Stumpy (Apr 23 2009)

Message boards : Technical News : Stumpy (Apr 23 2009)
Message board moderation

To post messages, you must log in.

1 · 2 · Next

AuthorMessage
Profile Matt Lebofsky
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar

Send message
Joined: 1 Mar 99
Posts: 1444
Credit: 957,058
RAC: 0
United States
Message 887744 - Posted: 23 Apr 2009, 23:07:53 UTC

Today included more messing around with gnuplot and various web programming tasks. I also helped Dan format a pdflatex document. I'm kind of cursed with being really fast at working with these formatting markup languages, so such tasks get thrown onto the end of my work queue a lot.

I noticed we were having a network dip in the afternoon and found once again our web site was being DOS'ed. Somebody (or some robot) was scraping our site, completely ignoring our robots.txt file, etc. Quite infuriating. I wonder if it is officially unethical to make public IP addresses which exhibit this kind of foul behavior. The worrisome part is this kind of activity clobbers mysql (and thus the whole project), and last time this happened everything seemed to recover, and then the database crashed twice over the weekend. We shall see, I guess. It's recovering now.

- Matt

-- BOINC/SETI@home network/web/science/development person
-- "Any idiot can have a good idea. What is hard is to do it." - Jeanne-Claude
ID: 887744 · Report as offensive
Profile Blurf
Volunteer tester

Send message
Joined: 2 Sep 06
Posts: 8962
Credit: 12,678,685
RAC: 0
United States
Message 887747 - Posted: 23 Apr 2009, 23:09:26 UTC

Thanks, Matt!


ID: 887747 · Report as offensive
Profile Andrew Clayton
Avatar

Send message
Joined: 12 Apr 99
Posts: 7
Credit: 907,810
RAC: 0
United Kingdom
Message 887764 - Posted: 23 Apr 2009, 23:44:14 UTC - in response to Message 887744.  

A quick

# iptables -I INPUT -s $IP -j DROP

Will sort that out!

ID: 887764 · Report as offensive
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30593
Credit: 53,134,872
RAC: 32
United States
Message 887767 - Posted: 23 Apr 2009, 23:58:28 UTC - in response to Message 887744.  

I noticed we were having a network dip in the afternoon and found once again our web site was being DOS'ed. Somebody (or some robot) was scraping our site, completely ignoring our robots.txt file, etc. Quite infuriating. I wonder if it is officially unethical to make public IP addresses which exhibit this kind of foul behavior. The worrisome part is this kind of activity clobbers mysql (and thus the whole project), and last time this happened everything seemed to recover, and then the database crashed twice over the weekend. We shall see, I guess. It's recovering now.

- Matt

Thanks for the good work.

As to why you don't announce publicly, you are supposed to call the UC Police and report this person/robot for violating Penal Code 502, unauthorized use of a computer system. It is a felony.

That or maybe put a privacy statement up that such use will be publicly disclosed. Then you have given fair notice and the lawyers won't get upset. ;-)


ID: 887767 · Report as offensive
Profile jrusling
Avatar

Send message
Joined: 8 Sep 02
Posts: 37
Credit: 4,764,889
RAC: 0
United States
Message 887769 - Posted: 24 Apr 2009, 0:05:38 UTC - in response to Message 887744.  

I think their IP address should be fair game. Maybe some social pressure could be brought to bear.

http://boincstats.com/signature/-1/user/18390/sig.png
ID: 887769 · Report as offensive
Cosmic_Ocean
Avatar

Send message
Joined: 23 Dec 00
Posts: 3027
Credit: 13,516,867
RAC: 13
United States
Message 887776 - Posted: 24 Apr 2009, 0:25:31 UTC

I get portscans and attempted DOSes here at home quite often, and I just went in with iptables and blocked entire subnets. 99% of them originate from China. *shrug* It works fine here at home since I have no reason to access anything from China, and nobody from China has any reason to access me, but a worldwide project like this has to have careful consideration of IP or even subnet blocking.

I used to forward excerpts from the connection logs on the firewall to the various holders of subnets, but never got any responses and kept getting portscans from said IPs, so I just started blocking subnets. Problem solved.
Linux laptop:
record uptime: 1511d 20h 19m (ended due to the power brick giving-up)
ID: 887776 · Report as offensive
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30593
Credit: 53,134,872
RAC: 32
United States
Message 887818 - Posted: 24 Apr 2009, 4:03:25 UTC

Lovely when people on BOINC say SETI should be DOS'd
http://boinc.berkeley.edu/dev/forum_thread.php?id=3837&nowrap=true#24506


ID: 887818 · Report as offensive
Profile Virtual Boss*
Volunteer tester
Avatar

Send message
Joined: 4 May 08
Posts: 417
Credit: 6,440,287
RAC: 0
Australia
Message 887825 - Posted: 24 Apr 2009, 4:55:59 UTC - in response to Message 887818.  

Yeah. A great way to make enemies and (negatively) influence people.
ID: 887825 · Report as offensive
Richard Haselgrove Project Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 14644
Credit: 200,643,578
RAC: 874
United Kingdom
Message 887868 - Posted: 24 Apr 2009, 8:35:28 UTC - in response to Message 887818.  

Lovely when people on BOINC say SETI should be DOS'd
http://boinc.berkeley.edu/dev/forum_thread.php?id=3837&nowrap=true#24506

???? WTF ????

All that thread is is a secondary source of information (and, as always, some speculation) about the current state of the SETI project and possible causes of recent difficulties - accessible if and when the message boards here have to be taken down for remedial action.

The only mention of DOS attacks in the whole thread is in the message you linked - #24506. And all that is is a word-for-word backup copy of Matt's opening post in this thread - explaining what has already happened.

I fail to see how that translates into saying that people "should" do any such thing. I think an apology to Perryjay is in order.
ID: 887868 · Report as offensive
Profile tullio
Volunteer tester

Send message
Joined: 9 Apr 04
Posts: 8797
Credit: 2,930,782
RAC: 1
Italy
Message 887875 - Posted: 24 Apr 2009, 8:49:10 UTC - in response to Message 887868.  

Lovely when people on BOINC say SETI should be DOS'd
http://boinc.berkeley.edu/dev/forum_thread.php?id=3837&nowrap=true#24506

???? WTF ????

All that thread is is a secondary source of information (and, as always, some speculation) about the current state of the SETI project and possible causes of recent difficulties - accessible if and when the message boards here have to be taken down for remedial action.

The only mention of DOS attacks in the whole thread is in the message you linked - #24506. And all that is is a word-for-word backup copy of Matt's opening post in this thread - explaining what has already happened.

I fail to see how that translates into saying that people "should" do any such thing. I think an apology to Perryjay is in order.

Message 24506 was written by Dagorath and I have read it.
Tullio
ID: 887875 · Report as offensive
Profile Virtual Boss*
Volunteer tester
Avatar

Send message
Joined: 4 May 08
Posts: 417
Credit: 6,440,287
RAC: 0
Australia
Message 887878 - Posted: 24 Apr 2009, 9:17:35 UTC

Message 24506 was written by Dagorath and I have read it.
Tullio

I'm not sure that 24506 was the offending message, but the passage in question (posted by Dagorath) has definately vanished since 4:55:00 UTC. Good idea too!

ID: 887878 · Report as offensive
Richard Haselgrove Project Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 14644
Credit: 200,643,578
RAC: 874
United Kingdom
Message 887879 - Posted: 24 Apr 2009, 9:21:25 UTC - in response to Message 887875.  

Message 24506 was written by Dagorath and I have read it.
Tullio

OK, panic over.

What I'm seeing on my screen now is:

Message 24506 - Posted 23 Apr 2009 23:17:38 UTC - in response to Message 24505.

by perryjay - as I described - and I think I saw it last night too.

BOINC shouldn't re-cycle message numbers. We sometimes talk about messages being 'deleted' by moderators, but they can't do that - the most a mod can do is 'hide' a message, so it remains in the database with its message# intact (meaning it remains available as evidence in any police action).

Meaning any apology to perryjay is owed by the BOINC forum software, and I owe an apology to Gary Charpentier. Sorry, Gary - I was careful to check message #s etc. before posting, but Tullio's explanation never crossed my mind.
ID: 887879 · Report as offensive
Profile perryjay
Volunteer tester
Avatar

Send message
Joined: 20 Aug 02
Posts: 3377
Credit: 20,676,751
RAC: 0
United States
Message 887897 - Posted: 24 Apr 2009, 13:21:07 UTC - in response to Message 887879.  

Hmmm, seems I started something without even knowing it. I had no intention of supporting someone DOSing SETI. I was just passing on what happened as stated by Matt so that people that read that thread would know.


PROUD MEMBER OF Team Starfire World BOINC
ID: 887897 · Report as offensive
Profile Gary Charpentier Crowdfunding Project Donor*Special Project $75 donorSpecial Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 25 Dec 00
Posts: 30593
Credit: 53,134,872
RAC: 32
United States
Message 887942 - Posted: 24 Apr 2009, 16:15:57 UTC - in response to Message 887897.  
Last modified: 24 Apr 2009, 16:19:05 UTC

Hmmm, seems I started something without even knowing it. I had no intention of supporting someone DOSing SETI. I was just passing on what happened as stated by Matt so that people that read that thread would know.

You didn't. There was a reply by Dagorath to your message that has now been hidden. In it Dagorath advocated DOSing SETI until it never came back up.
And I'll apologize to you if somehow my cut and paste got the wrong message number.
ID: 887942 · Report as offensive
Profile perryjay
Volunteer tester
Avatar

Send message
Joined: 20 Aug 02
Posts: 3377
Credit: 20,676,751
RAC: 0
United States
Message 887943 - Posted: 24 Apr 2009, 16:23:15 UTC - in response to Message 887942.  

No problem, I just couldn't understand how my post could have been interpreted as advocating a DOS attack. :)


PROUD MEMBER OF Team Starfire World BOINC
ID: 887943 · Report as offensive
Aurora Borealis
Volunteer tester
Avatar

Send message
Joined: 14 Jan 01
Posts: 3075
Credit: 5,631,463
RAC: 0
Canada
Message 887949 - Posted: 24 Apr 2009, 16:38:41 UTC
Last modified: 24 Apr 2009, 16:39:35 UTC

The aforementioned user (his nasty message now hidden) has also had a vendetta against LHC which he posted in several projects boards. I hadn't known until that post, he also had something against Seti. He needs anger management consoling. I tend to just ignore anything he posts.
ID: 887949 · Report as offensive
zpm
Volunteer tester
Avatar

Send message
Joined: 25 Apr 08
Posts: 284
Credit: 1,659,024
RAC: 0
United States
Message 887955 - Posted: 24 Apr 2009, 16:50:55 UTC - in response to Message 887744.  



I noticed we were having a network dip in the afternoon and found once again our web site was being DOS'ed. Somebody (or some robot) was scraping our site, completely ignoring our robots.txt file, etc. Quite infuriating. I wonder if it is officially unethical to make public IP addresses which exhibit this kind of foul behavior. The worrisome part is this kind of activity clobbers mysql (and thus the whole project), and last time this happened everything seemed to recover, and then the database crashed twice over the weekend. We shall see, I guess. It's recovering now.

- Matt


it's the aliens. We are about to find their top secret message to their agents on the ground. LOL! i say post the ip address. you never know; someone in the seti community may have good resources and can tell the physical address of the ip.
ID: 887955 · Report as offensive
Profile zoom3+1=4
Volunteer tester
Avatar

Send message
Joined: 30 Nov 03
Posts: 65690
Credit: 55,293,173
RAC: 49
United States
Message 887964 - Posted: 24 Apr 2009, 17:05:56 UTC

Speaking of MySQL, Here's a small story on It right Here.
The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's
ID: 887964 · Report as offensive
Richard Haselgrove Project Donor
Volunteer tester

Send message
Joined: 4 Jul 99
Posts: 14644
Credit: 200,643,578
RAC: 874
United Kingdom
Message 887968 - Posted: 24 Apr 2009, 17:15:42 UTC - in response to Message 887964.  

Speaking of MySQL, Here's a small story on It right Here.

And another one: http://blogs.computerworld.com/which_sql_is_mysql
ID: 887968 · Report as offensive
Profile zoom3+1=4
Volunteer tester
Avatar

Send message
Joined: 30 Nov 03
Posts: 65690
Credit: 55,293,173
RAC: 49
United States
Message 887999 - Posted: 24 Apr 2009, 19:51:35 UTC

It seem Seti@Work is now blockaded as they've said below:

Seti@Work wrote:

Berkeley seems to have blocked our IP address so there will be no statistics update for the rest of the month until I work something out using the updated-once-a-day XML data.

The T1 Trust, PRR T1 Class 4-4-4-4 #5550, 1 of America's First HST's
ID: 887999 · Report as offensive
1 · 2 · Next

Message boards : Technical News : Stumpy (Apr 23 2009)


 
©2024 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.