Re: klecker mirror checker

To: debian-mirrors@lists.debian.org
Subject: Re: klecker mirror checker
From: "Ricardo Yanez" <ricardo.yanez@calel.org>
Date: Fri, 11 Jul 2008 09:37:49 -0400 (EDT)
Message-id: <[🔎] 60449.129.79.153.36.1215783469.squirrel@webmail.calel.org>
In-reply-to: <[🔎] 20080710213157.GA24120@orion.carnet.hr>
References: <[🔎] 34122.68.76.217.74.1215646066.squirrel@webmail.calel.org> <[🔎] 20080710213157.GA24120@orion.carnet.hr>

> On Wed, Jul 09, 2008 at 07:27:46PM -0400, Ricardo Yanez wrote:
>> We were recently forced to password protect
>> rsync://ftp.cl.debian.org/debian after two exploits to the pool/ that
>> infuriated our sponsor.
>
> Erh, you had exploits to the pool? Of what kind?
>

of the most simple kind; an unknown IP downloading the entire pool,
clogging  a switch managed by the computing department. This happened
twice within the last 30 days, different IPs, no reverse lookup. I'm
myself not convinced it was a malicious attempt, but the mentioned
switch, which serves many other servers, got swamped by the intense
traffic. The computing department (over)reacted strongly. We responded
by password protecting the rsync port since there were talks about
shaping the traffic to the server, which would be unfortunate.

Ricardo

Reply to:

Follow-Ups:
- Re: klecker mirror checker
  - From: Josip Rodin <joy@entuzijast.net>
- Re: klecker mirror checker
  - From: Joerg Jaspert <joerg@debian.org>

References:
- klecker mirror checker
  - From: "Ricardo Yanez" <ricardo.yanez@calel.org>
- Re: klecker mirror checker
  - From: Josip Rodin <joy@entuzijast.net>

Prev by Date: Re: klecker mirror checker
Next by Date: Re: klecker mirror checker
Previous by thread: Re: klecker mirror checker
Next by thread: Re: klecker mirror checker
Index(es):
- Date
- Thread