Sunday, January 28, 2007
Ask maintains a blacklist of IP addresses
Someone at Ask.com should realize that IP addresses are dynamically given out by ISPs to their clients (potentially) each time they connect - so blacklisting "clients" by IP addresses is not a very smart thing to be doing.
I recently found that the IP address I was now allocated was somehow on Ask's blacklist, and that instead of getting Ask's search engine, all I got was a page saying:
I'm not sure if emailing that address is an automated system to remove the IP address from the blacklist - you can probably spot that the text they ask to be included in the body of the email is simply the hex representation of the client's IP address, (repeated 3 times for some reason). (I've obscured the actual address in the example above, but kept the same format).
Having sent the email, I've certainly not gained instant access to Ask again - I rather think that it will be quicker to get a new IP address from the ISP's DHCP server than to sort out Ask's broken blacklist. If Ask wants to use a blacklist system then they should probably expire IP addresses off the blacklist say a few hours after whatever behaviour it is that triggers the inclusion on the list was last detected. That way, zombie machines that continue to do something bad via Ask will remain blacklisted and hence blocked, but legitimate users who inherit an IP address that was previously used by a zombie are not permanently banned.
I recently found that the IP address I was now allocated was somehow on Ask's blacklist, and that instead of getting Ask's search engine, all I got was a page saying:
Your client does not have permission to access this site.
Please refer to the Ask.com terms of service page.(Ask.com and Syndication).
If you feel that you have received this response in error, please send an email to unauthorized@ask.com. Before sending this email, please refer to our terms of service page, accessible at the url provided above.
Please copy and paste the information below into the body of the email.
fff9480d-2fff9480dfff9480d
I'm not sure if emailing that address is an automated system to remove the IP address from the blacklist - you can probably spot that the text they ask to be included in the body of the email is simply the hex representation of the client's IP address, (repeated 3 times for some reason). (I've obscured the actual address in the example above, but kept the same format).
Having sent the email, I've certainly not gained instant access to Ask again - I rather think that it will be quicker to get a new IP address from the ISP's DHCP server than to sort out Ask's broken blacklist. If Ask wants to use a blacklist system then they should probably expire IP addresses off the blacklist say a few hours after whatever behaviour it is that triggers the inclusion on the list was last detected. That way, zombie machines that continue to do something bad via Ask will remain blacklisted and hence blocked, but legitimate users who inherit an IP address that was previously used by a zombie are not permanently banned.
# posted by zmarties @ 1/28/2007 11:09:00 pm 
