 | | (canceled)
|
|
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Adapted you say, could this be the BORG !!! (:-)) (21 years ago, 25-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Todd, pardon my ignorance, but is this a DoS aimed at Lugnet specifically, or a more generic NNTP attack? who would want to pester Lugnet? Chris (21 years ago, 25-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Cool. One person posting over on BL suggested that the attack might be a generic SWEN attack looking to gather email addresses for other neferious purposes. One site[1] has chossen to move the NNTP port to 1119 temporarily until such time as (...) (21 years ago, 25-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Yup, started doing that Monday evening. It worked quite well for a while, until the author of the attacks discovered the tarpit behavior and adapted. --Todd (21 years ago, 24-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Just a passing idea.. setting up a tarpit to mimmic the NNTP server, then sending the misbehaving traffic there rather than blocking it. That might slow down the offending servers to such a point that they back off. Ray (21 years ago, 24-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) I suggest it as a temporary measure only until this problem were resolved other ways. Think of it as a detour while the real road is repaired. I have no idea if it's technically even feasible, or would solve the problem (from the outside (...) (21 years ago, 24-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
"Larry Pieniazek" <lpieniazek@mercator.com> wrote in message news:HLp90M.191p@lugnet.com... [ ... snipped .. ] (...) worse, or (...) Please don't do this. Turning off NNTP would dramatically reduce my (and I suspect many others) participation in (...) (21 years ago, 24-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Any chance that turning off NNTP (except as presented by the web or mail interfaces, but not accepting stuff from the outside world) would work? It would mean that nntp users would be cut off completely, but is that worse, or better, than (...) (21 years ago, 24-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Actually, the site wasn't down -- only the dynamic portions of the webserver were shut off (voluntarily and automatically by the system) to help keep the load average down. The NNTP attacks are still coming and the total number of compromised (...) (21 years ago, 23-Sep-03, to lugnet.admin.general, lugnet.admin.nntp)
|
| |
| | Re: NNTP news server restarted
|
|
(...) Frank, I've been experiencing a high increase in the amount of such e-mails that I receive every day. In the past months, it had been around 5/day (spamblocks in message headers being almost innefective for the already harvested adress), now (...) (21 years ago, 22-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP news server restarted
|
|
(...) The past couple days, my e-mail has been swamped with junk mail with huge attachments. I wonder if a similar virus situation is making NNTP attacks in addition to SMTP attacks? Frank (21 years ago, 22-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP news server restarted
|
|
(...) There appears also to be a similar attack coming from another address in Wellsville, New York, the combination of which are still causing sporadic connection problems, although the system load is greatly reduced. If you get an NNTP connection (...) (21 years ago, 20-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP news server restarted
|
|
(...) An update: Although the above resulted in the server accepting new posts again, it was still running an excessively high load. The problem appears to have stemmed from someone in Toronto, Canada running a script which was making (and still (...) (21 years ago, 20-Sep-03, to lugnet.admin.nntp, lugnet.admin.general)
|
| |
| | Re: FTX & NNTP
|
|
(...) Yes yes yes yes... the FTX makes links in messages basically useless. I cant click on them anymore and instead have to manually cut and paste them into a browser :-( just my 17 Deniria (exchange rate, approximately US-Earth$ 0.02) (21 years ago, 20-Aug-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP problem?
|
|
Hi, I'm once again having trouble with the NNTP server taking a long time to respond. Nothing has changed on my end, yet this seems to happen every few months. Usually it goes away after several days or weeks. A typical example of tracert output is (...) (21 years ago, 7-Aug-03, to lugnet.admin.nntp)
|
| |
| | Re: Posting (via slrn) w/out confirmation webpage?
|
|
(...) Yes, I do get that email, and I usually just cut/paste the provided URL into my web browser and submit the form instead of replying to the email. What I'm really after is avoiding a manual authentication step altogether by configuring slrn (...) (21 years ago, 17-Jul-03, to lugnet.admin.nntp)
|
| |
| | Re: Posting (via slrn) w/out confirmation webpage?
|
|
(...) You should be able to authenticate by replying to an authentication e-mail that LUGNET sends you, obviating any need for a Web browser. I have no idea what to do (or even how to post) if LUGNET isn't sending that e-mail. HTH, (21 years ago, 17-Jul-03, to lugnet.admin.nntp)
|
| |
| | Posting (via slrn) w/out confirmation webpage?
|
|
Hey, It's been a while since I've been active on LUGNET (the Dallas road show event got me going again). I'd really like to use slrn as my LUGNET newsgroup interface, but having to authenticate a posting on a webpage kinda defeats the purpose. Sorry (...) (21 years ago, 17-Jul-03, to lugnet.admin.nntp)
|
| |
| | Re: FTX & NNTP
|
|
(...) But wouldn't this result in people responding with HTML to FTX messages when using an HTML enabled newsreader? Frank (21 years ago, 8-Jul-03, to lugnet.admin.nntp)
|
