Hello Patrick,
Patrick Hartling wrote:
>> I've just noted some edits in the OpenSG wiki by admin
>> <[email protected]> (IP: 91.197.184.189), that look very much like
>> spam. Has vrsource.org been hacked or is it just very simple to spoof
>> the username/address for wiki users.
>> I thought the wiki was changed so that it required an admin to create
>> new accounts, but looking over the account list it contains a bunch that
>> look like spam bots?
>> Any hints you may have are greatly appreciated.
>
> My guess would be that it is a spoofing problem. Perhaps there is an exploit
> in the Trac installation?
ok thank you, just wanted to make sure vrsource.org has not come under
new management ;)
> I don't know much about Trac, and I definitely
> don't know the details of how the OpenSG Trac site is set up. Allen has
> taken care of most of that. Sorry I can't offer more help.
don't worry about it, I've deleted the spam and the user accounts that
where owned by spammers. I also found some permission settings that
allowed anonymous users to create/modify wiki pages (perhaps set by
spammers after a successful exploit?) and fixed those.
Anyway, my biggest concern was that there was more wrong than simple
spoofing of the user name, the spam volume is currently low enough that
we can keep ahead of it; let's hope it stays that way :)
Thanks,
Carsten
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Opensg-core mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opensg-core
