NANOG list attack

• Previous message (by thread): NANOG list attack
• Next message (by thread): NANOG list attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/26/2015 3:00 PM, Job Snijders wrote:
> On Mon, Oct 26, 2015 at 03:17:37PM -0400, Larry Blunk wrote:
>>     Just wanted to apologize for the attack over the weekend.  The
>> posts came from a email address that was subscribed to the list, so
>> it was not subjected to moderation.  While a filter was added
>> to block further posts (which were made in a short time window),
>> there were existing message queues that were not cleared in a
>> timely basis.

> To add to that: several people reached out off-list, offering help and
> recommendations. We'll be following those up in the next few days. Thank
> you for your support!

I'd made a post to the members list, in the vain hope that it was on a
different server, and perhaps might go through (and it certainly did,
bright and early this morning). There's a couple of things I'd said
that are worth noting here. For those who didn't visit the archives,
where it was at least possible to see that the deluge was noticed by
folks, I'd suggest a quick look.

http://mailman.nanog.org/pipermail/nanog/2015-October/date.html

In my very unscientific method of knowing approximately how many lines
were visible in my browser, I guesstimate that there were about 1750
messages, and they were issued in the span of perhaps twenty minutes
(perhaps less), before the alarm bells went off, and the problem was
addressed.

 From start:

http://mailman.nanog.org/pipermail/nanog/2015-October/080150.html

to finish:

http://mailman.nanog.org/pipermail/nanog/2015-October/081902.html

For those who quickly looked at the archives, it was clear that others
had noticed that there was a problem (I even had off list emails with
a couple of them). I might have been more draconian in the clean up
(i.e. purge the queues, including valid emails), but honestly, that
was a pretty tough assault, and it's a good object lesson on what
might happen. You *are* all updating your security approaches and
data recovery plans, right?

Thanks to both Job Snijders and Larry Blunk. The check is in the mail.

:-}

-- 
Coffee, coffee, everywhere,
And all the cups did clink;
Coffee, coffee, everywhere,
Nor any drop to drink.  (Apologies to Coleridge)

• Previous message (by thread): NANOG list attack
• Next message (by thread): NANOG list attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]