-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 3/21/13 6:59 AM, Kevin Smith wrote: > On Wed, Mar 20, 2013 at 11:09 PM, Peter Viskup > <[email protected]> wrote: >> Did anybody performed some investigation and proved which servers >> are used for these attacks and if all of them are IBR-enabled? >> I'm not aware of anybody - didn't see list of the servers. > > I sent a list of servers that I'd seen MUC flooding attacks from > recently. I won't bother repeating that list here, as everyone > will already have received it once.
To be clear, we have two different attacks here: MUC flooding and spammy invites to GTalk users. We know that jabber.org had many spammy invite accounts, and we have IBR disabled with CAPTCHA-"protected" web registration. As Maxim noted about his server (jabber.kiev.ua), web registration doesn't stop someone from registering enough accounts to cause trouble. Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRSxr+AAoJEOoGpJErxa2p6o8P/R9sfjtMYFneJguqmChOi9X5 HDl0OGQnVJZoaR1/hHHBeu8DBEPEvQBh2htjvgNewXbBrFaSCm8vTnS54uq2uCxD qOsYUXdgUJNoTZYCQlH6eox+I3CQrtzn28W6nX7ANR8OWdJcpZQzniqux70u18f5 v2LIkmCRB5cKxeKNHgaiqC0Ov0F6SKhQlkZ0B65IKXySI9XART9iq+ZcHxKBvRuE mjYD92Nyyq32kADYm15/8CpR1nzim+pSG6cy1BxZ1D/Ge9W2UNEXSM0+WrGnOGMS Xw6v4KHrnrl/Vg/x9EtUi+Y9ocbzk+BgMZXOVb5K+nfkU0bkSoOuCBxF48RD1sNi UyjNfb9b7lZNwI7JWcg1zGRd1v2feDIhc0gfuPIWyE0wv0bXQ2oFV21WXjt9toHQ 6yKgPW6IkK5OulJ0AxGEDoW0gKV9nXzjdN2UhaqHDetkS6G4yaGe1j+U2aJA5Vcx GMxoS+8h+mR5odFJNAjBGWnrhCvSiILjxvvfHs+Z7NbZBl8CyWj8Ds33hYg7/RUc Ve8uOe/ODE16DPuEolO3fH/MlvO++YOZejk0WXlp1gave/zzlQJF8gB6+9FJo+eV Jq1IyyyFqb25AECSyjm6VCn8lm/kYQgel2iZw0IHzIFl3DNC/1CxGyqpXj0xNkkO zlG/ktgdvvNIljoOwJAr =1m61 -----END PGP SIGNATURE-----
