking action with abuse desks at ISPs.

But what about ISPs that do not care? Obviously, we cannot ban AT&T, but we can for instance, pressure service providers to do the right thing. For example, a shell provider hosting services belonging to the spammer, could be convinced to drop the spammer's account. In such a case, the abuser would have less resources to use for causing trouble.

Also by having a service which tracks the people behind the netabuse, we can put pressure on them to do the right thing and discontinue their abusive activities.

So, the question is, if I made a service which tracked people, making them no longer anonymous, and providing the IRC community with the ability to make it clear that there will be a consequence for these abusers, would people actually use it to make the consequence effective?

What would need to be done to make such a service, and it's consequence effective? Is the IRC community willing to cooperate to make such a service effective and trustworthy? We need to make sure we are truly banning dirt, such a system could be used as a tool for vengeance and revenge easily, if created with the wrong policies.

I would love to hear thoughts (in the form of lovely comments, especially). This is a tricky situation, and if we, as a community work on making it happen, we should make sure we get it right the first time.

nenolod / Nov-14-2008 06:01:34 GMT / 4 comment(s) / Comment

DroneBL database rebuild

Through a series of unfortunate circumstances, the DroneBL database was lost. The blacklist was successfully imported from a mirror, and should be back the way it was before the crash.

However, RPCkeys were lost and should be re-requested. If you wish to continue using the same RPCkey you have been using, please visit us in #dronebl on irc.atheme.org. State your purpose in the channel, and a DroneBL staff member will address your request as soon as possible. Otherwise, feel free to use the key request page.

Thank you for your patience, and thanks to the DroneBL staff members who worked diligently to restore the DroneBL service with very little downtime.

rojo / Oct-20-2008 15:41:03 GMT / 0 comment(s) / Comment