NANOG list attack

Shrdlu shrdlu at
Mon Oct 26 23:39:46 UTC 2015

On 10/26/2015 3:00 PM, Job Snijders wrote:
> On Mon, Oct 26, 2015 at 03:17:37PM -0400, Larry Blunk wrote:
>>     Just wanted to apologize for the attack over the weekend.  The
>> posts came from a email address that was subscribed to the list, so
>> it was not subjected to moderation.  While a filter was added
>> to block further posts (which were made in a short time window),
>> there were existing message queues that were not cleared in a
>> timely basis.

> To add to that: several people reached out off-list, offering help and
> recommendations. We'll be following those up in the next few days. Thank
> you for your support!

I'd made a post to the members list, in the vain hope that it was on a
different server, and perhaps might go through (and it certainly did,
bright and early this morning). There's a couple of things I'd said
that are worth noting here. For those who didn't visit the archives,
where it was at least possible to see that the deluge was noticed by
folks, I'd suggest a quick look.

In my very unscientific method of knowing approximately how many lines
were visible in my browser, I guesstimate that there were about 1750
messages, and they were issued in the span of perhaps twenty minutes
(perhaps less), before the alarm bells went off, and the problem was

 From start:

to finish:

For those who quickly looked at the archives, it was clear that others
had noticed that there was a problem (I even had off list emails with
a couple of them). I might have been more draconian in the clean up
(i.e. purge the queues, including valid emails), but honestly, that
was a pretty tough assault, and it's a good object lesson on what
might happen. You *are* all updating your security approaches and
data recovery plans, right?

Thanks to both Job Snijders and Larry Blunk. The check is in the mail.


Coffee, coffee, everywhere,
And all the cups did clink;
Coffee, coffee, everywhere,
Nor any drop to drink.  (Apologies to Coleridge)

More information about the NANOG mailing list