Protecting Your Online Discussion Forum

Protection of large forums is the focus of this talk

Various issues -
	Traiditional explots
	cross site scripting
	DOS
	Spam
	Blending HTML
	bad comments (unhelpful)

Crapflooding against MT, or against /.  Automated scripts
Examples of MT and LJ flooders

General principles
	In a sense, its a game.
Know your goal, your enemies
Focus on the reader experience, but don't totally hurt the writers
Pick your battles.  Make the attacker an invested participant, or someone who may lose something as well.  IP blocking is more powerful than one thinks.
Apply sludge.

Specific attacks
	Make the attack expensive, via time.  But can't inhibit real issues.  Be sure to close out old discussions.
	Can get lists of open proxies.  Get these, and test these.