[Dxspider-support] Security problem

Mike McCarthy, W1NR lists at w1nr.net
Thu Mar 31 19:48:24 BST 2005


The original AK1A cluster as I recall would simply increment your SSID if
you got dropped and logged in again.  This happened quite a bit during
contests on VHF 1200 baud packet.  At the very least, there should be some
sort of "lock" that does not allow nodes and the cluster operator call sign
to be bumped.

Yes I got the IP address and traced it to APNIC (Asia Pacific region).  It
is in my firewall to get dropped.  Considering the number of "attacks"
logged by my firewall from IP addresses in this region, I am tempted to
block the entire 61 network at my firewall.

Mike, W1NR
 

-----Original Message-----
From: dxspider-support-bounces at dxcluster.org
[mailto:dxspider-support-bounces at dxcluster.org] On Behalf Of Ian J Maude
Sent: Thursday, March 31, 2005 1:21 PM
To: The DXSpider Support list
Subject: Re: [Dxspider-support] Security problem

On Thu, 2005-03-31 at 11:26 -0500, Mike McCarthy, W1NR wrote:
> Yesterday someone, either deliberately or accidentally, succeeded in 
> disconnecting my console login and my main node feeds by logging in as 
> those call signs.  I just discovered that the build I am running, 
> 59.34, bumps existing users AND NODES off of the cluster should a 
> duplicate login be performed with that call sign.  This should be 
> prevented somehow as it opens the entire community to abuse.  It never
allowed this before.
Dirk made this change under a LOT of pressure to do so from sysops on this
list.  The opposite was that if a user lost connection, he/she could not
login again for up to 15 minutes.  Did you capture the IP address of the
culprit?  If you can, ban his address.

Ian

--
Ian Maude G0VGS Morecambe Lancs UK | ian at gb7mbc.net Sysop of GB7MBC, the
Morecambe Bay Cluster Running Linux and DXSpider | K2 #4044

DX and Cluster forums at http://www.gb7mbc.net/forum/


_______________________________________________
Dxspider-support mailing list
Dxspider-support at dxcluster.org
http://www.tobit.co.uk/mailman/listinfo/dxspider-support




More information about the Dxspider-support mailing list