[Operators] DDoS attacks against jabber.org

Mathias Ertl mati at fsinf.at
Fri Feb 7 21:13:03 UTC 2014


On 02/07/2014 06:03 PM, Peter Saint-Andre wrote:
> On 2/7/14, 9:52 AM, Mathias Ertl wrote:
>> On Fri, Feb 07, 2014 at 04:16:33PM +0100, Marco Cirillo wrote:
>>> Given the insistence... I just ended restricting room creation on
>>> conference.lightwitch.org to the parent domain's users which sorted
>>> it.
>>
>> We did the same, but that solved the issue only for a little while.
>> Now we
>> have dedicated accounts set up that just create 100+ MUCs and then other
>> accounts with similar usernames on other servers also get admin rights
>> (we
>> block those as well, btw).
> 
> It sees best to lock down MUC creation so that only server admins can do
> it.

I guess you could do that, but that effectively disables MUCs for users.

greetings, Mati

-- 
twitter: @mathiasertl | xing: Mathias Ertl | email: mati at er.tl
I only read plain-text mail!  I prefer signed/encrypted mail!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6044 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20140207/3293c0e2/attachment-0001.bin>


More information about the Operators mailing list