Wikipedia

Wikipedia:Check user: differenze tra le versioni

Naviga nella cronologia in modo interattivo
← Differenza precedenteDifferenza successiva →
Contenuto cancellato Contenuto aggiunto
VisualeWikitesto
m ha spostato Wikipedia:Chek user a Wikipedia:Check user: refuso nel titolo
m WIP
Riga 1:
La funzione di CheckUser permette agli utenti con il premesso checkuser di controllare quali IP sono assegnati ad un nome utente, e quali nomi utente sono assegnati ad un certo IP, senza bisogno di avviare le query del database a mano. Questo consente agli amministratori di dedicarsi di più alla gestione del sistema.
 
L'uso più pratico di questa funzione è di verificare i sockpuppet degli utenti bloccati.
 
'''(Gli utenti senza il permesso checkuser visualizzeranno un messaggio d'errore)'''
 
Questa pagina conterrà le informazioni relative agli utenti con il permesso di [[:meta:CheckUser|Check user]] su it.wikipedia. Nel frattempo si sta svolgendo una [[Discussioni_wikipedia:Chek user|discussione]] in proposito.
 
<!--==Wikimedia privacy policy==
 
On [[Wikimedia]] wikis, [[Wikimedia:privacy policy|privacy policy]] considerations are of tremendous importance. Unless someone is definitely violating policy with their actions (''e.g.'' massive bot vandalism or spam), revealing their IP, whereabouts or other information sufficient to identify them is likely a violation.
 
CheckUser is essentially a [[:en:system administrator|system administrator]] level function ("[[developers|developer]]" in Wikimedia jargon), and requires the level of confidentiality one would apply to our most confidential user data.
 
The relevant section of the privacy policy is:
 
:''Policy on release of data derived from page logs
 
:''It is the policy of Wikimedia that personally identifiable data collected in the server logs will not be released by the developers who have access to it, except as follows:
 
:#''In response to a valid subpoena or other compulsory request from law enforcement
:#''With permission of the affected user
:#''To Jimbo Wales, his legal counsel, or his designee, when necessary for investigation of abuse complaints.
:#''Where the information pertains to page views generated by a spider or bot and its dissemination is necessary to illustrate or resolve technical issues.
:#''Where the user has been vandalising articles or persistently behaving in a disruptive way, data may be released to assist in the targetting of IP blocks, or to assist in the formulation of a complaint to relevant Internet Service Providers
:#''Where it is reasonably necessary to protect the rights, property or safety of the Wikimedia Foundation, its users or the public.
 
:''Wikimedia policy does not permit public distribution of such information under any circumstances, except as described above.
 
===Information release===
 
:''Note: CheckUser information release is governed by the [[CheckUser Policy]].''
 
Even if the user is committing abuse, it's best not to reveal personal information if possible.
 
*If the user has said they're from somewhere and the IP confirms it, it's not releasing private information to confirm it if appropriate.
*If they're on a large ISP (''e.g.'' AOL, NTL, BT, Telstra), they're one of millions and it's not personally identifiable.
*Revealing the country is generally not personally identifiable (''e.g.'' "User:Querulous is coming in from the UK, User:Sockpuppet is coming in from Canada").
*If you're in any doubt at all, give no detail and answer like a [[:en:magic 8-ball|magic 8-ball]].
 
===Mailing list===
For Wikimedia checkers, there is a mailing list, [http://mail.wikipedia.org/mailman/listinfo/checkuser-l checkuser-l]. This is a closed list. Use this list to ask for help, ideas and second opinions if you're not sure what the data means.
 
==Come si usa==
[[Utente:Blabla|Utente:Blabla]] sta facendo [[m:Don't be a dick|qualcosa di altamente antisociale e abusivo]] e questo porta a pensare che sia un sockpuppet di un utente bloccato. Hai il permesso CheckUser e la tua wiki policy ti permette di controllare Blabla.
-->
# Vai in [[Speciale:CheckUser]].
# In "Utente:", scrivi <tt>Blabla</tt> (''non'' <tt>Utente:Blabla</tt>) e clicca il pulsante "OK". (Non procede se si batte solo l'Invio!)
# Otterrete tutti gli IP assegnati a Utente:Blabla nella tabella delle ultime modifiche.
# Controlla gli IP usando <tt>[[:en:whois|whois]]</tt> e <tt>[[:en:nslookup|nslookup]]</tt>.
# Se il punto precedente non lo rende inutile, clicca sopra ciascuno degli IP elencati (Potete essere utile aprire ogni IP in una nuova finestra o in un nuovo tab)
# Clicca, in tutte le finestre IP aperte, il tasto "OK" dopo "IP:". Saranno allora elencati tutte le entrate dell'IP nella tabella delle ultime modifiche. Ora hai la lista di tutti i nomi utenti che hanno contribuito sando quell'IP.<!--
#You may then wish to check any new usernames to see if the editing patterns are suspiciously similar.
 
==IP range checking==
 
You can check an IP range of /16 or /24, not just a single IP. Enter ''aaa.bbb.ccc''.0/24 or ''aaa.bbb''.0.0/16 as the IP and you will get all edits from that IP range, ''e.g.'' 172.216.0.0/16 will give all edits from one of the AOL proxy ranges. (''Note:'' using a useless query for an example.)
 
(You can only check /16 or /24, not other ranges. IPs are stored as text, so /16 or /24 is easy to compare but other ranges would require calculation.)
 
==Hints and tips==
 
*CheckUser is not magic wiki [[:en:pixie dust|pixie dust]]. Almost all queries about IPs will be because two editors were ''behaving'' the same way. An editing pattern match is the important thing; the IP match is really just extra evidence (or not).
*Most dialup and a lot of DSL and cable IPs are dynamic. They might change every session, every day, every week, every few months or hardly ever. Unless the access times are right next to each other, be cautious in declaring a match. After a while, you get to know which ISPs change fast or slow.
*If it's a proxy, it might not be a match, depending on the size of the organisation running the proxy (per <tt>whois</tt> output). If it's an ISP proxy, it is not so likely to be a match.
*If it's an AOL address, you're out of luck &mdash; AOL sends each ''page request'' through a different proxy.
*If a username is using lots of different IPs in various countries, the IPs may well be open proxies. Check with an open proxy checker.
*Edits from addresses allocated to [[:en:Web hosting|hosting facilities]] ''almost'' always indicates the use of compromised hosting servers to nefarious ends. Note, however, that the user may have a legitimate shell account on the machine.
 
==Useful tools==
 
"Unix" here includes [[:en:Unix-like|Unix-like]], [[:en:Linux|Linux]] and [[:en:Mac OS X|Mac OS X]] computers.
 
* '''[[:en:whois|whois]]:''' On Unix, start a [[:en:terminal emulator|terminal]] and type <code>whois [''IP address'']</code> at the command line. This should tell you who owns the IP, what the range is and may also note what they use it for. On Windows, [http://all-nettools.com/toolbox All Net Tools] has a pretty good web-based whois (which does an nslookup as well).
* '''[[:en:nslookup|nslookup]]:''' On Unix or Windows, <code>nslookup [''IP address'']</code> at the command line will give you the [[:en:FQDN|fully qualified ___domain name]] associated with the IP. Note that not all IPs have a [[:en:___domain name|___domain name]], so don't worry if nothing comes back. If you're on Windows, the All Net Tools whois also gives you the FQDN.
* '''[[en:traceroute|traceroute]]:''' With [[:en:IP address|IP]]'s from some [[en:Internet service provider|Internet Service Providers]] it may be useful to use the traceroute command and compare the results between two or more IP. The site [http://all-nettools.com/toolbox All Net Tools] also gives you traceroute function if you don't have it as a [[en:Command line interface|command line]].
** '''tcptraceroute:''' A version of traceroute that uses [[en:Transmission Control Protocol|TCP]] packets, which get through some firewalls and packet filters that stop [[en:Internet Control Message Protocol|ICMP]] packets. Source code for Unix-like systems is [http://michael.toren.net/code/tcptraceroute/ here]; most Linux distributions have a package available with it.
* '''Open proxy checking:''' David has yet to find a good tool for this. (<tt>proxycheck</tt> doesn't do what I want.) There are a number of online proxy checkers: [http://www.checker.freeproxy.ru/checker/]. (I have not tried them.) Help needed. I usually work on a combination of online proxy list checking and educated guesswork ;-) [[:en:User:Tawker]] runs a web-based proxy checker. To request access to it, contact him on [[:en:User:Tawker|his talk page]].
* '''Checks for other abuse of an IP:''' http://www.rbls.org/ gives the status of any IP address on a number of [[:en:DNSBL|Realtime Blackhole Lists]]. Note that some RBL blocks should be expected, ''e.g.'' many block home dynamic IPs for [[:en:SMTP|SMTP]], but that's not a problem for a wiki. If a user only uses open proxies or addresses marked as sources of abuse, your suspicions may be raised.
 
==How it works==
 
CheckUser checks against the recentchanges table. This means you can only query data as far back as recentchanges goes. (On Wikimedia wikis, this is nominally a week to a month, though it may be more if the database administrators want to keep more data and have room for it.)
 
The username check is a fairly intensive query, and if the database is under heavy load it may time out before returning. The IP check is much faster.-->
 
Il "source code" si trova in http://cvs.sourceforge.net/viewcvs.py/wikipedia/extensions/CheckUser.php .
Estratto da "https://it.wikipedia.org/wiki/Wikipedia:Check_user"