 |
|
| uk.sci.weather (UK Weather) (uk.sci.weather) For the discussion of daily weather events, chiefly affecting the UK and adjacent parts of Europe, both past and predicted. The discussion is open to all, but contributions on a practical scientific level are encouraged. |
| Reply |
|
|
LinkBack | Thread Tools | Display Modes |
|
#11
February 21st 05, 06:53 PM
posted to uk.sci.weather
|
|||
|
|||
OT Bombing attack
Geoff F. wrote:
As I understand it, on Mon, 21 Feb 2005 17:31:20 +0000, cupra reported this: Although some may see this as responding to the attacker and hence making it worse, I've had a look and some other uk groups have experienced attacks recently and thought I'd post my observations: - They seem to start soon after 9am and end around 5pm. - The attacker will be monitoring posts and modifies his/her bot to get around message rules (keywords/message length/size etc) - The from field seems to repeat so it may be possible to block senders successfully to reduce the volume (although he/she may add more) - news.individual.net seems to quickly block messages on their server so disruption is kept to a minimum - the attack seems to last for 2/3 days, so expect more disruption By the looks of it if this ng 'toughs it out' the attack will end. p.s Does anyone know of a good filter add on for OE users? FYI: these are Hipcrime bots flooding the newsgroup. http://c2.com/cgi/wiki?HipcrimeFloods It's possible the headers are forgeries. http://www.geocities.com/hcfaq/ Who is Hipcrime? http://www.killfile.org/dungeon/why/hipcrime.html HTH. If the flood originates in the EU, is there anything the authorities can do? |
|
#12
February 21st 05, 06:53 PM
posted to uk.sci.weather
|
|||
|
|||
|
OT Bombing attack
Geoff F. wrote:
As I understand it, on Mon, 21 Feb 2005 17:31:20 +0000, cupra reported this: Although some may see this as responding to the attacker and hence making it worse, I've had a look and some other uk groups have experienced attacks recently and thought I'd post my observations: - They seem to start soon after 9am and end around 5pm. - The attacker will be monitoring posts and modifies his/her bot to get around message rules (keywords/message length/size etc) - The from field seems to repeat so it may be possible to block senders successfully to reduce the volume (although he/she may add more) - news.individual.net seems to quickly block messages on their server so disruption is kept to a minimum - the attack seems to last for 2/3 days, so expect more disruption By the looks of it if this ng 'toughs it out' the attack will end. p.s Does anyone know of a good filter add on for OE users? FYI: these are Hipcrime bots flooding the newsgroup. http://c2.com/cgi/wiki?HipcrimeFloods It's possible the headers are forgeries. http://www.geocities.com/hcfaq/ Who is Hipcrime? http://www.killfile.org/dungeon/why/hipcrime.html HTH. If the flood originates in the EU, is there anything the authorities can do? |
|
#13
February 21st 05, 06:53 PM
posted to uk.sci.weather
|
|||
|
|||
|
OT Bombing attack
Geoff F. wrote:
As I understand it, on Mon, 21 Feb 2005 17:31:20 +0000, cupra reported this: Although some may see this as responding to the attacker and hence making it worse, I've had a look and some other uk groups have experienced attacks recently and thought I'd post my observations: - They seem to start soon after 9am and end around 5pm. - The attacker will be monitoring posts and modifies his/her bot to get around message rules (keywords/message length/size etc) - The from field seems to repeat so it may be possible to block senders successfully to reduce the volume (although he/she may add more) - news.individual.net seems to quickly block messages on their server so disruption is kept to a minimum - the attack seems to last for 2/3 days, so expect more disruption By the looks of it if this ng 'toughs it out' the attack will end. p.s Does anyone know of a good filter add on for OE users? FYI: these are Hipcrime bots flooding the newsgroup. http://c2.com/cgi/wiki?HipcrimeFloods It's possible the headers are forgeries. http://www.geocities.com/hcfaq/ Who is Hipcrime? http://www.killfile.org/dungeon/why/hipcrime.html HTH. If the flood originates in the EU, is there anything the authorities can do? |
|
#14
February 21st 05, 07:02 PM
posted to uk.sci.weather
|
|||
|
|||
|
OT Bombing attack
As I understand it, on Mon, 21 Feb 2005 18:53:07 +0000, cupra reported
this: Geoff F. wrote: As I understand it, on Mon, 21 Feb 2005 17:31:20 +0000, cupra reported this: Although some may see this as responding to the attacker and hence making it worse, I've had a look and some other uk groups have experienced attacks recently and thought I'd post my observations: - They seem to start soon after 9am and end around 5pm. - The attacker will be monitoring posts and modifies his/her bot to get around message rules (keywords/message length/size etc) - The from field seems to repeat so it may be possible to block senders successfully to reduce the volume (although he/she may add more) - news.individual.net seems to quickly block messages on their server so disruption is kept to a minimum - the attack seems to last for 2/3 days, so expect more disruption By the looks of it if this ng 'toughs it out' the attack will end. p.s Does anyone know of a good filter add on for OE users? FYI: these are Hipcrime bots flooding the newsgroup. http://c2.com/cgi/wiki?HipcrimeFloods It's possible the headers are forgeries. http://www.geocities.com/hcfaq/ Who is Hipcrime? http://www.killfile.org/dungeon/why/hipcrime.html HTH. If the flood originates in the EU, is there anything the authorities can do? It's hard to say *where* they are originating from, & what authorities are you referring to? |
|
#15
February 21st 05, 07:02 PM
posted to uk.sci.weather
|
|||
|
|||
|
OT Bombing attack
As I understand it, on Mon, 21 Feb 2005 18:53:07 +0000, cupra reported
this: Geoff F. wrote: As I understand it, on Mon, 21 Feb 2005 17:31:20 +0000, cupra reported this: Although some may see this as responding to the attacker and hence making it worse, I've had a look and some other uk groups have experienced attacks recently and thought I'd post my observations: - They seem to start soon after 9am and end around 5pm. - The attacker will be monitoring posts and modifies his/her bot to get around message rules (keywords/message length/size etc) - The from field seems to repeat so it may be possible to block senders successfully to reduce the volume (although he/she may add more) - news.individual.net seems to quickly block messages on their server so disruption is kept to a minimum - the attack seems to last for 2/3 days, so expect more disruption By the looks of it if this ng 'toughs it out' the attack will end. p.s Does anyone know of a good filter add on for OE users? FYI: these are Hipcrime bots flooding the newsgroup. http://c2.com/cgi/wiki?HipcrimeFloods It's possible the headers are forgeries. http://www.geocities.com/hcfaq/ Who is Hipcrime? http://www.killfile.org/dungeon/why/hipcrime.html HTH. If the flood originates in the EU, is there anything the authorities can do? It's hard to say *where* they are originating from, & what authorities are you referring to? |
|
#16
February 21st 05, 07:02 PM
posted to uk.sci.weather
|
|||
|
|||
|
OT Bombing attack
As I understand it, on Mon, 21 Feb 2005 18:53:07 +0000, cupra reported
this: Geoff F. wrote: As I understand it, on Mon, 21 Feb 2005 17:31:20 +0000, cupra reported this: Although some may see this as responding to the attacker and hence making it worse, I've had a look and some other uk groups have experienced attacks recently and thought I'd post my observations: - They seem to start soon after 9am and end around 5pm. - The attacker will be monitoring posts and modifies his/her bot to get around message rules (keywords/message length/size etc) - The from field seems to repeat so it may be possible to block senders successfully to reduce the volume (although he/she may add more) - news.individual.net seems to quickly block messages on their server so disruption is kept to a minimum - the attack seems to last for 2/3 days, so expect more disruption By the looks of it if this ng 'toughs it out' the attack will end. p.s Does anyone know of a good filter add on for OE users? FYI: these are Hipcrime bots flooding the newsgroup. http://c2.com/cgi/wiki?HipcrimeFloods It's possible the headers are forgeries. http://www.geocities.com/hcfaq/ Who is Hipcrime? http://www.killfile.org/dungeon/why/hipcrime.html HTH. If the flood originates in the EU, is there anything the authorities can do? It's hard to say *where* they are originating from, & what authorities are you referring to? |
|
#17
February 21st 05, 07:02 PM
posted to uk.sci.weather
|
|||
|
|||
|
OT Bombing attack
As I understand it, on Mon, 21 Feb 2005 18:53:07 +0000, cupra reported
this: Geoff F. wrote: As I understand it, on Mon, 21 Feb 2005 17:31:20 +0000, cupra reported this: Although some may see this as responding to the attacker and hence making it worse, I've had a look and some other uk groups have experienced attacks recently and thought I'd post my observations: - They seem to start soon after 9am and end around 5pm. - The attacker will be monitoring posts and modifies his/her bot to get around message rules (keywords/message length/size etc) - The from field seems to repeat so it may be possible to block senders successfully to reduce the volume (although he/she may add more) - news.individual.net seems to quickly block messages on their server so disruption is kept to a minimum - the attack seems to last for 2/3 days, so expect more disruption By the looks of it if this ng 'toughs it out' the attack will end. p.s Does anyone know of a good filter add on for OE users? FYI: these are Hipcrime bots flooding the newsgroup. http://c2.com/cgi/wiki?HipcrimeFloods It's possible the headers are forgeries. http://www.geocities.com/hcfaq/ Who is Hipcrime? http://www.killfile.org/dungeon/why/hipcrime.html HTH. If the flood originates in the EU, is there anything the authorities can do? It's hard to say *where* they are originating from, & what authorities are you referring to? |
|
#18
February 21st 05, 07:08 PM
posted to uk.sci.weather
|
|||
|
|||
|
OT Bombing attack
Geoff F. wrote:
As I understand it, on Mon, 21 Feb 2005 18:53:07 +0000, cupra reported this: Geoff F. wrote: As I understand it, on Mon, 21 Feb 2005 17:31:20 +0000, cupra reported this: Although some may see this as responding to the attacker and hence making it worse, I've had a look and some other uk groups have experienced attacks recently and thought I'd post my observations: - They seem to start soon after 9am and end around 5pm. - The attacker will be monitoring posts and modifies his/her bot to get around message rules (keywords/message length/size etc) - The from field seems to repeat so it may be possible to block senders successfully to reduce the volume (although he/she may add more) - news.individual.net seems to quickly block messages on their server so disruption is kept to a minimum - the attack seems to last for 2/3 days, so expect more disruption By the looks of it if this ng 'toughs it out' the attack will end. p.s Does anyone know of a good filter add on for OE users? FYI: these are Hipcrime bots flooding the newsgroup. http://c2.com/cgi/wiki?HipcrimeFloods It's possible the headers are forgeries. http://www.geocities.com/hcfaq/ Who is Hipcrime? http://www.killfile.org/dungeon/why/hipcrime.html HTH. If the flood originates in the EU, is there anything the authorities can do? It's hard to say *where* they are originating from, & what authorities are you referring to? UK Police.... (*Computer misuse act ) - not sure how it covers spam, but this seems more of a DOS attack (in that it's making the ng unusable for some) |
|
#19
February 21st 05, 07:08 PM
posted to uk.sci.weather
|
|||
|
|||
|
OT Bombing attack
Geoff F. wrote:
As I understand it, on Mon, 21 Feb 2005 18:53:07 +0000, cupra reported this: Geoff F. wrote: As I understand it, on Mon, 21 Feb 2005 17:31:20 +0000, cupra reported this: Although some may see this as responding to the attacker and hence making it worse, I've had a look and some other uk groups have experienced attacks recently and thought I'd post my observations: - They seem to start soon after 9am and end around 5pm. - The attacker will be monitoring posts and modifies his/her bot to get around message rules (keywords/message length/size etc) - The from field seems to repeat so it may be possible to block senders successfully to reduce the volume (although he/she may add more) - news.individual.net seems to quickly block messages on their server so disruption is kept to a minimum - the attack seems to last for 2/3 days, so expect more disruption By the looks of it if this ng 'toughs it out' the attack will end. p.s Does anyone know of a good filter add on for OE users? FYI: these are Hipcrime bots flooding the newsgroup. http://c2.com/cgi/wiki?HipcrimeFloods It's possible the headers are forgeries. http://www.geocities.com/hcfaq/ Who is Hipcrime? http://www.killfile.org/dungeon/why/hipcrime.html HTH. If the flood originates in the EU, is there anything the authorities can do? It's hard to say *where* they are originating from, & what authorities are you referring to? UK Police.... (*Computer misuse act ) - not sure how it covers spam, but this seems more of a DOS attack (in that it's making the ng unusable for some) |
|
#20
February 21st 05, 07:08 PM
posted to uk.sci.weather
|
|||
|
|||
|
OT Bombing attack
Geoff F. wrote:
As I understand it, on Mon, 21 Feb 2005 18:53:07 +0000, cupra reported this: Geoff F. wrote: As I understand it, on Mon, 21 Feb 2005 17:31:20 +0000, cupra reported this: Although some may see this as responding to the attacker and hence making it worse, I've had a look and some other uk groups have experienced attacks recently and thought I'd post my observations: - They seem to start soon after 9am and end around 5pm. - The attacker will be monitoring posts and modifies his/her bot to get around message rules (keywords/message length/size etc) - The from field seems to repeat so it may be possible to block senders successfully to reduce the volume (although he/she may add more) - news.individual.net seems to quickly block messages on their server so disruption is kept to a minimum - the attack seems to last for 2/3 days, so expect more disruption By the looks of it if this ng 'toughs it out' the attack will end. p.s Does anyone know of a good filter add on for OE users? FYI: these are Hipcrime bots flooding the newsgroup. http://c2.com/cgi/wiki?HipcrimeFloods It's possible the headers are forgeries. http://www.geocities.com/hcfaq/ Who is Hipcrime? http://www.killfile.org/dungeon/why/hipcrime.html HTH. If the flood originates in the EU, is there anything the authorities can do? It's hard to say *where* they are originating from, & what authorities are you referring to? UK Police.... (*Computer misuse act ) - not sure how it covers spam, but this seems more of a DOS attack (in that it's making the ng unusable for some) |
| Reply |
| Thread Tools | Search this Thread |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Forum | |||
| email attack? | uk.sci.weather (UK Weather) | |||
| TWO's "Lazy Wind" takes a snipe at the Left in attack on Damien! | uk.sci.weather (UK Weather) | |||
| Flood Bombing | uk.sci.weather (UK Weather) | |||
| [OT] ng under attack???? | uk.sci.weather (UK Weather) | |||
| it will attack sharp lemons, do you fill them | uk.sci.weather (UK Weather) | |||
Linear Mode
