#1 2007-09-21 08:54:18

**_daminsky_**

Meeting Attack

We recently had a group of people from an 'Internent Hate Machine' like website, attack one of our meeting rooms.  The meeting room was set to only allow registered users and accepted guests.  The problem was that we had hundreds of users try to enter the meeting room as guests.  This was a major interruption to the meeting. Once we knew all of the registered users were in the meeting, we were able to lock the meeting, but a couple of the registered users accidentally closed the meeting room, and then they couldn't get back in.

It would be great if there was an option to not even allow guests to request access to a Connect Meeting room.

-Damon

**_Jorma_at_RealEyes_**

Re: Meeting Attack

The best soultion is going to be sending the URL for the meeting out via email or something similar so that the URL is not publicly posted on the internet.

If the 'Internet Hate Machine' like groups can't find your URL, then they will leave you alone.

Jorma_at_RealEyes

**_daminsky_**

Re: Meeting Attack

We do encourage faculty to use our Course Management System, where everything is password-protected.  However, some faculty use their own public websites for course content. 

Unfortunately, in one of the cases, it appeared as though a student in the class actually posted the URL and asked that people disrupt the meeting.

**_Jorma_at_RealEyes_**

Re: Meeting Attack

Yeah,

Its almost impossible to prevent problems if someone within the system has a malicious intent. If a student wanted to have the class disrupted then they will find a way to make it happen.

Blocking access to the room is the best way to prevent this in the future. You did what you could.

Jorma

**_michael_**

Re: Meeting Attack

If its a licensed deployment, you also have the option of identifying the source IP addresses, and setting up a rule with your firewall to block it in the future (of course, the "hate machine" will probably find other options).

Peace out... ;)