Close
dadaIMC Discussion List
Re: Binghamton-IMC DDoS attack
I honestly don't know the present state of things.
I understand we (the sysadmin at our hosting co.)
tried to upgrade dada, but this always breaks the site
(has happened 3-4 times now). We don't have shell access,
so manual fixes are difficult. Apparently the
db conversion failed.
IMC-Binghamton is presently down while we figure out
what to do. Our present ideas are:
1: blow away the database, and install latest dada fresh,
try to migrate the legacy stories/comments later.
2: try a different CMS
Also, our hosting provider is giving us flack, b/c
when our site is DDoS'd, the other sites hosted
on the shared host are whacked as well.
Are other Dada sites experienceing this level of attack?
Or is it just IMC-Binghamton?
What are the experiences of other Dada sites who have
tried the Dada CAPTCHAs? Does it slow down the comment
spam?
--
Bill Huston
607-724-1755
bhuston-AT-stny.rr.com
----- Original Message -----
From: magduv <magduv-AT-gmail.com>
Date: Monday, September 25, 2006 12:17 pm
Subject: Re: Binghamton-IMC DDoS attack
To: dadaIMC Discussion <dadaIMC-AT-lists.dadaimc.org>
> hi,
>
> did you tried to enable anti-spam function for comments?
>
> *
>
>
> On 9/4/06, BHUSTON-AT-stny.rr.com <BHUSTON-AT-stny.rr.com> wrote:
> > Spud, et. al.,
> >
> > IMC-Binghamton is under a DDoS attack. Other Dada sites beware.
> >
> > We have been victimized by comment spam for many months
> > now, and while annoying, has not as yet disabled the site.
> >
> > Sometime yesterday, our site became unusable. I don't know all
> > the details yet, but apparently they are doing searches on the
> > database using SQL wildcard characters.
> >
> > Unless anyone has any better ideas, the approach I will take for
> now is
> > as follows
> > to get the site back up:
> >
> > 1) disable the search function
> > 2) examine logs to determine worst offending IP address
> > 3) manually block IP addresses.
> >
> > BTW Spud. #3 is especially difficult, b/c the addresses
> > in the blocked_ips table is encoded as an MD5 hash.
> >
> > I think this is a problematic, because it makes checking
> > which IPs have been already blocked a problem, especially
> > since a database exception is thrown and an email is generated
> > to the admin account if you try to add an IP already in the db
> > (when using the Admin "block IP" form).
> >
> > I'm developing some perl scripts to help with this problem,
> > which I'll share with other IMCs.
> >
> > I'll post more to this list as I learn more about the
> > problem.
> >
> > Spud, if you can assist me during this, I would be
> > grateful.
> >
> > --
> > Bill Huston
> > 607-724-1755
> > bhuston-AT-stny.rr.com
> > -------------
> > To unsubscribe, send blank email
> > to dadaIMC-off-AT-lists.dadaimc.org
> >
> >
>
>
> --
> GPG PUBLIC KEY:
> keys.indymedia.org/cgi-bin/lookup
> -------------
> To unsubscribe, send blank email
> to dadaIMC-off-AT-lists.dadaimc.org
>
-------------
To unsubscribe, send blank email
to dadaIMC-off-AT-lists.dadaimc.org
I understand we (the sysadmin at our hosting co.)
tried to upgrade dada, but this always breaks the site
(has happened 3-4 times now). We don't have shell access,
so manual fixes are difficult. Apparently the
db conversion failed.
IMC-Binghamton is presently down while we figure out
what to do. Our present ideas are:
1: blow away the database, and install latest dada fresh,
try to migrate the legacy stories/comments later.
2: try a different CMS
Also, our hosting provider is giving us flack, b/c
when our site is DDoS'd, the other sites hosted
on the shared host are whacked as well.
Are other Dada sites experienceing this level of attack?
Or is it just IMC-Binghamton?
What are the experiences of other Dada sites who have
tried the Dada CAPTCHAs? Does it slow down the comment
spam?
--
Bill Huston
607-724-1755
bhuston-AT-stny.rr.com
----- Original Message -----
From: magduv <magduv-AT-gmail.com>
Date: Monday, September 25, 2006 12:17 pm
Subject: Re: Binghamton-IMC DDoS attack
To: dadaIMC Discussion <dadaIMC-AT-lists.dadaimc.org>
> hi,
>
> did you tried to enable anti-spam function for comments?
>
> *
>
>
> On 9/4/06, BHUSTON-AT-stny.rr.com <BHUSTON-AT-stny.rr.com> wrote:
> > Spud, et. al.,
> >
> > IMC-Binghamton is under a DDoS attack. Other Dada sites beware.
> >
> > We have been victimized by comment spam for many months
> > now, and while annoying, has not as yet disabled the site.
> >
> > Sometime yesterday, our site became unusable. I don't know all
> > the details yet, but apparently they are doing searches on the
> > database using SQL wildcard characters.
> >
> > Unless anyone has any better ideas, the approach I will take for
> now is
> > as follows
> > to get the site back up:
> >
> > 1) disable the search function
> > 2) examine logs to determine worst offending IP address
> > 3) manually block IP addresses.
> >
> > BTW Spud. #3 is especially difficult, b/c the addresses
> > in the blocked_ips table is encoded as an MD5 hash.
> >
> > I think this is a problematic, because it makes checking
> > which IPs have been already blocked a problem, especially
> > since a database exception is thrown and an email is generated
> > to the admin account if you try to add an IP already in the db
> > (when using the Admin "block IP" form).
> >
> > I'm developing some perl scripts to help with this problem,
> > which I'll share with other IMCs.
> >
> > I'll post more to this list as I learn more about the
> > problem.
> >
> > Spud, if you can assist me during this, I would be
> > grateful.
> >
> > --
> > Bill Huston
> > 607-724-1755
> > bhuston-AT-stny.rr.com
> > -------------
> > To unsubscribe, send blank email
> > to dadaIMC-off-AT-lists.dadaimc.org
> >
> >
>
>
> --
> GPG PUBLIC KEY:
> keys.indymedia.org/cgi-bin/lookup
> -------------
> To unsubscribe, send blank email
> to dadaIMC-off-AT-lists.dadaimc.org
>
-------------
To unsubscribe, send blank email
to dadaIMC-off-AT-lists.dadaimc.org
Previous message in thread | Next message in thread
Thread
Binghamton-IMC DDoS attack / BHUSTON@stny.rr.com / 04 Sep 2006
Re: Binghamton-IMC DDoS attack / magduv <magduv-AT-gmail.com> / 31 Dec 1969
• Re: Binghamton-IMC DDoS attack / BHUSTON-AT-stny.rr.com / 25 Sep 2006
Re: Binghamton-IMC DDoS attack / John Milton <john-AT-johnmilton.ca> / 25 Sep 2006
Re: Binghamton-IMC DDoS attack / Jon Sullivan <punkrider-AT-gmail.com> / 25 Sep 2006
Report Bugs
dadaIMC uses the Mantis bug-tracking system for bug reporting. Please use it! And check for existing reports of your bug before submitting a new one.
CVS
The current CVS version of dadaIMC is now browseable online. Be forewarned, though, that it is not always in a useable state as-is!
Donations
Support development!