User talk:207.88.52.2

From Wikipedia, the free encyclopedia

This IP address has been blocked because it is believed to be an open proxy or zombie computer. To prevent abuse, editing from these proxies is currently prohibited. If your ISP has misconfigured their proxy, you can try bypassing it by logging into Wikimedia's secure gateway at https://secure.wikimedia.org/wikipedia/en/wiki/. For more information about open proxies and what you can do, please see the WikiProject on open proxies.

Please do not replace Wikipedia pages or sections with blank content, as you did to User talk:207.88.52.2. It is considered vandalism. Please use the sandbox for any other tests you want to do. Take a look at the welcome page if you would like to learn more about contributing to our encyclopedia. Thanks. A link to the edit I have reverted can be found here: link. If you believe this edit should not have been reverted, please contact me. A link to the edit I have reverted can be found here: link. If you believe this edit should not have been reverted, please contact me. Rschen7754 (talk - contribs) 03:59, 8 January 2007 (UTC)

This is not an open proxy

This blocked user (block log | autoblocks | unblock | contribs) asked to be unblocked, but an administrator or other user has reviewed and declined this request. Other administrators or users can also review this block, but should not override the decision without good reason (see the blocking policy). This unblock request continues to be visible. Do not replace this message with another unblock request nor add another unblock request.

Request reason: "No, this is an open proxy. If you are the administrator of this computer and did no intend it to be an open proxy, then your machine may have been cracked; it looks fairly poorly secured and may be infected with a backdoor. —Centrxtalk • 11:52, 8 January 2007 (UTC) "

This template should be removed when the block has expired, or after 2 days in the case of blocks of 1 week or longer.

I am the network administrator here. Why don't you tell me what diagnostic tool you're using so that I can track down the issue. As far as I can tell it's all secure. If you've found a backdoor, then it would be neighborly to tell me wehere. Am I allowed to put the email address here?

I'll notify Centrx about your request. --Rschen7754 (talk - contribs) 04:30, 10 January 2007 (UTC)

It now looks more thoroughly filtered than when I checked before. Port 1234 is still questionable: several trojans/backdoors use this port, and the only "legitimate" service that uses it is a filesharing program. Centrxtalk • 12:02, 10 January 2007 (UTC)

I get the feeling you're messing with me. You said you would unblock our network and now you raise port 1234 as a problem. We have an http server on port 1234 (and several other ports). This is not your average desktop computer, but a secure high-end network device. AFAIK, everything is secure on that port. Again, if you found a vulnerability, I ask that you report it through that web page and don't just advertise heere on Wikipedia. Is this what Wikipedia's used for now, to advertise vulnerable servers on the internet? Again, please don't label our network as compromised if it's not. I keep getting complaints from our customers that they cannot edit Wikipedia. All I can do is shrug my shoulders and pass the buck to Wikipedia.


quick check

I did a quick check.

Port 1234 is not a backdoor program. Based on my brief look, this machine is unlikely to be running any trojans, because trojans are uncommon for this system type. The security of this system is not extremely high or low. It's passable, especially seeing its age.

Certain (mis)configurations can cause a computer to act as an open proxy. Can you please specify how you're identifying this machine as an open proxy? Per email if you prefer?

--Kim Bruning 07:18, 16 January 2007 (UTC)

Thank you for your response. We at XO are not indentifying our network host as an open proxy server.Centrx replied above to say that it is an open proxy server or that Centrx was able to compromise the device through port 1234. I'm not sure if Centrx is someone with any authority at Wikipedia, but I'm getting complaints from our customers/users that they cannot edit Wikipedia. I was directed to this page by a customer and it mistakenly identifies our network as an open proxy servver. Centrx then suggested the network was comrpomised because we use port 1234 for our http server. Nothing about our http server is comrpomised as far as I can tell. If it is, I'd rather Wikipedia not advertise that fact, but to contact us on our (supposedly compromised) web server.
mailto:info-en-o@wikimedia.org is a working e-mail adress you can use, if you would like to escalate at any time. --Kim Bruning 08:40, 16 January 2007 (UTC)

Not an open proxy or zombie computer

This user's request to have the autoblock on their IP address lifted has been DECLINED.

This IP address has been blocked because it is believed to be an open proxy or zombie computer. To prevent abuse, editing from these proxies is currently prohibited. If your ISP has misconfigured their proxy, you can try bypassing it by logging into Wikimedia's secure gateway at https://secure.wikimedia.org/wikipedia/en/wiki/. For more information about open proxies and what you can do, please see the WikiProject on open proxies. (Multi-RBL lookup • VCN proxycheck)

Blocked directly, not autoblocked. -- Yamla 03:00, 21 January 2007 (UTC)


Note: declined unblock requests may only be removed after two days or when the block has expired.