Path: csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!feeder.erje.net!eu.feeder.erje.net!eternal-september.org!feeder.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Nikos Newsgroups: comp.lang.python Subject: Re: Self-defence Date: Sun, 17 Nov 2013 19:16:34 +0200 Organization: A noiseless patient Spider Lines: 63 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Date: Sun, 17 Nov 2013 17:16:34 +0000 (UTC) Injection-Info: mx05.eternal-september.org; posting-host="c267299e8f71f5f77ebb4480f9ea687a"; logging-data="9216"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18zMT3lFU0RF3rZPJqsvKhl" User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0 In-Reply-To: Cancel-Lock: sha1:4GAEMWwNByFySIU6rDw5Qpg6SUg= Xref: csiph.com comp.lang.python:59764 Στις 17/11/2013 7:09 μμ, ο/η Zero Piraeus έγραψε: > : > > Note: I drafted a version of this post earlier today. I had been waiting > to see whether Nikos succeeded in baiting the list into yet another > round of unpleasantness before sending it, because I didn't want to > worsen the situation, but at this point things are completely out of > hand, and even what looks like a consensus attempt to ignore Nikos out > of existence is > > a) failing: I count eighteen emails so far today. > > b) going to lead casual visitors to assume either that we ignore > requests for help or that the list is Nikos' personal echo chamber. > > At this point I consider Nikos' actions a conscious attack on the list. > There is simply no way, after the many times he's been told not to > repost, that this is anything other than a direct and deliberate attempt > to annoy as many people as he can. > > That being the case, I'd like to know whether there are technical > measures that can be taken to prevent him from posting here. > > I understand that the mail/news gateway might complicate that, and that > any measures taken could be bypassed by someone with sufficient skill. I > suspect that in this particular case the latter issue is less relevant > than it might otherwise be. > > I don't believe that killfiles are a sufficient response in this > situation. > > I can, of course, stop Nikos' posts reaching me, and without too much > hassle also stop replies to his posts reaching me. He would, however, > continue to pollute the list in public, and his posts, whether replied > to or not at the volume he's now sending them, would continue to damage > the reputation of the list and, ultimately, I think possibly kill it. > > This is a last-ditch request, and not one I particularly expect to > succeed, but I honestly can't stand to watch this happen to python-list > for very much longer, and am very close to unsubscribing after six years > as an admittedly not very active member. > > -[]z. > Is this your doing? [18:03:55 secure root@4385109 /lib64]cPs# ls -al |grep libkey lrwxrwxrwx 1 root root 20 Jun 22 2012 libkeyutils.so.1 -> libkeyutils.so.1.3.0* -rwxr-xr-x 1 root root 10192 Jun 22 2012 libkeyutils.so.1.3* -rwxr-xr-x 1 root root 32920 Jun 22 2012 libkeyutils.so.1.3.0* [18:03:57 secure root@4385109 /lib64]cPs# rpm -qf libkeyutils.so.1.3.0 file /lib64/libkeyutils.so.1.3.0 is not owned by any package It appears that my server has been compromised with a malicious payload designed to sniff for and steal server passwords. I'am sure this is your doing Zero Piraeus. -- What is now proved was at first only imagined!