[JDEV] Filling public server's disk?
Bart van Bragt
jabber at vanbragt.com
Wed Jan 7 18:41:49 CST 2004
IMO it would be smart to review current default config of the Jabber
servers out there.
The defaults for the jabber servers are really nice for the Jabber
network that contained a bunch of geeks that are interested in the
technology but at the moment we have lots and lots of
clueless/bored/insane teenagers on the network. Just checkout
jdev at conference.jabber.org, really creepy people there some of the time :D
Jabber is getting bigger so IMO we can't sustain this 'freedom for all,
everyone can be trusted' mentality. This <iq type="set"> is a nice
example but the same goes for roster size, connection rates and (IMO the
potential nr1 problem) 0.1 second registration of new accounts.
It takes approx 5 minutes to write a script that creates thousands and
thousands of new accounts on a server that has inband registration
enabled (all the public servers).
With a bit of luck this won't happen in the next few months but if it
happens when Jabber is massively gaining popularity then it will become
a _big_ problem for Jabber/XMPP, especially when it comes to the
perception of the stability/security of Jabber/XMPP.
Jesper Krogh wrote:
> Is there currently any limitations on Jabberd handling of peoples
> xml-file.
Bart
More information about the JDev
mailing list