Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
The Fun Never Stops

By rusty in News
Tue Jul 25, 2000 at 03:14:05 PM EST
Tags: Kuro5hin.org (all tags)
Kuro5hin.org

If you've tried to access the site in the past couple of days, you may have noticed that things haven't been working properly. In the interests of keeping everyone informed about what's going on, I'm going to describe the problems as best I can. As far as we know, we have the situation under control now, thanks in very large part to the efforts of Andrew Hurst (hurstdog) and Inoshiro, to whom I owe a *huge* debt of thanks. Details below.


So, the joy all started Sunday, when we were the victim of a barrage of story spam. Someone decided it would be fun to run a script that dumps crap into the story queue faster than it could possibly be voted down. What this was supposed to prove is still unclear, since anyone could see that this was possible. As I mentioned in a comment, this is akin to breaking a car window to prove it's made of glass, and generally demonstrates the room-temperature (in centigrade) IQ of the perpetrator.

We blocked this hole several times, in different ways (finally being forced to deny all anonymous story posts), and collected a nice list of cracked machines that the attacks were coming from. We are in touch with the admins of those machines, and will eventually find the person or persons responsible and seek legal action for abuse of computer resources.

After a brief lull, the attacks returned, this time flooding the comment forms with data. Another highly worthwhile DOS that proved essentially nothing. This as well was blocked.

Finally, this morning came an ordinary DOS attack, which apparently consisted of very large POSTS being sent at a huge pace. Unfortunately, on upgrading the code to block these, some changes got in that had not been adequately tested, and caused mysql to basically slow to a crawl. So for the better part of today, we've searched for the offending code, and finally rolled back to a previous version, which appears to be working at last.

In the midst of all this somewhere the database got hopelessly corrupted due to repeated abuse and crashes, and we were also forced to reload the DB from backups, losing about a day's worth of input. This sucks a lot, and I apologize profusely to anyone who's submitted a story that got lost. Please resubmit-- you were not dropped on purpose! As for lost comments, there's little we can do but go forward from here.

As mentioned before, hurstdog, Inoshiro, and everyone on #kuro5hin (IRC kuro5hin.ircnetwork.net) have been an enormous help in this. They solved most of the problems themselves, in fact, so we all owe them our thanks. I'll try to keep you all updated as the situation warrants, and thank you for your patience.

Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o Kuro5hin
o Also by rusty


Display: Sort:
The Fun Never Stops | 28 comments (22 topical, 6 editorial, 0 hidden)
What a mess.. (2.50 / 4) (#4)
by Eloquence on Tue Jul 25, 2000 at 03:32:38 PM EST

I guess it's because of the Slashdotting. Too many idiots over there. Anyway, good work and thanks a lot for a) keeping this great site running b) letting us know about the problems.

"Only two things are infinite, the universe and human stupidity, and I'm not sure about the former." (Albert Einstein)
--
Copyright law is bad: infoAnarchy Pleasure is good: Origins of Violence
spread the word!

Yikes (3.20 / 4) (#11)
by Anonymous Hero on Tue Jul 25, 2000 at 04:49:22 PM EST

Why pick on Slashdot? What's the point? There are too many idiots everywhere, the internet, being the global thing it is, just makes it easier to put idiots in touch with the rest of us.

This thread is a perfect example: you're picking on slashdot for no reason, and I get to reply to an idiot's comment, and we don't even know each other :)

--
Place quote from famous person here to make your comment appear more intelligent.

[ Parent ]

Re: Yikes (2.00 / 1) (#12)
by Eloquence on Tue Jul 25, 2000 at 04:53:05 PM EST

Why pick on Slashdot? What's the point?

Browse /. at -1. If you still have any questions after that, feel free to ask.
--
Copyright law is bad: infoAnarchy Pleasure is good: Origins of Violence
spread the word!
[ Parent ]

Re: Yikes (2.00 / 1) (#17)
by slycer on Tue Jul 25, 2000 at 05:27:48 PM EST

On a related note, I have noticed a lot of kuro5hin links in messages and sigs lately over at TOS. I'm suspecting some of the -1 slashdot trolls are attempting to move in here..

[ Parent ]
Re: Yikes (5.00 / 2) (#21)
by rusty on Tue Jul 25, 2000 at 07:00:53 PM EST

Sure they are. In fact, many of them have been here from the beginning. spiralx, fluffy grue, to name a couple. I'm not upset by this, because generally these are actually very good members of the community, the two previously named being good examples of this. Basically, no one is born a troll-- it can go either way. What I can't figure out, though, is what I did to become a target for whoever was attacking us. Exist, I guess, but it really irks me that I have no idea what the problem is. If someone hates something about the site, email me, and I'll do my best to fix it. Otherwise, don't thay have something better to do?

____
Not the real rusty
[ Parent ]
Re: Yikes (none / 0) (#27)
by Stormbringer on Wed Jul 26, 2000 at 01:15:11 AM EST

K5 got not only named but linked in an article... all of a sudden you were a warm body to the net mosquitos. that's my guess.

[ Parent ]
Re: Yikes (none / 0) (#38)
by BJH on Wed Jul 26, 2000 at 02:39:15 AM EST

I think you're misunderstanding the troll/script kiddy/spammer mentality - in the case of kuro5hin, they probably aren't doing it because something about the site annoyed them, but because they can. In the end, they're sad little people with not a lot to do and too much time to do it in - they literally don't have anything better to do. It has nothing to do with site content and everything to do with teenage male testosterone, so I wouldn't worry about what they think of kuro5hin too much ;)
--
Roses are red, violets are blue.
I'm schizophrenic, and so am I.
-- Oscar Levant

[ Parent ]
Re: What a mess.. (4.00 / 2) (#13)
by Inoshiro on Tue Jul 25, 2000 at 04:57:57 PM EST

Not really. Some people that read slashdot are dicks, but they get millions of hits. There are bound to be a few dicks. By themselves, the slashdot crew are fairly together.



--
[ イノシロ ]
[ Parent ]
Re: What a mess.. (4.70 / 3) (#19)
by Eloquence on Tue Jul 25, 2000 at 05:33:20 PM EST

Don't get me wrong. I'm sure Malda, Hemos & Co. are nice and extremely clever people, and they have developed a lot of really innovative software. The trouble is, because of the fact that /. works so well and focuses on technology, it has quickly become the major news source for many (most?) skript kiddiez. Do you think those 1337 hax0rs read ZDNet, CNet or Wired? Neither do I. They all read /. (perhaps HNN and some other "hacker news" sites, too, but /. creates a permanent bond with the commenting system), and now some of them have come over to K5.

If the number of dickheads on /. was the normal proportion, I'd shoot myself. Fortunately, this is not the case. I can see that by comparing it to other computer related weblogs (which also have trolls, but not nearly as many).

Take www.geekflavor.com as another example. Announced on /. today and cracked a few minutes later, the main page replaced with a message "Hello. I own u". These suckers read /. to keep up-to-date, and they increasingly use it to choose their targets as well.

This is not Taco's or anyone else's fault, and their browsing thresholds are their attempt of a solution, although if I were them, I would simply delete the respective users' accounts. (I would even seriously think about disallowing anonymous postings.) Of course everyone would immediately shout "censorship" like some are already shouting because of moderation. It's good that Rusty has made the rules clear from the beginning.
--
Copyright law is bad: infoAnarchy Pleasure is good: Origins of Violence
spread the word!
[ Parent ]

Re: What a mess.. (4.00 / 2) (#18)
by ODiV on Tue Jul 25, 2000 at 05:29:34 PM EST

"I guess it's because of the Slashdotting."

Kind of OT, but this just came to me.

If k5 ever gets big enough to cause something to the effect of 'slashdotting' I think it should be said that such and such a site has been 'kuroded'.

--
[ odiv.net ]
[ Parent ]
Re: What a mess.. (5.00 / 1) (#22)
by MrEd on Tue Jul 25, 2000 at 07:44:32 PM EST

Not bad, I myself would try and play off of the figure of speech "deep sixed" ... kay-fived? Or maybe something like K.O.'ed. Hmm.

Also, nobody's come up with a decent moniker for the years 2000 - 2010. The naughties? Bleah.

Watch out for the k5 superiority complex!


[ Parent ]
A LimitRequestBody directive in httpd.conf may hel (4.72 / 11) (#5)
by Anonymous Zero on Tue Jul 25, 2000 at 03:37:52 PM EST

Apache has a few directives that can reject HTTP requests that are beyond reasonable size limits such as LimitRequestBody 100000 which will immediately give the ol' 403 error to any request larger than 100K or however many bytes you feel is unreasonable.

Re: A LimitRequestBody directive in httpd.conf may (3.00 / 1) (#16)
by rusty on Tue Jul 25, 2000 at 05:15:14 PM EST

I didn't know about this directive, thanks!

____
Not the real rusty
[ Parent ]
wow (2.00 / 5) (#9)
by thevox on Tue Jul 25, 2000 at 04:34:47 PM EST

Not to get on the whole ./ trashing thing, but I'm really glad that you took the time to let us know what's going on, I appreciate it. It was very frustrating when ./ was getting DDOSed and didn't even let anyone know about it, the site was just always down. Thanks for keeping us abreast!

Jason


No trashing /. (5.00 / 1) (#15)
by rusty on Tue Jul 25, 2000 at 05:12:13 PM EST

We actually contacted CmdrTaco for advice on spam-deflection, and he's been very helpful through all this crap. At this point, trashing slashdot here is silly, since our audience is almost entirely composed of a fraction of their audience, and they all read K5 too.

Just keep repeating it to yourself... "There is no feud..." ;-)

____
Not the real rusty
[ Parent ]

Re: No trashing /. (none / 0) (#23)
by thevox on Tue Jul 25, 2000 at 09:10:08 PM EST

I definately don't want to trash them, it was more of a compare/contrast :)

Jason


[ Parent ]
Re: No trashing /. (none / 0) (#24)
by joeyo on Tue Jul 25, 2000 at 10:29:00 PM EST

I know I for one am hopelessly addicted to both sites. I've felt much less need to talk smack about the big slash recently. I guess it's cause I dont have time to read as in-depth as I used to and thus don't get offended by the (increasingly pathetic) trolls...

I didn't even catch any of the DOS stuff out here. I feel left out... It's like missing it when Jenni gets nekkid... ;)

--
"Give me enough variables to work with, and I can probably do away with the notion of human free will." -- demi
[ Parent ]

heh (3.00 / 3) (#10)
by evro on Tue Jul 25, 2000 at 04:42:37 PM EST

I remember when people were originally talking about #kuro5hin and rusty said something like he hated IRC... hey, change your mind yet? :)
---
"Asking me who to follow -- don't ask me, I don't know!"
Re: heh (none / 0) (#14)
by rusty on Tue Jul 25, 2000 at 05:03:05 PM EST

Yeah, yeah. :-P

____
Not the real rusty
[ Parent ]
American Laws (4.00 / 2) (#20)
by Anonymous Hero on Tue Jul 25, 2000 at 06:09:03 PM EST

I know that under British law, you could probably prosecute the elite hacksaws under The Computer Misuse Act 1990. What's the equivalent American law, something to do with breaking & entering?

The fun really never stops (2.00 / 1) (#25)
by cesarb on Tue Jul 25, 2000 at 11:32:32 PM EST

Just reloaded the front page and saw the comments in the _other_ "we're being attacked" thread jumped from 24 to 76. All postings above 24 seem to be created by the script.



Re: The fun really never stops (1.00 / 1) (#26)
by cesarb on Tue Jul 25, 2000 at 11:39:58 PM EST

Yuck, they're at the War on Drugs thread too! Soon it'll get here if it keeps going this way...

We truly needs some way for _the users_ to nuke posts by themselves when this happens; who knows if rusty & the other admins are sleeping right now!

As I've been saying for some time,

we need a -1 rating damnit!



[ Parent ]
The Fun Never Stops | 28 comments (22 topical, 6 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!