[Operators] DoS attacker: "mafia_rullezz_*"
nicolas.verite at gmail.com
Fri Dec 2 13:59:47 UTC 2011
Maybe some precision:
all the "mafia_rullezz_*" JIDs come from S2S (other servers and
domains), and they all target only one of our hosted users.
So, maybe you can all check your domains, that you have no such JIDs.
On Fri, Dec 2, 2011 at 13:27, Nigel Kukard <nkukard at lbsd.net> wrote:
> On 12/02/11 12:25, Nicolas Vérité wrote:
>> Hi all,
>> Just a quick email to let you know that we are facing DoS attack on
>> Hosted.IM, our XMPP service hosting platform.
>> The attacker has "mafia_rullezz_*" in its multiple JIDs. It just sends
>> messages. At least another XMPP server suffered from these kind of
> I get registration requests and blackholed all the IP's I saw registrations
> Not sure if you're the victim or host that he's using, but ... here is my
> blackhole list
> blackhole 18.104.22.168
> blackhole 22.214.171.124
> blackhole 126.96.36.199
> blackhole 188.8.131.52
> blackhole 184.108.40.206
> blackhole 220.127.116.11
> blackhole 18.104.22.168
> blackhole 22.214.171.124
> blackhole 126.96.36.199
> blackhole 188.8.131.52
> blackhole 184.108.40.206
> blackhole 220.127.116.11/24
Nicolas Vérité (Nÿco) mailto:nicolas.verite at gmail.com
Jabber ID : xmpp:nyco at jabber.fr
More information about the Operators