[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Axiom-developer] spam attack
|
From: |
Bob McElrath |
|
Subject: |
Re: [Axiom-developer] spam attack |
|
Date: |
Wed, 2 Aug 2006 11:42:11 -0700 |
|
User-agent: |
Mutt/1.5.11+cvs20060403 |
Page, Bill address@hidden wrote:
> Hi Bob,
>
> On Wednesday, August 02, 2006 2:00 PM you wrote:
> > ...
> > Since wiki spam must occur over a HTTP connection, it is
> > 2-way. So, you have the verified IP's of the attackers.
> > Someone is clearly using a zombie net. Consider spawning:
> > iptables -A INPUT -s "$IP" -j DROP
> > when someone posts something in the banned_links.
>
> Are you suggesting that I drop all connections from the
> complete list of ip addresses that are being used by the
> spammers?
Yes.
> So far there are about 200 of these addresses
> scattered over several different subnets so I am not sure
> that this is practical. And as far as I can tell the number
> of ip addresses they are using is growing. I could also
> do something similar using our Apache hosts.deny file but
> I am quite concerned that these are spoofed ip addresses
> and do not really uniquely identify the spammers. Blocking
> all of these addresses might well affect ligitimit users.
Only legitimate users that are using a hacked windows box. And, good
riddance, they should fix their computers.
> > Then, one would want to remove the ban on reguar links
> > or you would hit legitimate users. I'm assuming banned_links
> > would contain only the bad URL's/domain names. So in each
> > case you would get at least one spam.
>
> No, this does seem practical either because there are
> literally hundreds of these domain names.
Yep. Why is that a problem?
> > That's an interesting idea...can the post be held for moderation
> > too, in case someone makes an interesting edit but doesn't have
> > a zope userid?
>
> Hmmm, you mean maybe write it to a non-web accessible or otherwise
> protected log file somewhere? Maybe even to a set of "shadow" pages
> that are only readable by registered Zope users? Moderation is a
> neat idea but it would take some programming work to implement.
Well, ideally something like a mailing list moderation where some
administrator can look at it and just hit a button to allow the edit.
--
Cheers,
Bob McElrath [Univ. of California at Davis, Department of Physics]
Only after you've tried to figure something out for yourself and
failed are you ready to absorb "the answer."
signature.asc
Description: Digital signature
- Re: [Axiom-developer] rate a wiki page, (continued)
- Re: [Axiom-developer] rate a wiki page, Gabriel Dos Reis, 2006/08/02
- [Axiom-developer] Re: Be Bold, Ralf Hemmecke, 2006/08/02
- [Axiom-developer] Re: Be Bold, Ralf Hemmecke, 2006/08/02
- Re: [Axiom-developer] Re: Be Bold, Kai Oliver Kaminski, 2006/08/02
- Re: [Axiom-developer] Re: Be Bold, Ralf Hemmecke, 2006/08/02
- [Axiom-developer] spam attack, Page, Bill, 2006/08/02
- Re: [Axiom-developer] spam attack, Antoine Hersen, 2006/08/02
- RE: [Axiom-developer] spam attack, Page, Bill, 2006/08/02
- Re: [Axiom-developer] spam attack, Bob McElrath, 2006/08/02
- RE: [Axiom-developer] spam attack, Page, Bill, 2006/08/02
- Re: [Axiom-developer] spam attack,
Bob McElrath <=
- RE: [Axiom-developer] spam attack, Page, Bill, 2006/08/02
- [Axiom-developer] Zwiki update, anti-spam thoughts, Simon Michael, 2006/08/03
- Re: [Axiom-developer] Zwiki update, anti-spam thoughts, Bob McElrath, 2006/08/03
- [Axiom-developer] heads-up, code updates, Simon Michael, 2006/08/12
- [Axiom-developer] Re: heads-up, code updates, Simon Michael, 2006/08/13
- [Axiom-developer] Issues with documentation revisions, William Sit, 2006/08/13
- RE: [Axiom-developer] Issues with documentation revisions, Bill Page, 2006/08/13
- RE: [Axiom-developer] Issues with documentation revisions, C Y, 2006/08/14
- Re: [Axiom-developer] Issues with documentation revisions, M. Edward (Ed) Borasky, 2006/08/14
- Re: [Axiom-developer] Issues with documentation revisions, William Sit, 2006/08/14