nanog mailing list archives
Re: Data Center operations mail list?
From: Phill Twiss <phill () daa com au>
Date: Thu, 13 Aug 2015 08:36:24 +0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 De-lurking Hi Rafael and everyone else :}( sorry the cross-post ) You should really have captcha's configured for your mailman lists Some shady actors out there are using mailman lists to target certain email addresses. Its a pretty dumb attack, but its annoying :} The target will be hit by hundreds ( if not thousands ) of subscribe confirmation requests. We changed to captcha's a month or more ago, we still get an average of 300 od IP's trying to do this in period of a few hours. Keep an eye out in your logfiles for some of the strings below ( they all seem to try to use the same password ), if you have any issues with getting captcha's to work properly, drop me an email :} Below is an sanitised ( list name and target) entry from the Apache logs ( the IP is real, screw em :} ) 64.234.104.150 - - [13/Aug/2015:08:15:54 +0800] "GET /mailman/subscribe/<<Sanitised list name >>?email=<< Sanitised_TARGET
@YAHOO.COM&fullname=&pw=123456789&pw-conf=123456789&language=en&diges
t=0&email-button=Subscribe HTTP/1.1"
301 801 "http://tools.vietche.biz/Boom/" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0" Regards Phill Twiss On 13/08/2015 4:19 AM, Rafael Possamai wrote:
Robert, the first few people who expressed interested were subscribed manually. Everyone else has been using the list website to subscribe! There should have been a message sent out with the subscription email explaining it :) On Wed, Aug 12, 2015 at 10:28 AM, Robert Webb <rwebb () ropeguru com> wrote:Interesting... I just went to the web site to subscribe and I received an email that I was already subscribed. I don't remember doing that... So how did this happen?? Robert On Wed, 12 Aug 2015 07:33:05 -0500 Rafael Possamai <rafael () gav ufsc br> wrote:I was actually surprised with how many people subscribed already. I think we are close to 100 already in less than 24 hours. I could use some help drafting some basic mailing list rules (no spam, no soliciting, etc) and if anyone has any suggestions, please let me know. On Wed, Aug 12, 2015 at 1:34 AM, Mark Tinka <mark.tinka () seacom mu> wrote:On 11/Aug/15 17:46, Alex Brooks wrote:With the lack of interest compared to NANOG (especially seeing how the old list simply dried up) it might be best making the list global rather than North America only to get the traffic levels up a bit.Tend to agree that a list with global scope might be more useful. Mark.
- -- Phill Twiss | IT Manager | Consultant Software Engineer Data Analysis Australia Pty Ltd | STRATEGIC INFORMATION CONSULTANTS 97 Broadway, Nedlands, Western Australia, 6009 | PO Box 3258, Broadway Nedlands, WA, 6009 T: +61 8 9468 2523 (Direct) | +61 8 9468 2533 or +61 8 9386 3304 (Reception) F: +61 8 9386 3202 | E: phill () daa com au <mailto:phill () daa com au> | I: http://www.daa.com.au <http://www.daa.com.au/> This e-mail message and its attachments are privileged and confidential. If you are not the intended recipient, please delete the message and notify the sender. While every care is taken, it is recommended that you scan any attachments for viruses. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJVy+aHAAoJEGwAYdQtPZ9OLAwP/0/9A1zyYpFNDzIr4uHbPfcW C0qJK+65xuKdoQ6nGV0bm7g8Ve82+YQta90LNggm6ncl9hKH5G6fShF+e09h54FJ o+iDBAgOyhk1HjsGw7/fVMpVm9CILgjSV1tgA/HM66YGIOglslv8B10UBT9CJELD JZ0Bzo3OPkTOUA/+casK3ydUn1Dpuaol4/i5iR/G7Td+F0oY3qyiXDUXVjMaN4MX XzTRi6Luf+tS/agwnPYpX96vZ17xRn5/OVHwUSjTsnPQTUTuyTKm+S9rvuUBIawQ qAv9sdyAVEH6IbdpQfv7hzmlm8Qj29VlyfT9Em6WEpBcDCph5GcFewEXLu4gajUI dlj1n20W7NDb/bPnFUkgH0Nx6ZYV6mn9HzE29L2vnQWYN/EMdc3q5s7P1JYOe0u2 7e9xB6W0ZINPEVh4XS6HYtolYdXxD2oGRKi1suAXwUtO8gtBxonvGE5T7KbtM2WG XSzR61dMZdBcBXGMSQvdU3nPgddbiV39tSwq7XhnPbu+JH0HjVYXM+CsP9hvT2zl dKKDa7CTmjHH6yr1jlMDUP92i9OOMXVSW4l8pVFBKBJRduqGZiSArSMYpY1ADjID iIO7qw2bCdClNiWaQ1JrdaZnKZQZ8nk2G679GY7XNUm9dxz8WBvErmWMzWp/xxwQ a/7piwQb0C5+7jblAB23 =anjV -----END PGP SIGNATURE-----
Current thread:
- Re: Data Center operations mail list?, (continued)
- Re: Data Center operations mail list? Rafael Possamai (Aug 20)
- Re: Data Center operations mail list? Alex Lesser (Aug 20)
- Re: Data Center operations mail list? Barry Shein (Aug 20)
- Re: Data Center operations mail list? Rafael Possamai (Aug 21)
- Re: Data Center operations mail list? Rich Kulawiec (Aug 21)
- Re: Data Center operations mail list? Mike Hammett (Aug 21)
- Re: Data Center operations mail list? Rafael Possamai (Aug 21)
- Re: Data Center operations mail list? Mike Hammett (Aug 21)
- Re: Data Center operations mail list? Robert Webb (Aug 12)
- Re: Data Center operations mail list? Rafael Possamai (Aug 12)
- Re: Data Center operations mail list? Phill Twiss (Aug 13)
- Re: Data Center operations mail list? Jim Popovitch (Aug 14)
- Re: Data Center operations mail list? Rafael Possamai (Aug 14)
- Re: Data Center operations mail list? Rich Kulawiec (Aug 18)
- Re: Data Center operations mail list? Rafael Possamai (Aug 11)
- Re: Data Center operations mail list? Robert Webb (Aug 11)
- Re: Data Center operations mail list? Miles Fidelman (Aug 11)
- Re: Data Center operations mail list? Jay Ashworth (Aug 11)
- Re: Data Center operations mail list? Simon Lockhart (Aug 11)
- Re: Data Center operations mail list? Mike (Aug 11)