Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
aysiu
Not frequently, but we just had an attack two hours ago. That new (or old) poster has been banned and the posts have been jailed.
I didn't realize there'd been more.
In any case, it's an old prank, and the chuckleheads will always come back with it, so my note is now permanent. Plus, I'm generally in favor of encouraging people to understand the commands they're given.
Re: Join the fight against malicious commands given to new users
Ooops, i took mine off as i thought it was over. I have now put it back on and will leave it there.
Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
jflaker
Can't the offenders be reported to their ISP as it seems that banning is only temporary until they get a new IP assigned.
They are most likely using proxies, so they have a nearly inexhaustible number of IP addresses, and they're not going to be traceable to the real ISP.
Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
santiagoward2000
Hi!
I was just thinking: Isn't there any way to filter all messages containing these commands, so a moderator can read them before they are posted?
Seems like an excessive burden on the mods, particularly considering that rm -options is such a useful command....
Re: Join the fight against malicious commands given to new users
Ok, I am seriously not trying to play devils advocate here, but I think that making the rm command this taboo thing in bold saying never sudo rm -rf anything is counterproductive. Rather, why don't you promote man pages. Like.. for ANY command you see on ANY internet site, check the man pages BEFORE you execute it.
rm is only dangerous if you don't know what you are doing. Don't scare absolute beginners with rm -rf. Teach them how to use rm safely!
Re: Join the fight against malicious commands given to new users
The moderators are talking about what to do.
When possible, we do an IP ban, but if it's a dynamic IP and by proxy, it's a bit harder to do it that way.
Also, we figure there are ways to give users other malicious commands if we put a language filter on sudo rm -rf /.
Right now, user education appears to be the best way to go.
Thank you all for participating.
Re: Join the fight against malicious commands given to new users
I fell victim to it... and was told it was a compiz update.
Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
aysiu
The moderators are talking about what to do.
When possible, we do an IP ban, but if it's a dynamic IP and by proxy, it's a bit harder to do it that way.
Also, we figure there are ways to give users other malicious commands if we put a language filter on sudo rm -rf /.
Right now, user education appears to be the best way to go.
Thank you all for participating.
can't people just change ip? i mean it's that simple.
Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
toupeiro
Ok, I am seriously not trying to play devils advocate here, but I think that making the rm command this taboo thing in bold saying never sudo rm -rf anything is counterproductive. Rather, why don't you promote man pages. Like.. for ANY command you see on ANY internet site, check the man pages BEFORE you execute it.
rm is only dangerous if you don't know what you are doing. Don't scare absolute beginners with rm -rf. Teach them how to use rm safely!
No, that's a good point, but at least the simple warning can lead to a conversation that educates.
For example...
A: I can't delete this item from my trash can
B: Try pasting this command in the terminal: sudo rm -rf ~/.Trash/*
A: But your signature says never to sudo rm -rf anything...?
B: That's because we have had some malicious trolls asking new users to delete their entire hard drives. sudo rm -rf means to remove with administrative privileges recursively and with force. In this case, we are doing so only for your trash (not the entire installation)
C: What user B is saying is true. You may also want to read the manual for rm to get a better idea of how it's used: man rm
A: Okay. Now I get it.
Re: Join the fight against malicious commands given to new users
Quote:
Originally Posted by
toupeiro
rm is only dangerous if you don't know what you are doing. Don't scare absolute beginners with rm -rf. Teach them how to use rm safely!
My note partially reflects what you're saying, but I don't agree with the above at all. "rm -rf" is also dangerous if you know exactly what you're doing, but happen to insert a space after a slash . . . no ignorance required for the same effect.
Anyway, I can't recall a situation in which a beginner's problem required "rm" as a solution. If you have a config file that needs to be removed, it's usually better to say:
Code:
sudo mv config.conf config.conf.bak
Just one example.