[Operators] DDoS attacks against jabber.org

Peter Saint-Andre stpeter at stpeter.im
Fri Feb 7 22:07:26 UTC 2014


On 2/7/14, 2:13 PM, Mathias Ertl wrote:
> On 02/07/2014 06:03 PM, Peter Saint-Andre wrote:
>> On 2/7/14, 9:52 AM, Mathias Ertl wrote:
>>> On Fri, Feb 07, 2014 at 04:16:33PM +0100, Marco Cirillo wrote:
>>>> Given the insistence... I just ended restricting room creation on
>>>> conference.lightwitch.org to the parent domain's users which sorted
>>>> it.
>>>
>>> We did the same, but that solved the issue only for a little while.
>>> Now we
>>> have dedicated accounts set up that just create 100+ MUCs and then other
>>> accounts with similar usernames on other servers also get admin rights
>>> (we
>>> block those as well, btw).
>>
>> It sees best to lock down MUC creation so that only server admins can do
>> it.
>
> I guess you could do that, but that effectively disables MUCs for users.

It disables ad-hoc chatrooms, yes. But on jabber.org we have some 
long-standing chatrooms (e.g., for a Project Gutenberg team) and I don't 
think they would have minded asking for a chatroom.

Peter

-- 
Peter Saint-Andre
https://stpeter.im/


More information about the Operators mailing list