LISTSERV - LIBLICENSE-L Archives

LIBLICENSE-L Archives

LibLicense-L Discussion Forum

LIBLICENSE-L@LISTSERV.CRL.EDU

	LISTSERV Archives
	LIBLICENSE-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Wiley Registering "Fake DOIs"
From:	LIBLICENSE <[log in to unmask]>
Reply To:	LibLicense-L Discussion Forum <[log in to unmask]>
Date:	Tue, 21 Jun 2016 11:01:54 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (132 lines)

From: Dietrich Rordorf <[log in to unmask]>
Date: Tue, 21 Jun 2016 11:25:58 +0200

Hi Gabriel,

This is common practice with many publishers (and publishing platform
vendors). They use these "fake" DOIs as crawler traps: if you crawl
one of these DOIs, your IP will be banned from the publisher's system.

About two years ago it happened that some users blocked entire
institutions from accessing certain publisher platforms simply by
sharing (and clicking) these fake DOI links on Twitter.

If you crawl publisher systems (for whatever reason) you can partially
avoid these crawler traps by first obtaining and verifying metadata
records from CrossRef before actually crawling the DOI link.

Best regards,
Dietrich

--

Ediqo LLC
https://www.ediqo.com/

Hellring 9
CH-4125 Riehen
Switzerland
Tel. +41 61 60 19 18 7


2016-06-21 2:23 GMT+02:00 LIBLICENSE <[log in to unmask]>:

> From: Gabriel Gardner <[log in to unmask]>
> Date: Mon, 20 Jun 2016 21:16:50 +0000
>
> In case anyone was wondering about the status of this:
>
> https://twitter.com/blahah404/status/736301738974646276, I can confirm
> it is true. See below.
>
> Details and a partial list of “fake DOIs” here:
>
> https://docs.google.com/document/d/1uTVHPI8r4VO31KihsyiBHsh_gp8jZ38fMvP5nP5XOkw/edit
>
> If anyone on here is familiar with the registration of DOIs I’d love
> to have a conversation with you about whether this is a common
> practice.
>
> Gabriel J. Gardner
> Librarian for Criminal Justice, Linguistics, and Romance, German,
> Russian Languages & Literatures
> California State University, Long Beach
> [log in to unmask]
>
> ***********
> From: intellectual property [mailto:[log in to unmask]]
> Sent: Thursday, June 16, 2016 12:35 PM
> To: [redacted] ; Huenniger, Jim - United States
> <[log in to unmask]>; [redacted]
> Cc: DL-securityinternal <[log in to unmask]>; intellectual
> property <[log in to unmask]>; Higdon, William - Hoboken
> <[log in to unmask]>; Cruz, Beth - Hoboken <[log in to unmask]>; Loo,
> Steven - Singapore <[log in to unmask]>; San Miguel, Paula - Singapore
> <[log in to unmask]>; Madej, Julian - Oxford <[log in to unmask]>
> Subject: RE: California State University Long Beach – [redacted]
>
> Dear [redacted],
>
> Wiley has been investigating activity that uses compromised user
> credentials from institutions to access proxy servers like EZProxy
> (or, in some cases, other types of proxy) to then access
> IP-authenticated content from the Wiley Online Library (and other
> material). We have identified a compromised proxy at your institution
> as evidenced by the log file below.
>
> We will need to restrict your institution’s proxy access to Wiley
> Online Library if we do not receive confirmation that this has been
> remedied within the next 24 hours.  While we sincerely regret any
> inconvenience this action may cause, Wiley is obliged to protect its
> intellectual property as well as inform you when we detect
> unauthorized access to Wiley content via your servers. Also note that
> further activity through your proxy may result in additional
> restrictions being placed along with repeat notices.
>
> Please also consider, that beyond illegally downloading copyrighted
> content licensed by your institution, we do not know what else—if
> anything—has been accessed once authenticated by your servers. Also,
> in virtually all instances, the user at your institution has no idea
> that his/her credentials have been compromised. Phishing scams,
> malware and other means are used to obtain these credentials.
>
> With that, we ask that you have your IT or Information Security team
> take the following actions:
>
> Please use the log file below to immediately identify the compromised
> user credentials, reset the user(s) credentials, and kill all active
> sessions.
>
> To kill the active sessions:
>
> 1.            In EZ Proxy Admin, select Server Status.
>
> 2.            Find the user and select Session ID; click on it.
>
> 3.            Another screen will open with session details.
>
> 4.            Beneath that, one option is “Terminate Session.
>
> 5.            Click on it to end the session immediately.
>
> NOTE: ALL open sessions for the compromised user on this server MUST
> be closed after the user has been blocked and/or banned. Restarting
> EZproxy will not achieve this as active sessions are persisted to
> disk.
>
> Once completed, please send an email to [log in to unmask]
> confirming that you have completed the aforementioned actions. If you
> have difficulties in identifying the source of the breach, in your
> response to the [log in to unmask] box, please indicate in
> the subject line “Assistance Needed” and we will try and connect you
> with a member of Wiley’s engineering team to try and assist you or
> your colleagues.
>
> Extracts of web server logs are appended at the end of this email.
>
> Regards,
>
> Wiley Global Intellectual Property Team
>
> **********

ATOM RSS1 RSS2

LISTSERV.CRL.EDU