Full Disclosure mailing list archives
Re: NiX API
From: nix () myproxylists com
Date: Thu, 9 Jun 2011 19:10:55 +0300
On Thu, 09 Jun 2011 18:05:37 +0300, nix () myproxylists com said:In most cases, the malicious user is denied access even before a fraudulent purchase is made!Since implementation of NiX API with it's current featuers: 0 fraudulent purchases in last 2-3 weeks period. It definitely does something.OK, I'll bite - how many *lost sales* did you have because NIX false-positived and rejected a non-malicious user before a valid purchase was made? Making something that rejects *every* malicious attack is *easy* - just reject every request. Of course, that's not very practical for production use, so you end up having to trade off false positives and negatives to minimize the total cost...
Very good point and question. The proxy detection accuracy is 99%: http://myproxylists.com/proxy-checker (We have own tool to backup this claim and accuracy. This tool has been also tested and developed for over a year). It can test 600,000 proxy in 24 hours using 125 threads on a decent VPS. Dedicated quad-core server can handle multiple instances easily ;) The backlisted hosting provider data accuracy is excellent because we have a fool-proof method before any address range is added. We are verifying this data manually, check their websites and so on. You will see in the API logs from which service provider range the blocked user originated. Tor exit node data blacklist is also 99% accurate. You will have the option to white list any IP or CIDR notation. Also if anyone think there's an error, we will investigate and possibly correct this error in reasonable timeframe. You will also see exactly at which site someone got blocked, why and when. For example my GSP (Game Server Provider) site is getting automated proxy requests all the time which are blocked real-time from accessing the site. I know many of you may want to overlook this new service and questionnaire it's effectiveness. Unfortunatley we have no name yet but please bear in mind that this service is free if you place a backlink. Simply you can test it, there's also the demo. Test it and magic will happend if you happened to have issue with fraudulent or otherway abusive users. For example, unlike the most of other blacklists, their blacklisted open proxy data is based on google. We DO test all the proxies before those proxies will be even added to the database. This whey we have exact details of the proxy, when it worked, what type it was etc. Now another questions may arise, 'there's no such a thing than a 1k working open proxy'. You all are completely wrong, there are a far over 1k working proxy every day and several hundreds of those proxies bybasses paypal's security, and many other payment gateway as well. When we add all hacked hosting providers sites, that's where the most of online fraud and other abuse originates from. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- NiX API nix (Jun 08)
- Re: NiX API phocean (Jun 08)
- Re: NiX API mrx (Jun 08)
- Re: NiX API nix (Jun 09)
- Re: NiX API James Rankin (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API Rove Monteux (Jun 10)
- Re: NiX API mrx (Jun 08)
- Re: NiX API Valdis . Kletnieks (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API David Ford (Jun 09)
- Re: NiX API phocean (Jun 08)
- Re: NiX API mrx (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API adam (Jun 09)
- Re: NiX API jabea (Jun 09)
- Re: NiX API nix (Jun 09)
- Message not available
- Message not available
- Re: NiX API Aaron Turner (Jun 09)
- Re: NiX API nix (Jun 09)
- Re: NiX API Aaron Turner (Jun 09)
- Re: NiX API nix (Jun 09)