[Operators] Strange registrations

Florian Jensen admin at flosoft.biz
Tue Aug 12 03:57:36 CDT 2008


Hello everyone.

On Tue, 12 Aug 2008 10:41:58 +0200, Clemens Lucas Fries <xmpp at xenoworld.de>
wrote:
> Hello list,
> 
> I wanted to confirm that these registrations never completely halted.  
> I got two new in the last 24 hours. And maybe one or two weeks ago I  
> blocked one IP-address because it registered an account, matching the  
> known scheme, every few minutes. It seems to me that there are days  
> with more activity and I gather from the statistics that at least this  
> apparently hijacked server that was used a while ago isn't used anymore.

Right. I am also having trouble to track down the source of these
registrations. But they continue.

> I really wonder if there were any attacks on MUCs (like the last  
> time), or if it is just registering throw-away accounts without using  
> them.

Yes, this would be interesting to find out.

The problem with this is: We are atleast 1 step behind. We cannot fight the
threat, when you have IBR enabled. And in my oppinion, IBR is one of the
main features of Jabber. You can create an account with any client.

I think we should have a new IBR standard. Something that adds human
verification (CAPTCHA ...), or verification of any other sort. Preferrably
something that is future proof. This then would need to be implemented into
the servers and clients.

Are there any ideas for this?

Greets,

Florian Jensen
-- 
Flosoft.biz / CEK Media Service
CEK Media Service
Seestr. 8
73773 Aichwald
Germany


More information about the Operators mailing list