[Operators] XMPP DDoS on yax.im today

psjbeisler psjbeisler at gmail.com
Wed Oct 5 08:44:28 UTC 2016

its a Tor exit node, i had the same IP doing the same thing a few nights
ago. (Sept. 30)
I blocked it as a temporary measure, but thinking it may be a bad node now.

accounts were:


and were all purged.

On Wed, Oct 5, 2016 at 4:31 AM, Georg Lukas <georg at op-co.de> wrote:

> * Nikolay Mitev <face at hmel.org> [2016-10-05 10:23]:
> > On Sat, Sep 03, 2016 at 12:35:04PM -0700, Tony wrote:
> > > In addition to please also watch out for
> Small status update: in the last weeks I had repeated bursts of
> registrations from that IP. It looks like the ISP doesn't react or care
> (they created a ticket and claimed the user has to fix the problem
> within 72h, nothing changed). Blacklisted it now.
> > Just got a registration from for user
> > mfextezede at hmel.org
> >
> > what's the best way to handle the situation? Ban the ip, delete user?
> Ideally, both. Also check previous registrations from either IP and
> delete them as well.
> Georg

The Internet is changing, consider securing your messages with PGP.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.jabber.org/pipermail/operators/attachments/20161005/7063c777/attachment.html>

More information about the Operators mailing list