Re: DoS attempt?
Barry Page
From: Dada Mail <dada@PROTECTED>
To: Dada Mail Developers Subscriber <barry_page@PROTECTED>
Sent: Tuesday, 1 April, 2008 7:41:55 AM
Subject: [dadadev] Re: DoS attempt?
On Mar 31, 2008, at 2:40 AM, Barry Page wrote:
--
Post:
<mailto:dadadev@PROTECTED>
Unsubscribe:
<http://mojo.skazat.com/cgi-bin/dada/mail.cgi/u/dadadev/>
List Information:
<http://mojo.skazat.com/cgi-bin/dada/mail.cgi/list/dadadev>
Archive:
<http://mojo.skazat.com/cgi-bin/dada/mail.cgi/archive/dadadev>
Mailing List Powered by Dada Mail
http://mojo.skazat.com/cgi-bin/dada/mail.cgi/what_is_dada_mail/>
> My server had been crashing due to severe disk thrashing, so I
> physically monitored the console with top (linux system activity
> monitor).
I've seen this happen if you have a large archive and a custom
template (or without the custom template). The 'bot is probably some
sort of spider and just has a field day with all the links and
probably spiders them faster than it should.
I've found just enabling the cache works wonders - the Config.pm
variable is,
$SCREEN_CACHE
just set it to, "1":
$SCREEN_CACHE = 1;
The cached pages are just much less resource intensive to serve up
than dynamically creating them. Sometimes that makes things much
smoother.
If that doesn't work, I usually rename the, "mail.cgi" file to
something like, "__mail.cgi". and make a new mail.cgi file that has
what I've attached as its contents.
The only thing you'll have to change is the, "$State" variable. It
should just be a file that's in whatever directory you're saving your
dada files in. So, if you've set, $FILES to:
/home/youraccount/dada_files
Set $State in this script to:
/home/youraccount/dada_files/counter.txt
What this script does is keep count on how many instances of the
program are running, and if too many are, it'll give back a server
error. If you're below the limit, it'll just look for, "__mail.cgi"
and invoke it.
I usually set a cronjob to delete the file set in, $State every hour
or so, just so the counter doesn't stick and break Dada Mail (it's
imperfect)
A bit brutal, but should stop what's happening. If you want to up the
amount, play around with the, "$Limit" variable, inside the script.
Hope that's all clear ;)
--
Justin J.
Dada Mail - Write Once: Distribute Everywhere Software
url: http://mojo.skazat.com
--
Post:
<mailto:dadadev@PROTECTED>
Unsubscribe:
<http://mojo.skazat.com/cgi-bin/dada/mail.cgi/u/dadadev/>
List Information:
<http://mojo.skazat.com/cgi-bin/dada/mail.cgi/list/dadadev>
Archive:
<http://mojo.skazat.com/cgi-bin/dada/mail.cgi/archive/dadadev>
Mailing List Powered by Dada Mail
http://mojo.skazat.com/cgi-bin/dada/mail.cgi/what_is_dada_mail/
On Mar 31, 2008, at 2:40 AM, Barry Page wrote:
>
> My server had been crashing due to severe disk thrashing, so I
> physically monitored the console with top (linux system activity
> monitor). I noticed that there were many threads of mail.cgi
> starting up so I checked the http logs, and sure enough some machine
> (85.54.129.60) was doing what appeared to be a denial of service
> attack on me. Either that or it was trying to hack mail.cgi to use
> it as a bot, find email addresses or whatever. Has anyone on-list
> had similar experiences? i blocked that address at the firewall and
> since have had no further issues.
>
> Regards,
> Barry Page
>
> [dada mail 2.10.11 behind apache]
>
>
>
> Post:
> mailto:dadadev@PROTECTED
>
> Unsubscribe:
> http://mojo.skazat.com/cgi-bin/dada/mail.cgi/u/dadadev/
>
> List Information:
> http://mojo.skazat.com/cgi-bin/dada/mail.cgi/list/dadadev
>
> Archive:
> http://mojo.skazat.com/cgi-bin/dada/mail.cgi/archive/dadadev
>
> Mailing List Powered by Dada Mail
>
--
Post:
<mailto:dadadev@PROTECTED>
Unsubscribe:
<http://mojo.skazat.com/cgi-bin/dada/mail.cgi/u/dadadev/>
List Information:
<http://mojo.skazat.com/cgi-bin/dada/mail.cgi/list/dadadev>
Archive:
<http://mojo.skazat.com/cgi-bin/dada/mail.cgi/archive/dadadev>
Mailing List Powered by Dada Mail
http://mojo.skazat.com/cgi-bin/dada/mail.cgi/what_is_dada_mail/
Post:
mailto:dadadev@PROTECTED
Unsubscribe:
http://mojo.skazat.com/cgi-bin/dada/mail.cgi/u/[list]/
List Information:
[program_url]/list/[list]
Archive:
[program_url]/archive/[list]
- This mailing list is a public mailing list - anyone may join or leave, at any time.
- This mailing list is a group discussion list (unmoderated)
-
Start a new thread, email: dadadev@dadamailproject.com
This is the developer discussion mailing list for Dada Mail.
If you are just looking for support Dada Mail, consult the message boards at:
https://forum.dadamailproject.com
Documentation for Dada Mail:
Specifically, see the Error FAQ:
https://dadamailproject.com/d/FAQ-errors.pod.html
To post to this list, send a message to:
mailto:dadadev@dadamailproject.com
All subscribers of this list may post to the list itself.
Topics that are welcome:
- Constructive critiques on the program (I like, "x", but, "y" needs some work - here's an idea on how to make this better...)
- Bug/Error reports
- Bug fixes
- Request For Comments on any changes to the program
- Help customizing Dada Mail for your own needs
- Patches
- Language Translations
- Support Documentation/Doc editing, FAQ's, etc.
- Discussion of any changes that you would like to be committed to the next version of Dada Mail -
Dada Mail is on Github:
https://github.com/justingit/dada-mail/
If you would like to fork, branch, send over PRs, open up issues, etc.
Privacy Policy:
This Privacy Policy is for this mailing list, and this mailing list only.
Email addresses collection through this mailing list are used explicitly to work within this email discussion list.
We only collect email addresses through our Closed-Loop Opt-In system.
We don't use your email address for any other purpose.
We won't be sharing your email address with any other entity.
Unsubscription can be done at any time. Please contact us at: justin@dadamailproject.com for any help regarding your subscription, including removal from the mailing list.
All mailing list messages sent from us will include a subscription removal link, which will allow you to remove yourself from this mailing list automatically, and permanently.
All consent to use your email address for any other purpose stated at the time of the mailing list subscription will also be revoked upon mailing list removal.