Perl 6 - the future is here, just unevenly distributed

IRC log for #rosettacode, 2013-03-11

| Channels | #rosettacode index | Today | | Search | Google Search | Plain-Text | summary

All times shown according to UTC.

Time Nick Message
01:00 _ilbot joined #rosettacode
01:00 Topic for #rosettacode is now Rosetta Code: Coding in  (∞ - 1) languages ; http://irclog.perlgeek.de/rosettacode/today ; Pop  a tab and stick around! ; Account creation issues? Send an email with  your desired username to bureaucrats@rosettacode.org.
03:06 mikemol Be very careful about blocking spammers for a bit; the IP address blocked will probably be that of some intermediate cloudflare server instead.
03:06 mikemol I'm working on the issue...
03:08 mikemol That said, cloudflare's interface indicates it's challenged 17 suspect IPs with captchas, and none of those challenged passed the captcha. I also notice we haven't had many account creations today.
03:11 mikemol It looks like I'll need to create a MediaWiki plugin for that.
03:31 mikemol Eh. 17 was this morning. It's up to 46 challenge captchas, with none challenged passing.
03:31 mikemol A number look like they're from the same netblock, and a few IPs show up multiple times.
04:03 mwn3d_PA joined #rosettacode
04:07 mikemol Cool. It looks like a relatively small number of hosting providers are the source of a relatively large proportion of the blocked queries.
04:47 mikemol Incidentally, what that means is that it'll take relatively few emails for me to report the bad actors to their ISPs and get things cleaned up on the sender side.
05:14 eMBee hopefully that's successful...
10:01 eel2 joined #rosettacode
13:55 mikemol eMBee: It usually accomplishes something...
13:55 mikemol I don't know by what mechanism. It might be that they ISP shuts the host down. It might be that the attacker is tipped off and doesn't prod my server any more.
14:31 ttmrichter joined #rosettacode
14:40 eMBee whichever works :-)
15:14 mwn3d_PA1 joined #rosettacode
15:36 mikemol Also, I'm fairly sure whoever's been regularly adapting and attacking the server is monitoring this channel.
15:38 mwn3d_PA1 And public logs means they don't have to be in the channel
15:40 mikemol I think it probable they are; the public logs don't lend themselves to crawling, and I'm sure I could ask for IP logs.
15:40 mikemol It'd be easier to hide behind some hostmask mechanism and be a channel lurker; we've got plenty of lurkers. :)
15:44 mischi joined #rosettacode
16:08 TimToady joined #rosettacode
16:20 eel2 REPL log monitoring broke! problem: <EOFException>
16:39 mwn3d_PA joined #rosettacode
16:53 mwn3d_PA I wonder if they make money off of our site
16:54 mwn3d_PA We usually clean it up pretty quickly
16:54 mwn3d_PA Sometimes it can sit there for a few hours
16:55 mwn3d_PA Of course there is the possible army of spambots that we have sitting around on the site
16:56 mwn3d_PA Is there an inactive user extension or whatever for mediawiki?
16:56 mwn3d_PA That could automatically unconfirm or disable old users?
16:56 mikemol Dunno.
16:57 mikemol But there's theoretically a way to defeat hotlinking of images as part of cloudflare's services, and that might help.
16:57 mikemol Hm.
17:01 mwn3d_PA Yeah there's a big percentage of the spam users that link straight to outside images
17:01 mwn3d_PA I think most of them try to upload
17:01 mwn3d_PA But I have no data collected to support that...just a guess based on what I remember seeing
17:02 mikemol I can say that if they were ever hotlinking images, it wasn't having a noticable impact on server bandwidth.
17:04 mwn3d_PA They never did it properly
17:04 mwn3d_PA It was always like "[[File:http://...]]" or something
17:04 fedaykin http://rosettacode.org/wiki/File:http://...
17:04 mwn3d_PA (Thanks fedaykin)
17:05 mikemol hotlinking is when someone on domain X embeds an image from domain Y.
17:06 mwn3d_PA Yeah and as far as I remember they did it in a way where it just showed up as a red link on our site
17:06 mwn3d_PA I think we disabled direct links to outside images long ago
17:07 mikemol We wouldn't see a link if they were leveraging hotlinking to use our bandwidth. That's where they're using us to hold the images.
17:07 mwn3d_PA Some users made a bit of a fuss over avatars when that happened I think
17:08 mikemol As I recall, we encouraged them to upload avatar images to RC if they wanted them there.
17:11 mwn3d_PA1 joined #rosettacode
17:32 mwn3d_PA joined #rosettacode
17:37 BenBE joined #rosettacode
17:37 BenBE joined #rosettacode
18:38 mwn3d_PA1 joined #rosettacode
18:45 BenBE joined #rosettacode
18:45 BenBE joined #rosettacode
18:53 mischi joined #rosettacode
19:14 BenBE joined #rosettacode
19:14 BenBE joined #rosettacode
19:48 sirdancealot joined #rosettacode
19:50 BenBE joined #rosettacode
19:50 BenBE joined #rosettacode
19:57 mwn3d_PA joined #rosettacode
20:00 mikemol Now I'm certain someone is monitoring this channel. Someone is skipping the CDN and trying to directly flood my port 80 with inbound packets, claiming a source IP of 72.32.150.162. The packets don't cease when I -j DROP packets from that IP.
20:14 mwn3d_PA It was BenBE. He knows you're on to him now so he dropped off :p.
20:24 mikemol Heh
20:24 mikemol Yeah, RC's server is under a syn flood attack.
20:24 mikemol No troubles, though.
20:41 s0rear joined #rosettacode
21:48 mwn3d_PA joined #rosettacode

| Channels | #rosettacode index | Today | | Search | Google Search | Plain-Text | summary