[Operators] XMPP DDoS on yax.im today

A a at creep.im
Thu Sep 1 00:17:53 UTC 2016


When I said "by root" I meant that the command is supposed to be 
executed by superuser. In Ubuntu you typically use sudo for this.

You may try:

sudo /opt/ejabberd-16.08/bin/ejabberdctl

to list all available commands and check if get_last is there.


On 09/01/2016 01:59 AM, Rafal Zawadzki wrote:
> I have installed as dedicated user in /opt/ejabberd directory. What do you mean by root? System ubuntu.
>
>
> A – Thu., 1. September 2016 0:40
>> Forgot to say, this should be run as root, and I assumed ejabberdctl is
>> installed. How did you install ejabberd? From a repository? What system
>> you use, by the way?
>>
>> On 09/01/2016 01:22 AM, Rafal Zawadzki wrote:
>>> This throws unknown command error.
>>>
>>> However, I have in my ejabberd.yml following:
>>>
>>>         mod_last: []
>>>
>>>
>>> What I can be missing?
>>>
>>>
>>>
>>> A – Wed., 31. August 2016 17:47
>>>> Hey. Something like this'd work:
>>>>
>>>> #! /bin/bash
>>>> IFS='
>>>> '
>>>> for USER in `ejabberdctl registered_users creep.im`
>>>> do
>>>>            echo $USER": " | tr -d '\n' && ejabberdctl get_last $USER creep.im
>>>> done
>>>>
>>>> Of course you'd like to change "creep.im" to something viable. Here is a
>>>> pastebin link: pastebin.com/SqG1PTmn
>>>>
>>>> On 08/31/2016 06:03 PM, Rafał Zawadzki wrote:
>>>>> What is the easiest way to find when all accounts have been logged
>>>>> last time?
>>>>>
>>>>> I am using ejabberd and mod_last is activated.
>>>>>
>>>>> On 2016-08-30 19:28, Arsimael Inshan wrote:
>>>>>> Yes. Created accounts which nevet logged in. I delete them every 24h
>>>>>>
>>>>>> ------ Originalnachricht------
>>>>>> VON: Rafał Zawadzki
>>>>>> On 2016-08-30 16 [1]:06, Peter Schwindt wrote:> Moin,> > On 08/30/2016
>>>>>> 02:50 PM, Georg Lukas wrote:> > [...]>> A new DDoS is going on for two
>>>>>> hours now, now from 155 different >> domains>> (most of which are on
>>>>>> yesterday's list).Hi all,1) I have disabled registration on
>>>>>> jabberpl.org [2].2) Is there known pattern of the created accoutns to
>>>>>> spam? I would like to purge the users database.Ki [3]nd
>>>>>



More information about the Operators mailing list