Meta:Open proxy detection/Explanation
When an IP-address has done an edit, a database with open proxy addresses is automatically searched. This database is periodically maintained and consists of more than half a million IP-addresses and IP-ranges. If a match is found, it is reported on this page.
This automatic reporting only takes place if the server of RonaldB is on-line. This is close to 24/7, but there might be drop-outs.
The system receives input from the irc-stream of recent changes. If the system is operational, it is logged-in with the name: op-nnnnn, in which nnnnn is a 5-digit number.
Look here for more (technical) background info.
Explanation of information provided
[edit]- type
- This provides further info on the type of open proxy. If this is preceded by probably, it means that the IP-address has ever been published as open proxy, but the scanning module has not been able to confirm this to be the case.
- Following types are discerned:
- open proxy - a "normal" open proxy. The system does not provide the sub type (e.g. transparent, anonymous, etc.).
- TOR exit node - an IP-address of the TOR network, by which servers on the internet can be accessed (which is not the same as a TOR onion node).
- exit server - some open proxies use another IP-address (possibly a zombie) to access servers on the internet.
- anonymizer - an anonymizing service, generally using a web interface (also called CGI or PHP proxy). The IP-address, by which that service is accessing the internet to request pages, is reported. This is not necessarily the same as the IP-address hosting the service.
- web server - The IP-address, or the range it belongs to, is solely used for web hosting. It may be hacked or is hosting a CGI/PHP proxy.
- JAP - also called JonDo, a rarely used and relatively small anonymizing network.
- If the type designation is followed by an asterisk, this means that the IP-address is known in the database with multiple types. The type is shown with the most recent confirmed date.
- in db since
- The date the IP-address was first contained in the database.
- first confirmed
- The first date the scanner confirmed this IP-address to be an open proxy.
- last confirmed
- The most recent date the scanner confirmed this IP-address to be an open proxy. If the indication is Now !, this means that the open proxy behaviour has been confirmed by an "on-the-fly" check at the moment of editing. This can only be accomplished for "normal" open proxies.
The date information is used for the background-colouring of the entry. The darker, the more likely the IP-address is indeed an open proxy at the moment of editing.