On Fri, Mar 11, 2011 at 1:12 PM, Stephan Beal <step...@wanderinghorse.net>wrote:
> On Fri, Mar 11, 2011 at 6:56 PM, Andreas Kupries <andre...@activestate.com > > wrote: > >> I wonder, do you have auto-captcha active ? Maybe someone is able to >> handle >> this button (JavaScript ?) >> > > i did until 10 minutes ago, yes ;). > > auto-captcha If enabled, the Login page provides a button to >> fill in the captcha password. Default: on >> > > The irony of it is... LOL... oh, the irony is... it was me who originally > added the auto-captcha option to fossil because i got sick of entering the > password manually. It seemed reasonable at the time, but bots have > apparently advanced since then. > > Now i've got some 20 others repos to go dig through and find out if they > were violated... > > The spammer has been continually spamming that repo since February. There > are hundreds of bogus wiki/ticket entries, but apparently no source code was > tampered with. i've disabled both the auto-captcha and removed several > access settings from the anonymous and reader users, but will also nuke the > repo and re-import everything to avoid the bloat that a month of spamming > has caused. > > i'm not sure how he wrote the wiki pages, but he overwrote every one of > them. They were not committed using my account, and my account is the only > one with wiki edit access. > The origin of every artifact on a server, including the time it was received and the IP address from which it was received, is recorded in the rcvfrom table. The "log" link on the "Admin" pages shows you the most recent entries. You can use this information in your analysis, and perhaps determine an IP address (or range of addresses) to banish. You might also use this to automatically shun much of the damage. This log can also be used, for example, to see if the damage is coming from an anonymous user on the open internet, or if it was pushed by someone with write permission on your repositories. There is also an optional log which you can enable to record every login attempt, its time, and the IP address from which it originates. > > -- > ----- stephan beal > http://wanderinghorse.net/home/stephan/ > > _______________________________________________ > fossil-users mailing list > fossil-users@lists.fossil-scm.org > http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users > > -- D. Richard Hipp d...@sqlite.org
_______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
