[Operators] XMPP DDoS on yax.im today

A a at creep.im
Wed Aug 31 22:39:53 UTC 2016


Forgot to say, this should be run as root, and I assumed ejabberdctl is 
installed. How did you install ejabberd? From a repository? What system 
you use, by the way?

On 09/01/2016 01:22 AM, Rafal Zawadzki wrote:
> This throws unknown command error.
>
> However, I have in my ejabberd.yml following:
>
>        mod_last: []
>
>
> What I can be missing?
>
>
>
> A – Wed., 31. August 2016 17:47
>> Hey. Something like this'd work:
>>
>> #! /bin/bash
>> IFS='
>> '
>> for USER in `ejabberdctl registered_users creep.im`
>> do
>>           echo $USER": " | tr -d '\n' && ejabberdctl get_last $USER creep.im
>> done
>>
>> Of course you'd like to change "creep.im" to something viable. Here is a
>> pastebin link: pastebin.com/SqG1PTmn
>>
>> On 08/31/2016 06:03 PM, Rafał Zawadzki wrote:
>>> What is the easiest way to find when all accounts have been logged
>>> last time?
>>>
>>> I am using ejabberd and mod_last is activated.
>>>
>>> On 2016-08-30 19:28, Arsimael Inshan wrote:
>>>> Yes. Created accounts which nevet logged in. I delete them every 24h
>>>>
>>>> ------ Originalnachricht------
>>>> VON: Rafał Zawadzki
>>>> On 2016-08-30 16 [1]:06, Peter Schwindt wrote:> Moin,> > On 08/30/2016
>>>> 02:50 PM, Georg Lukas wrote:> > [...]>> A new DDoS is going on for two
>>>> hours now, now from 155 different >> domains>> (most of which are on
>>>> yesterday's list).Hi all,1) I have disabled registration on
>>>> jabberpl.org [2].2) Is there known pattern of the created accoutns to
>>>> spam? I would like to purge the users database.Ki [3]nd
>>>
>>>



More information about the Operators mailing list