[SAC] Re-enable LDAP user creation
Alex Mandel
tech_dev at wildintellect.com
Mon May 9 07:49:37 PDT 2016
On 05/09/2016 07:38 AM, Sandro Santilli wrote:
> On Mon, May 09, 2016 at 07:34:14AM -0700, Alex Mandel wrote:
>> I was thinking of something that might be rather impossible for humans
>> sitting in the same room over a shared ip or same computer.
>> Like more than 2-3 in 30 seconds (should take people that long to fill
>> out the form and click the box)
>
> 2-3 in 30 seconds never happened during the spam storm, as far as I
> can tell, so it would block nothing.
>
Ya was wondering, thanks for checking.
>> My chart of actual user creation matches your analysis of the logs.
>
> Great.
>
>> Go ahead and re-enable the registration, and we'll just have to keep an
>> eye on it, and possibly adjust the rules.
>
> It's enabled now, we got 5 new registered users, 2 of which have
> the _same_ email (something else to disallow?).
>
Well not until we have a password reset. I could see kicking back the
form, saying - you've already registered.
> See:
>
> ldapsearch -x "(&(createTimestamp>=20160509000000Z))"
>
Ya I'm wondering if we should run a daily report, or hourly, that emails
SAC or at least the main admins if more than x number of accounts have
been made in the last hour (maybe 20). Since that would be a good sign
of bulk registration. This would use the ldapsearch above...
>> How long does the ban last?
>
> The ban is 1 hour.
>
> --strk;
>
Thanks,
Alex
More information about the Sac
mailing list