|
Grex > Coop > #34: Cyberspace Communications and Grexserver security |  |
|
| Author |
Message |
| 14 new of 68 responses total. |
unicorn
|
|
response 55 of 68:
| 
Aug 5 05:45 UTC 2007 |
#51: Speaking of the abuses I've seen here (which are the most recent
ones, anyway), the attacks have been from long-time users who are very
familiar with the system who create new accounts to hide behind
(presumably to try to keep from getting banned from grex). These new
accounts have generally been used immediately, or very soon after
creation. When the accounts are disabled, they just create new ones
when they want to attack again. This protects their well-known accounts,
from which they deny all culpability.
|
denise
|
|
response 56 of 68:
|
Aug 5 19:14 UTC 2007 |
Hmm, I've never been to the Info or the Intro conferences; just haven't
ever realized the need to. Perhaps checking them out would help [and
maybe these can be posted in the item in general about conferences to
join-as a possible way to get or provide assistance?]
|
gelinas
|
|
response 57 of 68:
|
Aug 5 23:06 UTC 2007 |
(The 'helpers' conference can also be interesting.)
Yes, the accounts used for abuse are generally "throwaways." Often, many
will be created at once and then used as necessary: When one gets locked,
another becomes active, and some are still idle when newuser gets shut off.
|
trancequility
|
|
response 58 of 68:
|
Aug 7 02:01 UTC 2007 |
This response has been erased.
|
trancequility
|
|
response 59 of 68:
|
Aug 7 02:44 UTC 2007 |
First off, for all you illerate faggots on this board. I'm the person
that coded (sort of) the tel flooder that mcnally speaks of. I'm also
the same person steve makes reference to in certain grex configuration
files. Hi Steve!.
With that intro, I think getting rid of tel and mesg might be the best
solution. The better solution would be to re-write tel and mesg, but
95% of the people on grex are either just as dumb or dumber than vive.
It does no good to turn of tel my default because I can get around
this (via another bug in mesg). And no vive, despite what you think,
you don't know what it is. Bitch, you can't even understand the source
code to my tel flooder, more or less understand the source code to
mesg. Just go back to trying to understand what fork/exec and the
controlling terminal is you fucking moron.
I forgot what else. Yeah, you all fucking suck.
|
mickeyd
|
|
response 60 of 68:
|
Aug 10 15:24 UTC 2007 |
I have one question.. Keep in mind I am relatively new here, so my perception
may not be 100% accurate.
With all the hubub about the recent 'attack', and the culprit being known,
namely scholar, why does he get to keep his account? Why isnt he banned, or
have his account locked out? Somehow this doesn't make sense.
|
nharmon
|
|
response 61 of 68:
|
Aug 10 15:30 UTC 2007 |
Maybe to prevent further escalation.
|
mickeyd
|
|
response 62 of 68:
|
Aug 10 16:15 UTC 2007 |
Does that really make any sense? Going on that assumption, he is bullying his
way into keeping his account? (ie. if you take my account away, i'll pwn u).
|
mcnally
|
|
response 63 of 68:
|
Aug 10 17:23 UTC 2007 |
re #60:
> With all the hubub about the recent 'attack', and the culprit being known,
> namely scholar, why does he get to keep his account? Why isnt he banned, or
> have his account locked out? Somehow this doesn't make sense.
Think it through. What if we *did* lock his account, what then?
Since we (currently) allow people from anywhere on the internet
to sign up without requiring any sort of verification, what would
prevent him from simply signing up for another account?
|
mickeyd
|
|
response 64 of 68:
|
Aug 10 17:31 UTC 2007 |
Then, why lock out cdalten? (I'm not saying we shouldn't, just using him as
a convenient well known example).
I'm not sure I follow the logic here. Why lock out anyone? Just to keep
passer-by's from coming right back?
|
nharmon
|
|
response 65 of 68:
|
Aug 10 17:32 UTC 2007 |
cdalten isn't locked out.
|
mickeyd
|
|
response 66 of 68:
|
Aug 10 17:35 UTC 2007 |
His IP addreses are banned...
|
mickeyd
|
|
response 67 of 68:
|
Aug 10 17:45 UTC 2007 |
So just I am clear, if i telbomb'd steve, i would be immediately removed and
or have my IP addresses banned. If i plug up the tty ports on grex so no one
can get in, it'll be okay? cool!
|
cmcgee
|
|
response 68 of 68:
|
Aug 10 19:55 UTC 2007 |
mickeyd, part of the reason for the member vote is to set up a more
secure method of managing accounts. As soon as that is in place, we
will be able to manage vandals like scholar and cdalton somewhat more
successfully.
At the moment, with current member policies in place, there is no way to
deal with their behavior that isn't very easy for them to get around.
|