[Clipart] Re: openclipart.org hacked? what happened???

Jon Phillips jon at rejon.org
Tue Feb 28 00:52:37 PST 2006 

On Tue, 2006-02-28 at 10:46 +0200, Nicu Buculei wrote:
> Jon Phillips wrote:
> > 
> > Actually, the site is down, as I just found out, because pdx saw that
> > our site was peaking out over 2-3 days from too many downloads and they
> > thought it is/was possibly serving warez so they shut down. Daniel Stone
> > is looking into...
> 
> Can we convince them somehow the next time our website will be blocked 
> to inform us somehow, bugzilla, email, so we can investigate the problem 
> in a reasonable time? Even informing after the fact is better than the 
> current situation, when we find this by trial and error one week later.

Yes, we need to do this...it is frustrating to get blocked like
this...arg.

> > You all can help by looking through the log file and seeing what the
> > deal. I'm hopeful that someone is either: a.) downloading from us in
> > bulk b.) a bot is downloading in bulk
> 
> I browsed *all* the subdirectories under clipart_web and i am pretty 
> confident there is nothing looking like warez - i.e. large files 
> (usually in an archived format, rar or zip, nor mp3, avi, mpg)
> 
> A wild guess: is possible the increased traffic was due to cchost 
> serving instead of thumbnails full size images scaled from html? I guess 
> will should find out this by looking in the logs.

Yes, cchost has received a lot of hits, but we brought out the big guns
again (kees) and he found that there is a one person who is basically
trying to download our packages every 5-10 seconds which is equal to a
DDoS attack.

> > Anyhow, the log is viewable here:
> > 
> > /var/log/apache2/clipart.freedesktop.org-access.log.1
> 
> I asked more than once on this list if f.d.o. provides any log analyzer, 
> is situations like this such a tool would be useful, even if it is 
> something simple like Webalizer.

Cool, I asked for awstats to get installed so that we can do some
analysis on our logs...ideally, we should do this anyhow to track the
prroject.

Ok, I think Kees has solved this issue and now we are waiting for Daniel
Stone to get back to us with a status update.

Jon

-- 
Jon Phillips

San Francisco, CA
USA PH 510.499.0894
jon at rejon.org
http://www.rejon.org

MSN, AIM, Yahoo Chat: kidproto
Jabber Chat: rejon at gristle.org
IRC: rejon at irc.freenode.net

Inkscape (http://inkscape.org)
Open Clip Art Library (www.openclipart.org)
Creative Commons (www.creativecommons.org)
San Francisco Art Institute (www.sfai.edu)

More information about the clipart mailing list