Wikipedia:Sockpuppet investigations/Max Mux/Archive

Report date February 8 2009, 18:03 (UTC)

 * Suspected sockpuppets

This rather unhelpful edit by User:Max Mux, threating to delete an entire discussion, was followed by an IP editor (User:84.134.97.112) deleting the discussion. I believe Max Mux used the IP sockpuppet to engage in vandalism.
 * Evidence

The IP comes from a German ISP and Max Mux is, I suspect, German as he makes quite a lot of edits over at German Wikipedia.

The user has been accused of vandalism before, always from IP addesss of the type 84.134.*.* — Blue-Haired Lawyer 18:03, 8 February 2009 (UTC)

I've added a further one, same edit as before]. — Blue-Haired Lawyer 21:30, 8 February 2009 (UTC)

A third one,. — Emil J. 14:32, 11 February 2009 (UTC)


 * Comments by accused parties    See Defending yourself against claims.
 * You can stop that nonsense now. I haven`t misguided anyone as you again and again telling me. Thats bullshit. Stop your stupid behavior against me. I only try to stop people who want to vansdalise here in kind. That should be honored not like this. PleaseMax Mux (talk) 20:19, 9 February 2009 (UTC)


 * Comments by other users

——  nix eagle email me 14:54, 11 February 2009 (UTC)
 * Clerk, patrolling admin and checkuser comments
 * I'm going to investigate, but a thought on this might be to block the range 84.134.50.0 - 84.134.100.0. I'd have to look up the proper CIDR ranges. I'm considering requesting a checkuser to check the range for active users and consider doing a rangeblock. ——  nix eagle email me 14:52, 11 February 2009 (UTC)
 * Actually... yea lets do that.
 * Note to checkuser, I selected the range 84.134.50.0 - 84.134.100.0 because of listed IPs here, and listed IPs in the prior SSP case, Suspected sock puppets/Max Mux. All the IPs are inside of the fairly small range I specified. So blocking this range for a few months might cause this problem to go away, however I can't do that until I know if there will be collateral damage (I'm thinking softblock here, eg, disabling account creation though allowing users already there to edit.). ——  nix eagle email me 14:57, 11 February 2009 (UTC)
 * Note by checkuser To capture the above range exactly (83.135.50.0–83.134.99.255) would require four separate rangeblocks:
 * 84.134.52.0/22
 * 84.134.56.0/21
 * 84.134.64.0/19
 * 84.134.96.0/22
 * I'll check them now, but the ranges span the natural breakpoints, and to make one check would need a /17 range or 32,768 instead of the 12,288 in the range you requested above :) -- Avi (talk) 16:25, 11 February 2009 (UTC)
 * for collateral damage check Mayalld (talk) 15:07, 11 February 2009 (UTC)
 * Avraham - has been confirmed to have abused multiple accounts? -- Kanonkas :  Talk  20:15, 11 February 2009 (UTC)
 * See below. -- Avi (talk) 21:30, 11 February 2009 (UTC)
 * Thanks, I've blocked 84.134.52.0/22 84.134.56.0/21 and 84.134.96.0/22 using softblocks but disabling account creation for 6 months... I'm not going to block the other range atm due to the collateral damage, but we shall see if that is required or not. My guess is we are going to have to do at least an anonblock, but... ——  nix eagle email me 22:25, 12 February 2009 (UTC)

Currently available technical evidence indicates the following:
 * Conclusions
 * -- No collateral damage.
 * -- No collateral damage.
 * -- Collateral damage possibility, and no smaller subrange exists to remove change of fallout.
 * -- No collateral damage.

-- Avi (talk) 16:33, 11 February 2009 (UTC)

Note Currently available technical evidence does not indicate that the above editor has abused multiple accounts other than editing logged out as an IP. The above list is solely in response to the question of collateral damage. -- Avi (talk) 21:29, 11 February 2009 (UTC)



Why are you refusing to talk to me about it?Max Mux (talk) 19:06, 18 February 2009 (UTC)