Page, Bill [EMAIL PROTECTED] wrote: > Hi Bob, > > On Wednesday, August 02, 2006 2:00 PM you wrote: > > ... > > Since wiki spam must occur over a HTTP connection, it is > > 2-way. So, you have the verified IP's of the attackers. > > Someone is clearly using a zombie net. Consider spawning: > > iptables -A INPUT -s "$IP" -j DROP > > when someone posts something in the banned_links. > > Are you suggesting that I drop all connections from the > complete list of ip addresses that are being used by the > spammers?
Yes. > So far there are about 200 of these addresses > scattered over several different subnets so I am not sure > that this is practical. And as far as I can tell the number > of ip addresses they are using is growing. I could also > do something similar using our Apache hosts.deny file but > I am quite concerned that these are spoofed ip addresses > and do not really uniquely identify the spammers. Blocking > all of these addresses might well affect ligitimit users. Only legitimate users that are using a hacked windows box. And, good riddance, they should fix their computers. > > Then, one would want to remove the ban on reguar links > > or you would hit legitimate users. I'm assuming banned_links > > would contain only the bad URL's/domain names. So in each > > case you would get at least one spam. > > No, this does seem practical either because there are > literally hundreds of these domain names. Yep. Why is that a problem? > > That's an interesting idea...can the post be held for moderation > > too, in case someone makes an interesting edit but doesn't have > > a zope userid? > > Hmmm, you mean maybe write it to a non-web accessible or otherwise > protected log file somewhere? Maybe even to a set of "shadow" pages > that are only readable by registered Zope users? Moderation is a > neat idea but it would take some programming work to implement. Well, ideally something like a mailing list moderation where some administrator can look at it and just hit a button to allow the edit. -- Cheers, Bob McElrath [Univ. of California at Davis, Department of Physics] Only after you've tried to figure something out for yourself and failed are you ready to absorb "the answer."
signature.asc
Description: Digital signature
_______________________________________________ Axiom-developer mailing list Axiom-developer@nongnu.org http://lists.nongnu.org/mailman/listinfo/axiom-developer