[Imc] tech issues for steering group mtg this week
Paul Riismandel
p-riism at uiuc.edu
Thu Aug 1 20:11:44 UTC 2002
Our website continues to be bombarded by a relatively savvy spammer who
is posting as many as 70 articles in a row. Tech believes that he is
exploiting a weakness in our website software that we can't quite figure
out.
In addition, he is hiding his computer's identity (IP address) by using
a web proxy -- an Internet server that forwards Internet traffic. This
makes his hits to our website look like they come from somewhere else.
It is not overstatement to say that right now the usability and
integrity of our website is at stake. Mike L. is busting himself right
now to hide the onslaught of spam so that our front page and newswire is
still useful and good articles aren't pushed off. But this kind of
vigilence can't be maintained.
We are currently logging IPs and blocking the ones this mad spammer is
using, which slows him down but does not stop him because new proxies
can be found relatively easily.
At our tech meeting yesterday we came up with a way to block most of
this guy's hits to our server. It is an established sysadmin technique
for protecting systems. Unfortunately, it also runs the risk of
blocking some legitimate traffic. Dan L. is currently figuring out
about how much legitimate traffice it might block by analyzing our web
server logs.
Because of the potential to block legitimate traffic Tech decided that
it was best to bring the question to Steering this Sunday for consent to
implement this method. We're purposely not putting the technical
details in this e-mail because it's pretty certain that our spammer is
reading our e-mail archives. We will explain this technique on Sunday
or over private e-mail to anyone who asks. Tech has no intention of
hiding anything from any IMC members -- simply, we've been forced to
defend our web server and can't afford to reveal our defenses to the
entire Internet.
Everyone's input and consideration is invited -- we hope to have this
next step decided at Sunday's steering meeting at noon, at the IMC.
Thanks,
Paul
More information about the IMC
mailing list