On Tue, Feb 21, 2017 at 2:05 AM, Sebastian Silva <[email protected]> wrote:
> > > On 18/02/17 14:03, Samuel Cantero wrote: > > it was me. > > Ignacio, problem solved. It was a firewall issue. Go ahead. > > > Hi Samuel, > > I had set the firewall in response to an attack on network.sugarlabs.org > (check Jan 18th "Please Help" email thread on systems@). Having turned > off the firewall, this attack has just resumed. > > The attack consists of ~20 IP addresses issuing a POST request every few > seconds and updating a Sugar Network project with SPAM contents. > Who is in charge of maintaining the site? An authentication must be done before allowing any POST data. Site must add authentication mechanism. We can block now 20 IPs but it'll be unstoppable over time. We can't block the whole internet. > > I have a script /root/block.sh with firewall rules that blocked the IP > addresses we isolated from the logs. > > Previously this script missed to allow https, but I've added this now, so > I've re-enabled the firewall. It looks to me like gitorious works. > > I hope it doesn't cause other issues. > > Regards, > Sebastian > > >
_______________________________________________ IAEP -- It's An Education Project (not a laptop project!) [email protected] http://lists.sugarlabs.org/listinfo/iaep
