Re: Mailman attack in progress

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Kaplah!

On Sun, 13 Aug 2017, Glen wrote:

A brief update on our Mailman attack.

After analyzing the attack pattern, I've added a new long-term measure
into Mailman that is preventing these botnet subscription attempts
from being honored (whilst still allowing humans to subscribe).

I then turned my attention to Cloudflare.   After some experimentation
(and manual-reading!) I discovered that - with a little custom
crafting - one can actually use Cloudflare to mitigate this type of
attack quite nicely.  I inserted some custom rules that have all but
halted the incoming flood completely.

So Mailman subscription service is back online (for humans only!) and
we appear to be back to normal.

Thank you for your patience during this interruption.

Glen
--
Glen Barney
IT Director
AMS (IETF Secretariat)






[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]