Discussion in 'privacy general' started by Mike_Healan, Feb 15, 2004.
Please check your PM inbox over here
Just did Paul. Pm coming back to you in a second.
I truly appreciate everyone's kind words of support. Thank you
For those having the desire to help and were looking for a paypal donation location here it is.
And believe me Grummy I have no intention of firing NI back up until I know I'm able to handle whatever it will take to keep it that way. I'm looking at some alternatives now too. I've been somewhat disabled because I've been without email now for over a day. My cable ISP did maintenance and screwed it up..go figure.. But it is working again as of about 10 minutes ago and I should be able to get things rolling a little more quickly now.
I received an SQL error when trying to get to SpywareInfo.
- Removed the screen shot as the MySQL error listed is not actually significant to resolving the issue. LWM
Some adjustments are being made to proxy servers...he'll be back soon
Is this important, or is it way off base?
Well, yes that item is important in terms of it being an exploit that needs to be addressed, but it is not related to what's going on with SWI overall or the SQL error that was noted above. (Basically, the error removed above was simply that the database wasn't accessible, which I could cause to happen here if I simply triggered a restart of the MySQL server processes.)
Most of us running forums use publicly available bulletin board software, either free or commercial packages, for which various exploits get discovered and then patched. Just a few days ago there was one for YaBB SE (what we use here) that was extremely similar - an uncheck parameter that could allow SQL commands to be executed... The fix was readily available and we applied it. (SOP - Standard Operating Procedure)
Well stated as per usual LWM. Thanks for the clarification
Chocolate-chip cookie headin' your way to go with that coffee.
Here's a message left for you at cexx forum
Question and Comment:
The suggestion was given to add
To our hosts file. I do know how to do this the question is why? I am not intentionally being dense, however, what is happening differently than if we simply type www.merjin.org. Specifically, is it that our search engine might not be up to date, or is it that there is something intentionally trying to reroute us from the correct address, and this insures that that will not happen. (By the way, ironically, this is the first address other than 127.0.0.1 that my host file has ever seen! Even more ironic, I have never even considered using it this way...sign of the times I guess).
Comment to the user that is weighing whether to expend the effort to figure out this host file thing. It is actually pretty simple. Attend:
the "hosts" file location in XP is in this folder
hosts has no extension but if you add .txt you can edit it as you would any text file (only when you are finished rename it again to hosts without the .txt).
if it is read only, then of course you will need to right click and uncheck the read only box.
if you use spybot search and destroy, or similar products you will see a long list of unsavory sights preceded by 127.0.0.1 That is the local host (that is you) it tells your browser not to go to those unsavory sites, but to stay put if you try to link to them. Follow the pattern and add any sites you are sick of seeing.
Or in this case just add the lines
to make you go the the correct address whenever your browser is looking for www.merijn.org
By the way, everything following a # on a line is reguarded as a comment and is ignored by the system when it is using the file to attempt to find addresses to link with site names. This allows you to add little notes that are used to help people remember or make catagories like say
# My additions of sites featuring Barney
I know that most of you reading this already know verywell everything I said, and that it is probably said better by following the link that was provided. This is just in case it helps someone get to www.merijn.org and because it might benefit people like myself who might assume that stuff is more complicated than it is...or they would already know it!!!
don't worry, u CAN and you WILL soon stop this nasty attack, don't give up and keep trying.
There is still hope even in your darkest hour.
www.net-integration.net is being reactivated and should return very shortly for everyone. It is in the process of resolving DNS internally. Mail has started working again so the site should not be far behind.
The filtering in place may need some tweaking and the potential is there we will go offline a few times again for short periods as we adjust. Its hoped this is not the case but I don't know for certain.
This is not the permanent arrangment for this site. Over the course of the next several days I'm going to be implementing changes which I hope will prevent this from happening again and in a permanent location.
In any event it should not be much longer and NI will be live again.
Good News Eagle1
Glad to hear it
Its working again
Looking good. Congrats.
guess you need to tweek it a little more got there but the board ate my post http://www.emotipad.com/newemoticons/Big-Thumbs-Up.gif glad your back up again!!!!
Yeah, it looks like they're just making adjustments... An odd flurry of SQL errors and such, but they are there. It's probably only a matter of a few server side tweaks at this point.
This is a mysql issue and nothing to do with the attack. Seem to havea couple of rouge tables that don't like to play nice.
Looks like I may have a few corrupted files. Seems there was too many post attempts in the same topic at the same time.
Friendly fire took out the forum db. LOL
I'm working on trying to repair it now.
Everything is working good now.
The ddos is under control at the moment and the forum database is fixed.
Lets go get em...........
Super News, just posted at NI and all is working good. Congrats !
And tomcoyote is back up too
This is great news!
Congratulations on getting it back online again.
Separate names with a comma.