1 |
On Sat, Aug 04, 2007 at 01:01:11AM +0300, Philipp Riegger wrote: |
2 |
> On Fri, 2007-08-03 at 12:48 -0700, Drake Wyrm wrote: |
3 |
> > It's not a vulnerability in Rules du Jour. It's a bunch of spammers |
4 |
> > attacking the Rules du Jour servers and ISP. SARE has also been down a |
5 |
> > whole bunch over the last couple of months due to the same attack. |
6 |
> Which will probably never happen to gentoo, because of the rather bg |
7 |
> mirroring system. So, would it be possible to host daily (or hourly) |
8 |
> snapshots of these rule files (or something like that) and tell the |
9 |
> world that we do so and that they can download these in the nightly |
10 |
> cronjob? That migth solve a problem and i don't see it becoming a |
11 |
> problem for the gentoo mirror infrastructure. |
12 |
This doesn't solve the problem at all. |
13 |
|
14 |
We still need to get the rules from upstream, and the DDoS is against |
15 |
upstream. Really, just move to using sa-update instead. It has the |
16 |
IDENTICAL rulesets, but the update-needed checks are preformed via DNS |
17 |
instead of an HTTP operation. |
18 |
|
19 |
-- |
20 |
Robin Hugh Johnson |
21 |
Gentoo Linux Developer & Council Member |
22 |
E-Mail : robbat2@g.o |
23 |
GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 |