Close
dadaIMC Discussion List
Re: Binghamton-IMC DDoS attack
Illich hosts 6 dada sites, no DDos here and Captchas give good, but not
perfect spam control, but of course make the site broken for blind users
, which is very bad but the only practical option we have now...
BHUSTON-AT-stny.rr.com wrote:
> I honestly don't know the present state of things.
> I understand we (the sysadmin at our hosting co.)
> tried to upgrade dada, but this always breaks the site
> (has happened 3-4 times now). We don't have shell access,
> so manual fixes are difficult. Apparently the
> db conversion failed.
>
> IMC-Binghamton is presently down while we figure out
> what to do. Our present ideas are:
>
> 1: blow away the database, and install latest dada fresh,
> try to migrate the legacy stories/comments later.
>
> 2: try a different CMS
>
> Also, our hosting provider is giving us flack, b/c
> when our site is DDoS'd, the other sites hosted
> on the shared host are whacked as well.
>
> Are other Dada sites experienceing this level of attack?
> Or is it just IMC-Binghamton?
>
> What are the experiences of other Dada sites who have
> tried the Dada CAPTCHAs? Does it slow down the comment
> spam?
>
> --
> Bill Huston
> 607-724-1755
> bhuston-AT-stny.rr.com
>
> ----- Original Message -----
> From: magduv <magduv-AT-gmail.com>
> Date: Monday, September 25, 2006 12:17 pm
> Subject: Re: Binghamton-IMC DDoS attack
> To: dadaIMC Discussion <dadaIMC-AT-lists.dadaimc.org>
>
>>hi,
>>
>>did you tried to enable anti-spam function for comments?
>>
>>*
>>
>>
>>On 9/4/06, BHUSTON-AT-stny.rr.com <BHUSTON-AT-stny.rr.com> wrote:
>>
>>>Spud, et. al.,
>>>
>>>IMC-Binghamton is under a DDoS attack. Other Dada sites beware.
>>>
>>>We have been victimized by comment spam for many months
>>>now, and while annoying, has not as yet disabled the site.
>>>
>>>Sometime yesterday, our site became unusable. I don't know all
>>>the details yet, but apparently they are doing searches on the
>>>database using SQL wildcard characters.
>>>
>>>Unless anyone has any better ideas, the approach I will take for
>>
>>now is
>>
>>>as follows
>>>to get the site back up:
>>>
>>>1) disable the search function
>>>2) examine logs to determine worst offending IP address
>>>3) manually block IP addresses.
>>>
>>>BTW Spud. #3 is especially difficult, b/c the addresses
>>>in the blocked_ips table is encoded as an MD5 hash.
>>>
>>>I think this is a problematic, because it makes checking
>>>which IPs have been already blocked a problem, especially
>>>since a database exception is thrown and an email is generated
>>>to the admin account if you try to add an IP already in the db
>>>(when using the Admin "block IP" form).
>>>
>>>I'm developing some perl scripts to help with this problem,
>>>which I'll share with other IMCs.
>>>
>>>I'll post more to this list as I learn more about the
>>>problem.
>>>
>>>Spud, if you can assist me during this, I would be
>>>grateful.
>>>
>>>--
>>>Bill Huston
>>>607-724-1755
>>>bhuston-AT-stny.rr.com
>>>-------------
>>>To unsubscribe, send blank email
>>>to dadaIMC-off-AT-lists.dadaimc.org
>>>
>>>
>>
>>
>>--
>>GPG PUBLIC KEY:
>>http://keys.indymedia.org/cgi-bin/lookup?op=get&search=F784904E
>>-------------
>>To unsubscribe, send blank email
>>to dadaIMC-off-AT-lists.dadaimc.org
>>
>
> -------------
> To unsubscribe, send blank email
> to dadaIMC-off-AT-lists.dadaimc.org
>
>
>
--
Peace: John Milton
email: john-AT-johnmilton.ca
Skype name (VoIP): john.e.milton
mobile phone (Canada): 905-537-8472
web: johnmilton.ca
Encrypted email welcome. PGP key on my website
Fingerprint: 40D8 5835 7230 8EE1 E968 1E7A 5CF1 68A6 C0E2 F9DC
-------------
To unsubscribe, send blank email
to dadaIMC-off-AT-lists.dadaimc.org
perfect spam control, but of course make the site broken for blind users
, which is very bad but the only practical option we have now...
BHUSTON-AT-stny.rr.com wrote:
> I honestly don't know the present state of things.
> I understand we (the sysadmin at our hosting co.)
> tried to upgrade dada, but this always breaks the site
> (has happened 3-4 times now). We don't have shell access,
> so manual fixes are difficult. Apparently the
> db conversion failed.
>
> IMC-Binghamton is presently down while we figure out
> what to do. Our present ideas are:
>
> 1: blow away the database, and install latest dada fresh,
> try to migrate the legacy stories/comments later.
>
> 2: try a different CMS
>
> Also, our hosting provider is giving us flack, b/c
> when our site is DDoS'd, the other sites hosted
> on the shared host are whacked as well.
>
> Are other Dada sites experienceing this level of attack?
> Or is it just IMC-Binghamton?
>
> What are the experiences of other Dada sites who have
> tried the Dada CAPTCHAs? Does it slow down the comment
> spam?
>
> --
> Bill Huston
> 607-724-1755
> bhuston-AT-stny.rr.com
>
> ----- Original Message -----
> From: magduv <magduv-AT-gmail.com>
> Date: Monday, September 25, 2006 12:17 pm
> Subject: Re: Binghamton-IMC DDoS attack
> To: dadaIMC Discussion <dadaIMC-AT-lists.dadaimc.org>
>
>>hi,
>>
>>did you tried to enable anti-spam function for comments?
>>
>>*
>>
>>
>>On 9/4/06, BHUSTON-AT-stny.rr.com <BHUSTON-AT-stny.rr.com> wrote:
>>
>>>Spud, et. al.,
>>>
>>>IMC-Binghamton is under a DDoS attack. Other Dada sites beware.
>>>
>>>We have been victimized by comment spam for many months
>>>now, and while annoying, has not as yet disabled the site.
>>>
>>>Sometime yesterday, our site became unusable. I don't know all
>>>the details yet, but apparently they are doing searches on the
>>>database using SQL wildcard characters.
>>>
>>>Unless anyone has any better ideas, the approach I will take for
>>
>>now is
>>
>>>as follows
>>>to get the site back up:
>>>
>>>1) disable the search function
>>>2) examine logs to determine worst offending IP address
>>>3) manually block IP addresses.
>>>
>>>BTW Spud. #3 is especially difficult, b/c the addresses
>>>in the blocked_ips table is encoded as an MD5 hash.
>>>
>>>I think this is a problematic, because it makes checking
>>>which IPs have been already blocked a problem, especially
>>>since a database exception is thrown and an email is generated
>>>to the admin account if you try to add an IP already in the db
>>>(when using the Admin "block IP" form).
>>>
>>>I'm developing some perl scripts to help with this problem,
>>>which I'll share with other IMCs.
>>>
>>>I'll post more to this list as I learn more about the
>>>problem.
>>>
>>>Spud, if you can assist me during this, I would be
>>>grateful.
>>>
>>>--
>>>Bill Huston
>>>607-724-1755
>>>bhuston-AT-stny.rr.com
>>>-------------
>>>To unsubscribe, send blank email
>>>to dadaIMC-off-AT-lists.dadaimc.org
>>>
>>>
>>
>>
>>--
>>GPG PUBLIC KEY:
>>http://keys.indymedia.org/cgi-bin/lookup?op=get&search=F784904E
>>-------------
>>To unsubscribe, send blank email
>>to dadaIMC-off-AT-lists.dadaimc.org
>>
>
> -------------
> To unsubscribe, send blank email
> to dadaIMC-off-AT-lists.dadaimc.org
>
>
>
--
Peace: John Milton
email: john-AT-johnmilton.ca
Skype name (VoIP): john.e.milton
mobile phone (Canada): 905-537-8472
web: johnmilton.ca
Encrypted email welcome. PGP key on my website
Fingerprint: 40D8 5835 7230 8EE1 E968 1E7A 5CF1 68A6 C0E2 F9DC
-------------
To unsubscribe, send blank email
to dadaIMC-off-AT-lists.dadaimc.org
Previous message in thread | Next message in thread
Thread
Binghamton-IMC DDoS attack / BHUSTON@stny.rr.com / 04 Sep 2006
Re: Binghamton-IMC DDoS attack / magduv <magduv-AT-gmail.com> / 31 Dec 1969
Re: Binghamton-IMC DDoS attack / BHUSTON-AT-stny.rr.com / 25 Sep 2006
• Re: Binghamton-IMC DDoS attack / John Milton <john-AT-johnmilton.ca> / 25 Sep 2006
Re: Binghamton-IMC DDoS attack / Jon Sullivan <punkrider-AT-gmail.com> / 25 Sep 2006
Report Bugs
dadaIMC uses the Mantis bug-tracking system for bug reporting. Please use it! And check for existing reports of your bug before submitting a new one.
CVS
The current CVS version of dadaIMC is now browseable online. Be forewarned, though, that it is not always in a useable state as-is!
Donations
Support development!