Close
dadaIMC Discussion List
Re: Binghamton-IMC DDoS attack
hi,
did you tried to enable anti-spam function for comments?
*
On 9/4/06, BHUSTON-AT-stny.rr.com <BHUSTON-AT-stny.rr.com> wrote:
> Spud, et. al.,
>
> IMC-Binghamton is under a DDoS attack. Other Dada sites beware.
>
> We have been victimized by comment spam for many months
> now, and while annoying, has not as yet disabled the site.
>
> Sometime yesterday, our site became unusable. I don't know all
> the details yet, but apparently they are doing searches on the
> database using SQL wildcard characters.
>
> Unless anyone has any better ideas, the approach I will take for now is
> as follows
> to get the site back up:
>
> 1) disable the search function
> 2) examine logs to determine worst offending IP address
> 3) manually block IP addresses.
>
> BTW Spud. #3 is especially difficult, b/c the addresses
> in the blocked_ips table is encoded as an MD5 hash.
>
> I think this is a problematic, because it makes checking
> which IPs have been already blocked a problem, especially
> since a database exception is thrown and an email is generated
> to the admin account if you try to add an IP already in the db
> (when using the Admin "block IP" form).
>
> I'm developing some perl scripts to help with this problem,
> which I'll share with other IMCs.
>
> I'll post more to this list as I learn more about the
> problem.
>
> Spud, if you can assist me during this, I would be
> grateful.
>
> --
> Bill Huston
> 607-724-1755
> bhuston-AT-stny.rr.com
> -------------
> To unsubscribe, send blank email
> to dadaIMC-off-AT-lists.dadaimc.org
>
>
--
GPG PUBLIC KEY:
keys.indymedia.org/cgi-bin/lookup
-------------
To unsubscribe, send blank email
to dadaIMC-off-AT-lists.dadaimc.org
did you tried to enable anti-spam function for comments?
*
On 9/4/06, BHUSTON-AT-stny.rr.com <BHUSTON-AT-stny.rr.com> wrote:
> Spud, et. al.,
>
> IMC-Binghamton is under a DDoS attack. Other Dada sites beware.
>
> We have been victimized by comment spam for many months
> now, and while annoying, has not as yet disabled the site.
>
> Sometime yesterday, our site became unusable. I don't know all
> the details yet, but apparently they are doing searches on the
> database using SQL wildcard characters.
>
> Unless anyone has any better ideas, the approach I will take for now is
> as follows
> to get the site back up:
>
> 1) disable the search function
> 2) examine logs to determine worst offending IP address
> 3) manually block IP addresses.
>
> BTW Spud. #3 is especially difficult, b/c the addresses
> in the blocked_ips table is encoded as an MD5 hash.
>
> I think this is a problematic, because it makes checking
> which IPs have been already blocked a problem, especially
> since a database exception is thrown and an email is generated
> to the admin account if you try to add an IP already in the db
> (when using the Admin "block IP" form).
>
> I'm developing some perl scripts to help with this problem,
> which I'll share with other IMCs.
>
> I'll post more to this list as I learn more about the
> problem.
>
> Spud, if you can assist me during this, I would be
> grateful.
>
> --
> Bill Huston
> 607-724-1755
> bhuston-AT-stny.rr.com
> -------------
> To unsubscribe, send blank email
> to dadaIMC-off-AT-lists.dadaimc.org
>
>
--
GPG PUBLIC KEY:
keys.indymedia.org/cgi-bin/lookup
-------------
To unsubscribe, send blank email
to dadaIMC-off-AT-lists.dadaimc.org
Previous message in thread | Next message in thread
Thread
Binghamton-IMC DDoS attack / BHUSTON@stny.rr.com / 04 Sep 2006
• Re: Binghamton-IMC DDoS attack / magduv <magduv-AT-gmail.com> / 31 Dec 1969
Re: Binghamton-IMC DDoS attack / BHUSTON-AT-stny.rr.com / 25 Sep 2006
Re: Binghamton-IMC DDoS attack / John Milton <john-AT-johnmilton.ca> / 25 Sep 2006
Re: Binghamton-IMC DDoS attack / Jon Sullivan <punkrider-AT-gmail.com> / 25 Sep 2006
Report Bugs
dadaIMC uses the Mantis bug-tracking system for bug reporting. Please use it! And check for existing reports of your bug before submitting a new one.
CVS
The current CVS version of dadaIMC is now browseable online. Be forewarned, though, that it is not always in a useable state as-is!
Donations
Support development!