Chris

What about money issues? Is it time to collect dues or donations again? :confused: Thanks for all of your hard work and support keeping this the best site it can be. :)

Chris,
So you mean they took up residence in Randy's locker (:eek: :D ) and used it as their jumping off point for attacks on other systems? Unfortunately, we've seen a lot of this at Goddard Space Flight Center with really smart scientists who think nothing of turning their desktop computers into servers and leaving them on 24/7 with no firewalls -- hackers have just come in and set up shop, with attacks looking like they come from NASA!!!
-Bill

for about 30 minutes i thought i had done something to screw up the network, i pressed some button that i didn't want, and quickly hit another to try to cancel it, and it came up with an error message... i was like what did i do?:eek: then i realized that i really was am an idiot;)

Chris, your Subaru box was on a separate v-lan from the bulk of our other network. That is not what caused the problem. The problem came that the DoS attach saturated every hop between the big pipes and your box. The traffic shaper in the router was overwhelmed because of the smaller than normal packet size. The overwhelmed router affected everyone. Jim's proposed solution gives you a small separate and distinct channelized t1 that as long as the upstream provide gives you dual PVC's and your own IP network you will be in charge of your own destiny. The downside is that the pipe will be much smaller making it so that even just 1 cable modem or DSL customer could do a DoS attack and bring you down. The saving grace on the whole thing was that Friday we upped our bandwidth out to the world and fortunately this made the pipe enough bigger that thousands of domains and all the dedicated clients didn’t completely tip over. I watch network utilization on a daily basis. Before they did the DoS attack I saw people poking and prodding at your server. I almost drafted an email asking if the box had been compromised again, but I didn't want people to think that I was being over critical.

I figured Chris would address this but because it hasn't been addressed, I will. This issue deals with the aggressive emails from members of your forum concerning QWK.net's actions. Of all car forum's the last place that I thought we would get threats from would be a car club made up of upper scale car nuts. I guess that everyone is a critic especially when their service is free. It's easy for some one that doesn't have to maintain the box to get grumpy concerning uptime or the quality of the service. QWK.net responsibility to uptime dealt only with the bandwidth. Nothing on the SVX box was under maintenance contract to ensure patch level and the current security state of the box. QWK.net does not own the server that Subaru-SVX.net was hosted or even have the Root level password on the compromised box. The box's maintenance was done by Chris, Travis, and Jim. All three are skilled admin's with full time day jobs and maintenance was done between other pressing events in their schedules. Unfortunately network security is a journey and not a destination. Servers need and require daily attention to keep them secure. Any service provider would have problems knowing that a server is compromised or in a bad patch state. But again we didn’t' have control of the box. The only control that we have over the box is to turn the port on/off and to change the upstream traffic shaper.

QWK.net as a company has provided quality service to your forum. Instead of getting grumpy and angry you guys should be happy for the multi megabits of service that was available to your forum.

Quinn Whiple
QWK.net Hosting

Those IRC "spybots" are nasty things, for you who want to read about what a real-world attac by these things could do, please read http://www.grc.com/dos/grcdos.htm .

The case is very similar to what I understand happened here also.

It's a VERY good writing, he exposed the inner beings of these things.



/Sonny :cool:

Quinn,

Please let me apologize for any rants or threatening messages you received from any members of this board. They were uncalled for and completely out of line. Can I ask that you forward these to Chris so that he can forward them to us (site moderators) to deal with the individuals responsible?

As many of the older members here can attest, this site has run virtually flawlesely for a very long time while under Chris' capable control (with the assistance of many others of course). We the moderators here have seen an increase in members, a shift in attitude, and a general increase in the amount of unaccetable behavior and are working to make changes to maintain the site in a manner to which we've become accustomed. We know your business is providing bandwidth to clients who rely on it for their livelihood and these are, rightly so, your first priority. I ask that you please don't let the actions of a few members taint your view of the rest of us. We have business owners, attorneys, rockets scientists (really we do!), engineers, and a variety of professionals within our ranks all of which, like me, are very thankful for what we have here. We've made friends from around the globe based on a common interest in an obscure automobile and would hate to lose that connection.

Best regards,
Todd Hipsky

I am familiar with Steve Gibson. Many people remember him from the mid 80's when he first wrote the original spinwrite. Steve has always been a bit of a "realist" and I can appreciate him for that. His counterpart (Peter Norton) sold out to corp. America.

Quinn

Hold the phone, there, Quinn. I'm not aware of anyone getting grumpy, and if so, please let me know who they are and they will be dealt with in the strictest way we can.

As membership gets larger, there will be more and more who won't be able to appreciate where this forum has come from. We'll be certain to let them know.

Please, don't be "grumpy" yourself because of a few "grumps" in the basket.

Just for the record...
 

Even though I say I’m cranky... I'm not....:D (really!!) And I did not email anyone about the server going down... as a matter of fact I made a donation (that I hope was appreciated) to help out with bandwidth or server stuff…I don't know what the going rate is...., do you want more? Is my donation in line with what others have sent? Can I join? Am I a member yet? What time does the train come in?

Is anyone other than me going to RENO?

ANYONE that complains about ANY service issues with this forum has not been involved with the Internet for very long and just don't know what they are talking about. This has been (even through this attack) the most rock solid site that I've been associated with. Thank you all for what you do and how you do it!!!!

I forward the email that was the most inconsiderate concerning the situation to Chris.

Quinn

Possible solution to the problem
 

Here are the issues and problems and some proposed solutions.

Issue 1. subaru-svx.net is popular (good problem to have)
Issue 2. subaru-svx.net needs bandwidth to support it's growth
Issue 3. subaru-svx.net needs to ensure that the dedicated server stays secure.
Problem 1. Bandwidth costs money.
Problem 2. Management costs money.
Problem 3. Resources to keep box live to the world have been negative flowing vs. positive flowing (costs more to keep it up that to move it or shut it down)

Solution:
QWK.net is in the web hosting business. Out of the approximately 2300 registered users of this site, many of you have personal web page space that you are paying another provider for. I would bet that the statistic is probably 15-20% have separate web pages for various hobbies, companies and your cars. If you guy's with the subaru-svx forum are willing to move your individual personal sites to qwk.net so that there is an increased revenue stream. I will rack the server in our managed space, I will have one of my full time techs make sure the box stays at current patch levels and I will double the bandwidth allocation that was currently going to this server. I would bet that out of the 2300(roughly) registered users that we could easily come up with a minimum of 100 accounts to transfer. I would prefer to see 150-200, but let's see if we can get a 100 first(about 4% of the registered users).

Based on the bandwidth that we have seen consumed, this server will become congested with the bandwidth allocation that will be available after it moves. The best solution is to keep it connected with a large pipe to the world, but the cost has to be justified.

This is simple business marketing. If you help generate revenue to justify the allocation of time and resources then I will make sure the box stays secure and is fed with good, pure, bandwidth.

If you guy's want to do this, I will create some new hosting plans dedicated for this transfer so that we can track the users that sign up.

Let me know what you guy's think. Let's make this a win/win situation.

Quinn
QWK.net

Re: Possible solution to the problem
 

Quinn's got some good points here. Let's come up with something to keep subaru-svx.net alive. :D I'm ready with a donation :D.

Re: Possible solution to the problem
 

Quinn,

You have some good points and some logistical errors as well. I fully agree with you on the all three issues. However, there are some users on the forums we are experts in secureing the server as well as maintaining the server. So far, as far as I know, there are only 3 people who have some form of access to the back end and we are listening to one of them to say "Hey we've been hacked again."

What I am going with that is for people who can help, it's fusturating just to hear "we are hacked again" without being able to help. And for common people, it scares the living crap out of them. To the admin team: If you need help, we can help.

The second thing is it is true you might benifit from getting some money from us by transfering our webhosts to you guys. However, most people who run websites are at the level of geocity sites (no offense) and they are happy with the free sites. Then we have people like me -- who have our own domain and such. I have never seen a webhost that supply a shell account to the system yet. If I see one, I'll signup so that I can monitor my own space. I hate to give up my space in the hand of someone else. Put it this way, if my site is down, I can only blame myself.

And finally out of the 2000+ registered users, only around 100-200 are active. So it would be hard to achive that goal. Just speaking some realism here.

Re: Possible solution to the problem
 

Quinn,

Not trying to bite the hand that feed us for free here...

Can you tell us how much we are using for bandwidth? Aso, where is it going? I mean : Is it being used by the forums, IRC, locker pictures (linked to offsite areas) etc.

Just trying to see what we are dealing with here.

Re: Re: Possible solution to the problem
 

Actually I was curious about that as well. Didn't have time to ask.