Page, Bill [EMAIL PROTECTED] wrote: > Hi Bob, > > On Wednesday, August 02, 2006 2:00 PM you wrote: > > ... > > Since wiki spam must occur over a HTTP connection, it is > > 2-way. So, you have the verified IP's of the attackers. > > Someone is clearly using a zombie net. Consider spawning: > > iptables -A INPUT -s "$IP" -j DROP > > when someone posts something in the banned_links. > > Are you suggesting that I drop all connections from the > complete list of ip addresses that are being used by the > spammers?
Yes.
> So far there are about 200 of these addresses
> scattered over several different subnets so I am not sure
> that this is practical. And as far as I can tell the number
> of ip addresses they are using is growing. I could also
> do something similar using our Apache hosts.deny file but
> I am quite concerned that these are spoofed ip addresses
> and do not really uniquely identify the spammers. Blocking
> all of these addresses might well affect ligitimit users.
Only legitimate users that are using a hacked windows box. And, good
riddance, they should fix their computers.
> > Then, one would want to remove the ban on reguar links
> > or you would hit legitimate users. I'm assuming banned_links
> > would contain only the bad URL's/domain names. So in each
> > case you would get at least one spam.
>
> No, this does seem practical either because there are
> literally hundreds of these domain names.
Yep. Why is that a problem?
> > That's an interesting idea...can the post be held for moderation
> > too, in case someone makes an interesting edit but doesn't have
> > a zope userid?
>
> Hmmm, you mean maybe write it to a non-web accessible or otherwise
> protected log file somewhere? Maybe even to a set of "shadow" pages
> that are only readable by registered Zope users? Moderation is a
> neat idea but it would take some programming work to implement.
Well, ideally something like a mailing list moderation where some
administrator can look at it and just hit a button to allow the edit.
--
Cheers,
Bob McElrath [Univ. of California at Davis, Department of Physics]
Only after you've tried to figure something out for yourself and
failed are you ready to absorb "the answer."
signature.asc
Description: Digital signature
_______________________________________________ Axiom-developer mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/axiom-developer
