|
|
Rank: Koopa Paratroopa
Groups:
Joined: 11/28/2004
Posts: 231
|
Hello. Today there was what looked like an attempt at a distributed denial of service attack on the forums. Requests came in from thousands of different IP's, all using "LWP::Simple x.xx" user-agent type. This is a PERL module, so it's obviously not legitimate browsers. I implemented a user-agent block on LWP::Simple, and a few other user agents that shouldn't be used on this site, such as "wget"(used for downloading the entire site to your hard drive). If anyone has problems using their browser, LMK. Thanks.
--
Derek
|
|
Rank: Bowser
Groups: Member
Joined: 12/18/2004
Posts: 2,642
Location: Danville, IL
|
This is the crap I hate about the web. Thanks for letting us know. Hopefully there are no problems.
http://robertlbryant.com
|
|
Rank: Bowser
Groups: Member
, Moderators
Joined: 12/13/2004
Posts: 3,577
Location: Ontario, Canada
|
I wonder if someone has some beef with the site, or if it's just goons being retarded...
 
|
|
Rank: Koopa Paratroopa
Groups:
Joined: 11/28/2004
Posts: 231
|
"NES-Luke" wrote:I wonder if someone has some beef with the site, or if it's just goons being retarded... Not sure. It could be a random attack on phpBB sites, or someone might not like The NES Files, etc. I can't find any damage, other than the bloated web stats(the thing that alerted me to the problem initially)... -- Derek
|
|
Rank: Bowser
Groups: Member
Joined: 12/18/2004
Posts: 2,642
Location: Danville, IL
|
By the way, is there a way to get that back on the right track?
http://robertlbryant.com
|
|
Rank: Bowser
Groups: Member
, Moderators
Joined: 12/13/2004
Posts: 3,577
Location: Ontario, Canada
|
there should be no ill effects from it, Roth. it was put to a stop before the site got hammered too badly.
|
|
Rank: Bowser
Groups: Member
Joined: 12/18/2004
Posts: 2,642
Location: Danville, IL
|
About the bloated web stats, I mean. :D
http://robertlbryant.com
|
|
Rank: Koopa Paratroopa
Groups:
Joined: 11/28/2004
Posts: 231
|
"Roth" wrote:About the bloated web stats, I mean. :D Well, the webstats are the ones that I look at personally. As for the record # of visitors that you see at the bottom, I'll see if I can find that value in the table, but I doubt it... -- Derek
|
|
Rank: Koopa Paratroopa
Groups: Member
Joined: 12/5/2004
Posts: 325
Location: Rutland Massachusetts
|
"dkalweit" wrote:Hello. Today there was what looked like an attempt at a distributed denial of service attack on the forums. Requests came in from thousands of different IP's, all using "LWP::Simple x.xx" user-agent type. This is a PERL module, so it's obviously not legitimate browsers. I implemented a user-agent block on LWP::Simple, and a few other user agents that shouldn't be used on this site, such as "wget"(used for downloading the entire site to your hard drive). If anyone has problems using their browser, LMK. Thanks.
--
Derek Dude, are you like a computer geek? I mean that in a good way, because that means you can like disable hacker attempts and stuff. It would be good to have an administrator who can protect his forums from hackers.
 Assail MyspaceAssail Purevolume
|
|
Rank: Bowser
Groups: Member
, Moderators
Joined: 12/13/2004
Posts: 3,577
Location: Ontario, Canada
|
"ShadowXMetalshred" wrote:
Dude, are you like a computer geek? I mean that in a good way, because that means you can like disable hacker attempts and stuff. It would be good to have an administrator who can protect his forums from hackers.
I say every good webmin should have the knowledge to disable services and lock down the server properly. Derek obviously knows his stuff, as he had PHP patched up before the worm and everything has been quickly taken care of. Really I think everyone should have the knowledge to get around in a Unix like environment (or even a windows/mac environment) since unix variants run the back end of nearly everything you access on the internet. It would just prevent a lot of the virii and garbage we have around today.
|
|
Rank: Koopa Paratroopa
Groups:
Joined: 11/28/2004
Posts: 231
|
"ShadowXMetalshred" wrote:"dkalweit" wrote:Hello. Today there was what looked like an attempt at a distributed denial of service attack on the forums. Requests came in from thousands of different IP's, all using "LWP::Simple x.xx" user-agent type. This is a PERL module, so it's obviously not legitimate browsers. I implemented a user-agent block on LWP::Simple, and a few other user agents that shouldn't be used on this site, such as "wget"(used for downloading the entire site to your hard drive). If anyone has problems using their browser, LMK. Thanks. Dude, are you like a computer geek? I mean that in a good way, because that means you can like disable hacker attempts and stuff. It would be good to have an administrator who can protect his forums from hackers. Yes, I'm very much a computer geek. As I posted in the other forum, I'm a Software Engineer, so I know my way around computers quite well. I have a nack for hardware as well, but I don't really enjoy that much anymore-- too many stoopid hassles... -- Derek
|
|
Rank: Koopa Paratroopa
Groups:
Joined: 11/28/2004
Posts: 231
|
"NES-Luke" wrote:"ShadowXMetalshred" wrote:
Dude, are you like a computer geek? I mean that in a good way, because that means you can like disable hacker attempts and stuff. It would be good to have an administrator who can protect his forums from hackers.
I say every good webmin should have the knowledge to disable services and lock down the server properly. Derek obviously knows his stuff, as he had PHP patched up before the worm and everything has been quickly taken care of. I can be kinda slow to patch things sometimes, simply because my overall architectures usually minimize the possibility of exploits actually happening on my systems-- like most of the Windows vulnerabilities that need RPC ports open-- i'm not foolish enough to have those open on the public internet!! Quote:Really I think everyone should have the knowledge to get around in a Unix like environment (or even a windows/mac environment) since unix variants run the back end of nearly everything you access on the internet. It would just prevent a lot of the virii and garbage we have around today. Well, the server The NES Files and these forums are currently running on, is Windows 2003. The load on the server is increasing quite a bit with The NES Files, Sensible Software, and soon my other venture site, http://www.freetrialdownloads.com/ (very rough now-- not officially live yet). I'm thinking of getting a Linux box at my ISP to run these and maybe other forums, and maybe convert The NES Files over to php(it's ASP now). Unix variants don't run "nearly everything" on the back-end of the Internet. 20 years ago, that was very true. Now there's a considerable number of Windows servers, not to mention Mainframes running OS/390 or such, etc. *nix is definitely the most commonly used still, but still not 'nearly everything'... Personally, I really like Linux for some things(particularly my network firewall), but some things are just easier in Windows(like XML with the MSXML parser!). -- Derek
|
|
Rank: Bowser
Groups: Member
Joined: 12/18/2004
Posts: 2,642
Location: Danville, IL
|
How long have you been working on that site? There seems to be quite a bit of info on there!
http://robertlbryant.com
|
|
Rank: Koopa Paratroopa
Groups:
Joined: 11/28/2004
Posts: 231
|
"Roth" wrote:How long have you been working on that site? There seems to be quite a bit of info on there! I bought the domain last week, I believe. I started work a few weeks ago. I'm a software engineer, though-- there's much less work there than you'd expect... ;-) -- Derek
|
|
Rank: Bowser
Groups: Member
Joined: 12/18/2004
Posts: 2,642
Location: Danville, IL
|
"dkalweit" wrote:...there's much less work there than you'd expect... It just seems like a whole lot of typing for such a little time! Darn engineers! :D
http://robertlbryant.com
|
|
Rank: Koopa Paratroopa
Groups:
Joined: 11/28/2004
Posts: 231
|
"Roth" wrote:"dkalweit" wrote:...there's much less work there than you'd expect... It just seems like a whole lot of typing for such a little time! Darn engineers! Hehehe. Typing data is for amateurs. :-) Although I type fast, I didn't type the data-- I just wrote the code, designed the graphics, chose color schemes, designed the database, etc... -- Derek
|
|
Rank: Koopa Paratroopa
Groups: Member
Joined: 11/29/2004
Posts: 396
Location: Holland
|
damn dude wtf is going on, at home i can+t evem log into the site, here at my sista´s place i can,mega weird.
My NES collection so far...
|
|
Rank: Koopa Paratroopa
Groups:
Joined: 11/28/2004
Posts: 231
|
"Nes-a-holic" wrote:damn dude wtf is going on, at home i can+t evem log into the site, here at my sista´s place i can,mega weird. PM me your IP at home, along with what browser you are using. I had to ban about a dozen IP's yesterday due to hackers, and a good deal of them were in the Netherlands, so your IP may have found its way into the list somehow... LMK, and I'll see what I can do. Thanks. -- Derek
|
|
Rank: Goomba
Groups: Member
Joined: 1/4/2005
Posts: 22
|
Hi dkalweit,
just want to know from someone experienced like you. When I register, there is fields that ask for email address, ym and msn. One of my friend told me, never put mine on them, because spammers are looking theri victims from there. is that true?
|
|
Rank: Koopa Paratroopa
Groups:
Joined: 11/28/2004
Posts: 231
|
"Ing-Fuk" wrote:Hi dkalweit,
just want to know from someone experienced like you. When I register, there is fields that ask for email address, ym and msn. One of my friend told me, never put mine on them, because spammers are looking theri victims from there. is that true? If you make your Email public, then yes-- spammers can harvest them from the site. Honestly, I believe trying to keep Email addresses from spammers is futile. Either way, set your Email correctly and set it as non-visible, so that you'll get forum notifications from the site when someone replies to your messages. -- Derek
|
|
|
Guest |
