Stumpy (Apr 23 2009)


log in

Advanced search

Message boards : Technical News : Stumpy (Apr 23 2009)

1 · 2 · Next
Author Message
Profile Matt Lebofsky
Volunteer moderator
Project administrator
Project developer
Project scientist
Avatar
Send message
Joined: 1 Mar 99
Posts: 1389
Credit: 74,079
RAC: 0
United States
Message 887744 - Posted: 23 Apr 2009, 23:07:53 UTC

Today included more messing around with gnuplot and various web programming tasks. I also helped Dan format a pdflatex document. I'm kind of cursed with being really fast at working with these formatting markup languages, so such tasks get thrown onto the end of my work queue a lot.

I noticed we were having a network dip in the afternoon and found once again our web site was being DOS'ed. Somebody (or some robot) was scraping our site, completely ignoring our robots.txt file, etc. Quite infuriating. I wonder if it is officially unethical to make public IP addresses which exhibit this kind of foul behavior. The worrisome part is this kind of activity clobbers mysql (and thus the whole project), and last time this happened everything seemed to recover, and then the database crashed twice over the weekend. We shall see, I guess. It's recovering now.

- Matt

____________
-- BOINC/SETI@home network/web/science/development person
-- "Any idiot can have a good idea. What is hard is to do it." - Jeanne-Claude

Profile Blurf
Volunteer tester
Send message
Joined: 2 Sep 06
Posts: 7515
Credit: 6,682,438
RAC: 9,129
United States
Message 887747 - Posted: 23 Apr 2009, 23:09:26 UTC

Thanks, Matt!
____________


Profile Andrew Clayton
Avatar
Send message
Joined: 12 Apr 99
Posts: 7
Credit: 899,675
RAC: 80
United Kingdom
Message 887764 - Posted: 23 Apr 2009, 23:44:14 UTC - in response to Message 887744.

A quick

# iptables -I INPUT -s $IP -j DROP

Will sort that out!

____________

Profile Gary CharpentierProject donor
Volunteer tester
Avatar
Send message
Joined: 25 Dec 00
Posts: 12358
Credit: 6,664,145
RAC: 8,715
United States
Message 887767 - Posted: 23 Apr 2009, 23:58:28 UTC - in response to Message 887744.

I noticed we were having a network dip in the afternoon and found once again our web site was being DOS'ed. Somebody (or some robot) was scraping our site, completely ignoring our robots.txt file, etc. Quite infuriating. I wonder if it is officially unethical to make public IP addresses which exhibit this kind of foul behavior. The worrisome part is this kind of activity clobbers mysql (and thus the whole project), and last time this happened everything seemed to recover, and then the database crashed twice over the weekend. We shall see, I guess. It's recovering now.

- Matt

Thanks for the good work.

As to why you don't announce publicly, you are supposed to call the UC Police and report this person/robot for violating Penal Code 502, unauthorized use of a computer system. It is a felony.

That or maybe put a privacy statement up that such use will be publicly disclosed. Then you have given fair notice and the lawyers won't get upset. ;-)


____________

Profile jrusling
Avatar
Send message
Joined: 8 Sep 02
Posts: 37
Credit: 4,764,889
RAC: 0
United States
Message 887769 - Posted: 24 Apr 2009, 0:05:38 UTC - in response to Message 887744.

I think their IP address should be fair game. Maybe some social pressure could be brought to bear.

____________
http://boincstats.com/signature/-1/user/18390/sig.png

Cosmic_Ocean
Avatar
Send message
Joined: 23 Dec 00
Posts: 2245
Credit: 8,574,909
RAC: 4,360
United States
Message 887776 - Posted: 24 Apr 2009, 0:25:31 UTC

I get portscans and attempted DOSes here at home quite often, and I just went in with iptables and blocked entire subnets. 99% of them originate from China. *shrug* It works fine here at home since I have no reason to access anything from China, and nobody from China has any reason to access me, but a worldwide project like this has to have careful consideration of IP or even subnet blocking.

I used to forward excerpts from the connection logs on the firewall to the various holders of subnets, but never got any responses and kept getting portscans from said IPs, so I just started blocking subnets. Problem solved.
____________

Linux laptop uptime: 1484d 22h 42m
Ended due to UPS failure, found 14 hours after the fact

Profile Gary CharpentierProject donor
Volunteer tester
Avatar
Send message
Joined: 25 Dec 00
Posts: 12358
Credit: 6,664,145
RAC: 8,715
United States
Message 887818 - Posted: 24 Apr 2009, 4:03:25 UTC

Lovely when people on BOINC say SETI should be DOS'd
http://boinc.berkeley.edu/dev/forum_thread.php?id=3837&nowrap=true#24506


____________

Profile Virtual Boss*
Volunteer tester
Avatar
Send message
Joined: 4 May 08
Posts: 417
Credit: 6,178,062
RAC: 192
Australia
Message 887825 - Posted: 24 Apr 2009, 4:55:59 UTC - in response to Message 887818.

Yeah. A great way to make enemies and (negatively) influence people.

Richard HaselgroveProject donor
Volunteer tester
Send message
Joined: 4 Jul 99
Posts: 8457
Credit: 48,560,210
RAC: 79,796
United Kingdom
Message 887868 - Posted: 24 Apr 2009, 8:35:28 UTC - in response to Message 887818.

Lovely when people on BOINC say SETI should be DOS'd
http://boinc.berkeley.edu/dev/forum_thread.php?id=3837&nowrap=true#24506

???? WTF ????

All that thread is is a secondary source of information (and, as always, some speculation) about the current state of the SETI project and possible causes of recent difficulties - accessible if and when the message boards here have to be taken down for remedial action.

The only mention of DOS attacks in the whole thread is in the message you linked - #24506. And all that is is a word-for-word backup copy of Matt's opening post in this thread - explaining what has already happened.

I fail to see how that translates into saying that people "should" do any such thing. I think an apology to Perryjay is in order.

Profile tullioProject donor
Send message
Joined: 9 Apr 04
Posts: 3650
Credit: 368,797
RAC: 261
Italy
Message 887875 - Posted: 24 Apr 2009, 8:49:10 UTC - in response to Message 887868.

Lovely when people on BOINC say SETI should be DOS'd
http://boinc.berkeley.edu/dev/forum_thread.php?id=3837&nowrap=true#24506

???? WTF ????

All that thread is is a secondary source of information (and, as always, some speculation) about the current state of the SETI project and possible causes of recent difficulties - accessible if and when the message boards here have to be taken down for remedial action.

The only mention of DOS attacks in the whole thread is in the message you linked - #24506. And all that is is a word-for-word backup copy of Matt's opening post in this thread - explaining what has already happened.

I fail to see how that translates into saying that people "should" do any such thing. I think an apology to Perryjay is in order.

Message 24506 was written by Dagorath and I have read it.
Tullio
____________

Profile Virtual Boss*
Volunteer tester
Avatar
Send message
Joined: 4 May 08
Posts: 417
Credit: 6,178,062
RAC: 192
Australia
Message 887878 - Posted: 24 Apr 2009, 9:17:35 UTC

Message 24506 was written by Dagorath and I have read it.
Tullio

I'm not sure that 24506 was the offending message, but the passage in question (posted by Dagorath) has definately vanished since 4:55:00 UTC. Good idea too!

Richard HaselgroveProject donor
Volunteer tester
Send message
Joined: 4 Jul 99
Posts: 8457
Credit: 48,560,210
RAC: 79,796
United Kingdom
Message 887879 - Posted: 24 Apr 2009, 9:21:25 UTC - in response to Message 887875.

Message 24506 was written by Dagorath and I have read it.
Tullio

OK, panic over.

What I'm seeing on my screen now is:

Message 24506 - Posted 23 Apr 2009 23:17:38 UTC - in response to Message 24505.

by perryjay - as I described - and I think I saw it last night too.

BOINC shouldn't re-cycle message numbers. We sometimes talk about messages being 'deleted' by moderators, but they can't do that - the most a mod can do is 'hide' a message, so it remains in the database with its message# intact (meaning it remains available as evidence in any police action).

Meaning any apology to perryjay is owed by the BOINC forum software, and I owe an apology to Gary Charpentier. Sorry, Gary - I was careful to check message #s etc. before posting, but Tullio's explanation never crossed my mind.

Profile perryjay
Volunteer tester
Avatar
Send message
Joined: 20 Aug 02
Posts: 3377
Credit: 15,263,884
RAC: 11,962
United States
Message 887897 - Posted: 24 Apr 2009, 13:21:07 UTC - in response to Message 887879.

Hmmm, seems I started something without even knowing it. I had no intention of supporting someone DOSing SETI. I was just passing on what happened as stated by Matt so that people that read that thread would know.
____________


PROUD MEMBER OF Team Starfire World BOINC

Profile Gary CharpentierProject donor
Volunteer tester
Avatar
Send message
Joined: 25 Dec 00
Posts: 12358
Credit: 6,664,145
RAC: 8,715
United States
Message 887942 - Posted: 24 Apr 2009, 16:15:57 UTC - in response to Message 887897.
Last modified: 24 Apr 2009, 16:19:05 UTC

Hmmm, seems I started something without even knowing it. I had no intention of supporting someone DOSing SETI. I was just passing on what happened as stated by Matt so that people that read that thread would know.

You didn't. There was a reply by Dagorath to your message that has now been hidden. In it Dagorath advocated DOSing SETI until it never came back up.
And I'll apologize to you if somehow my cut and paste got the wrong message number.
____________

Profile perryjay
Volunteer tester
Avatar
Send message
Joined: 20 Aug 02
Posts: 3377
Credit: 15,263,884
RAC: 11,962
United States
Message 887943 - Posted: 24 Apr 2009, 16:23:15 UTC - in response to Message 887942.

No problem, I just couldn't understand how my post could have been interpreted as advocating a DOS attack. :)
____________


PROUD MEMBER OF Team Starfire World BOINC

Aurora Borealis
Volunteer tester
Avatar
Send message
Joined: 14 Jan 01
Posts: 2975
Credit: 4,994,862
RAC: 1,280
Canada
Message 887949 - Posted: 24 Apr 2009, 16:38:41 UTC
Last modified: 24 Apr 2009, 16:39:35 UTC

The aforementioned user (his nasty message now hidden) has also had a vendetta against LHC which he posted in several projects boards. I hadn't known until that post, he also had something against Seti. He needs anger management consoling. I tend to just ignore anything he posts.

zpm
Volunteer tester
Avatar
Send message
Joined: 25 Apr 08
Posts: 284
Credit: 1,552,854
RAC: 2,435
United States
Message 887955 - Posted: 24 Apr 2009, 16:50:55 UTC - in response to Message 887744.



I noticed we were having a network dip in the afternoon and found once again our web site was being DOS'ed. Somebody (or some robot) was scraping our site, completely ignoring our robots.txt file, etc. Quite infuriating. I wonder if it is officially unethical to make public IP addresses which exhibit this kind of foul behavior. The worrisome part is this kind of activity clobbers mysql (and thus the whole project), and last time this happened everything seemed to recover, and then the database crashed twice over the weekend. We shall see, I guess. It's recovering now.

- Matt


it's the aliens. We are about to find their top secret message to their agents on the ground. LOL! i say post the ip address. you never know; someone in the seti community may have good resources and can tell the physical address of the ip.

zoom314Project donor
Avatar
Send message
Joined: 30 Nov 03
Posts: 46045
Credit: 36,566,547
RAC: 5,451
Message 887964 - Posted: 24 Apr 2009, 17:05:56 UTC

Speaking of MySQL, Here's a small story on It right Here.
____________
My Facebook, War Commander, 2015

Richard HaselgroveProject donor
Volunteer tester
Send message
Joined: 4 Jul 99
Posts: 8457
Credit: 48,560,210
RAC: 79,796
United Kingdom
Message 887968 - Posted: 24 Apr 2009, 17:15:42 UTC - in response to Message 887964.

Speaking of MySQL, Here's a small story on It right Here.

And another one: http://blogs.computerworld.com/which_sql_is_mysql

zoom314Project donor
Avatar
Send message
Joined: 30 Nov 03
Posts: 46045
Credit: 36,566,547
RAC: 5,451
Message 887999 - Posted: 24 Apr 2009, 19:51:35 UTC

It seem Seti@Work is now blockaded as they've said below:

Seti@Work wrote:

Berkeley seems to have blocked our IP address so there will be no statistics update for the rest of the month until I work something out using the updated-once-a-day XML data.

____________
My Facebook, War Commander, 2015

1 · 2 · Next

Message boards : Technical News : Stumpy (Apr 23 2009)

Copyright © 2014 University of California