[SATLUG] wiki hacking and a proposed countermeasure

[Jonathan Hull]

What about a CAPTCHA. Possibly require it to make a user or when posting
anonymously.


On 3/22/07, David Kowis <dkowis at shlrm.org> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Sean Carolan wrote:
> > On 3/20/07, Richard Ward <timeslicer at gmail.com> wrote:
> >> Black listing of IP's would thwart only the most novice hacker if it
> >> is his
> >> goal to hack your site.
> >> 1.  He could use Tor, the onion router,  to get an IP address inside
> the
> >> state of Texas for instance.
> >> 2.  He could rent space on a shared server lets say in San
> Antonio.  Then
> >> using ssh from IP on his shared server he could easily launch an
> attack.
> >>
> >> Blacklisting is not really a solution at all.
> >>
> >
> > We are not talking about hardcore blackhats assaulting the SATLUG web
> > server.  The vast majority of wiki and forum spam is done by automated
> > bots.  Why would someone use Tor or pay for a shared server in San
> > Antonio, simply to deface a local LUG's wiki?  What financial or other
> > incentive would there be for going to that length?
> >
> > I think blacklisting is a great solution - it effectively blocks out
> > most of the ip addresses where the spam/defacing bots are located.
>
>
> Aren't most of the bots located in the US and china?
>
> Yay! we'll block a small percentage of the bots! Yay!
>
> Having more secure software is a much better solution than security
> through obscurity. Now, before you argue, "we're not hiding anything!"
> We are, from certain IPs. We're not fixing the problem, we're not even
> attempting to fix the problem, we're putting a piece of tape over the
> "check engine" light. We're avoiding the problem entirely.
>
> Blacklisting is not a good solution.
>
> David
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.7 (GNU/Linux)
>
> iQGVAwUBRgNMvcnf+vRw63ObAQpaQQwArCN7Pzl5GsExWOesf5WYq4+CdiluwE0Y
> uC8xTDIGk/3JTNZMtmyYxU6YQfPDPFknR6dPSy1BLVQroo7k+W3sNjyZgwXc0ryV
> juU/c6oxEuDfPvv6yiudJRV+NBAo5qI7mklT/Vl0DZ0FlBxFDDznPImq0R7NYd8p
> glwL8iHesWPzN1WWMipq5zbx8Gw8m9BDgc9/hbM31kQp0KVJ+EErQj9/JmM8zyff
> uK/QWBEx34Sn2b6G9CR8R0WLTbrC4kcGJyZin4aHALRzSyWCSE4yRxjujWQen1Mq
> FWTPZUYypzyJqkrxctuSerjKn1lR/GuIh7nHI5pPCrEtgmWkWN3yRIugw7D/VP8g
> 3+hNvJ6hwBL8Dc2fiVsCsLcpP6YSaSadsedq3S6I1QTkI44HqrGy2dtEs43tYjR6
> deuWbLmbW4Y5mBNwnE2F8hgpFUeAcHnWqJ7l7apGHTnOrbdi1xQQvzadU5Bcmta1
> OHwV/uVCj8pQKBGQ1rgmyak043sK9zeE
> =fTmN
> -----END PGP SIGNATURE-----
> --
> _______________________________________________
> SATLUG mailing list
> SATLUG at satlug.org
> http://alamo.satlug.org/mailman/listinfo/satlug to unsubscribe
> Powered by Rackspace (www.rackspace.com)
>