Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include internal spam fighting tools in scripts/obfi.py #9055

Closed
cdrini opened this issue Apr 9, 2024 · 1 comment · Fixed by #9366
Closed

Include internal spam fighting tools in scripts/obfi.py #9055

cdrini opened this issue Apr 9, 2024 · 1 comment · Fixed by #9366
Assignees
@scottbarnes
Labels
Affects: Admin/Maintenance Issues relating to support scripts, bots, cron jobs and admin web pages. [managed] Lead: @cdrini Issues overseen by Drini (Staff: Team Lead & Solr, Library Explorer, i18n) [managed] Priority: 2 Important, as time permits. [managed]
Milestone
Sprint 2024-06

Comments

@cdrini
Copy link
Collaborator

cdrini commented Apr 9, 2024
edited

@samuel-archive has developed a set of script to help with spam fighting, but which currently exist kind of in the ether nowhere. These tools don't include any sensitive info, so let's include these files in this repo so we can more easily use them.
@cdrini cdrini added Affects: Admin/Maintenance Issues relating to support scripts, bots, cron jobs and admin web pages. [managed] Priority: 2 Important, as time permits. [managed] Lead: @cdrini Issues overseen by Drini (Staff: Team Lead & Solr, Library Explorer, i18n) [managed] labels Apr 9, 2024
@cdrini cdrini added this to the Sprint 2024-04 milestone Apr 9, 2024
@mekarpeles mekarpeles added the Needs: Detail Submitter needs to provide more detail for this issue to be assessed (see comments). [managed] label May 10, 2024
@mekarpeles
Copy link
Member

Currently https://github.com/internetarchive/openlibrary/wiki/Disaster-Recovery-&-Immediate-Response#handling-abuse--ddos-denial-of-service-attack breaks nginx because (a) the anonymization of IPs and also (b) because it moves the IP to the beginning of the log.

The work-around is using tcpdump and Sam's 3 scripts (mktable, reverse, shownames)

Immediate next steps

  1. Move Sam's scripts into /openlibrary/scripts/detect_ip_abuse
  2. Update docs to reference this process, e.g.
ssh -A ol-www0 # SSL termination
tcpdump -i eth0 -n dst --port 80 |  ...

@mekarpeles mekarpeles removed the Needs: Detail Submitter needs to provide more detail for this issue to be assessed (see comments). [managed] label May 10, 2024
@scottbarnes scottbarnes mentioned this issue May 30, 2024
Merged
@scottbarnes scottbarnes mentioned this issue Jun 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@scottbarnes scottbarnes

Labels
Affects: Admin/Maintenance Issues relating to support scripts, bots, cron jobs and admin web pages. [managed] Lead: @cdrini Issues overseen by Drini (Staff: Team Lead & Solr, Library Explorer, i18n) [managed] Priority: 2 Important, as time permits. [managed]
Projects
None yet
Milestone
Sprint 2024-06
Development

Successfully merging a pull request may close this issue.

Add internal spam fighting scripts scottbarnes/openlibrary
3 participants
@mekarpeles @cdrini @scottbarnes