Someone appears to have implemented an interesting public service bot that may demonstrate a potential attack.

Overnight, someone opened an account on my server to advertise a gambling website. I suspend these account types every morning.

But, this morning I saw a report about the account, which surprised me, since the offending account hadn't posted anything. Why would anyone have seen it?

The report was placed by a bot, @mastodon.internal.

If this is a bot that finds scam/spam accounts, it is helpful. But, I didn't know bots could open reports and this is what bothers me.

Can a bot open countless reports as a DOS attack against a server?

Is there anyone who can comment on this?

#Mastoadmin #Mastodev #bot #DOS #DDOS #fediverse



Do you happen to know how reporting works with the protocol? Is it part of the protocol, or something added on, or is it part of the protocol but just transmitted through a standard bit of content addressed to the admin?

I’d go look it up myself but I am on my phone right now, so I’d be interested if you happen to know.


Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.