XMPP Service Operators - 2024-04-22

  1. deimosBSD

    > deimosBSD, experienced then. What software do you use? prosody? for family/friend servers, i switched to snikket because it was so much easier, otherwise ejabberd at work and probably for public/open registration

  2. ij

    !info 5222.de

  3. f_

    there it is!

  4. f_

    Looks like XEP-0157 works now :)

  5. f_

    and I thought authbot no longer worked.. glad to be proven wrong.

  6. f_

    Hi all, has anyone tried using Slidge? If so then how's the experience and how easy is it to maintain?

  7. f_

    I'm considering hosting it, but I want to know what the drawbacks would be before doing so.

  8. f_

    I'm considering hosting it, but I want to know about the drawbacks before doing so.

  9. MSavoritias (fae,ve)

    is this jid known for abuse and such? -> brokenhunt@5222.de

  10. MSavoritias (fae,ve)

    was told its the person that did the invite spam earlier

  11. MattJ

    Not known to me

  12. admin

    MSavoritias (fae,ve): afaik he is a normal user. He had been messaging in some of my muc's.

  13. admin

    Only annoyance is double posting across multiple muc's

  14. MSavoritias (fae,ve)

    what did they post

  15. Licaon_Kter

    admin: set a proper nick pls, everyone is `admin` here

  16. MSavoritias (fae,ve)

    i am asking to see if there is pattern especially since they posted across group chats

  17. Loqi.im

    Licaon_Kter: my bad, I'm normally here as 'Strix' but had to switch accounts due to the channel being moderated

  18. Loqi.im

    > what did they post MSavoritias (fae,ve): something about sharing classified information to media outlets

  19. MSavoritias (fae,ve)

    right. same here. i also learned that the invite spam in the morning was coming from that server

  20. jonas’

    Polarian, no, having a proper abuse contact is good even if you are the only user. Consider that a service may be malfunctioning and being abused from the outside (common with services like DNS, for instance, less common with XMPP). It's good practice to have a human contact for things which do automated actions.

  21. ogechukwukamma

    Wasn't xmpp av stuff being abused a while back?

  22. ogechukwukamma

    Still ongoing?

  23. jonas’

    referring to the reflection abuse on STUN servers?

  24. ogechukwukamma

    Yes that

  25. jonas’

    I have monitoring for that for my own STUN server, but since I changed its port, it's been mostly quiet.

  26. jonas’

    I suspect that is kind of unavoidable as it's a flaw in the protocol

  27. jonas’

    (and/or a feature, like with DNS)

  28. moparisthebest

    jonas’: what kind of monitoring?

  29. jonas’

    moparisthebest, the specific attack wave back then had patterns clearly distinguishable from legitimate traffic

  30. jonas’

    I have nftables rules which count matching packets and I get emails when they increase significantly

  31. jonas’

    (and I think I also have "more packets/second than usual" alerts for both STUN and DNS)

  32. moparisthebest

    Are they in a shape you can share perhaps ?

  33. jonas’

    yes, not publicly though

  34. moparisthebest

    I'm still using iptables... Probably will have to rewrite everything one day :'(

  35. jonas’

    f_, authbot was indeed broken for a long time, we brought it back a while ago when things got messier here.

  36. f_