[Operators] DDoS attacks against jabber.org

Marco Cirillo maranda at lightwitch.org
Fri Feb 7 15:16:33 UTC 2014


I vaguely remember in the past having a discussion with MattJ about 
these rooms years back,
I pointed out that mostly the rooms were just placeholders having 
subjects pointing to rooms on other conference servers.. and this in my 
opinion is semantically no different from unsollicited advertising / 
spamming.

Given the insistence... I just ended restricting room creation on 
conference.lightwitch.org to the parent domain's users which sorted it.

On 07/02/2014 15:59, Peter Saint-Andre wrote:
> I have a hunch, which the other jabber.org admins don't necessarily 
> agree with, that this is related to conflict in Syria. Most of the 
> rooms that various attackers are interested in have names related to 
> Syria (e.g., English or Arabic versions of Aleppo, Homs, etc.). This 
> would be consistent with other activities I've seen (various people 
> claiming that they used to be admins in these rooms and now need to be 
> given admin rights, etc.).
>
> But, of course, I might be mistaken.
>
> Peter


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4512 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20140207/10e635eb/attachment.bin>


More information about the Operators mailing list