Issue Tracker (removed)

Posted on May 9, 2008 by independence

I have now set up an issue tracker for Blinkenshell. This is a system for handling support issues and similar. Most support stuff is currently taken care of on IRC, and I’d like to keep it that way. It’s usually the fastest and most straight-forward way to solve minor issues. However, from time to time there appears issues which might take a while to resolve. Some bug or unexpected behaviour in some software that can not be resolved right away. In these cases it might be good with a system like this, so we can really follow up and make sure the issue was resolved. When someone reports an issue to me on IRC which I can not fix right away, I sometimes forget about it. Therefore I’d like to try out this system for a while, and see how it works out.

If you need some help with the signup, just ask on IRC. If you wish to have some software upgraded or find a bug in the signup program, report it on the issue tracker.

You can find the issue tracker here: <removed>

You need to sign up before you can add new issues. When you have signed up, you can also report new issues by sending an email to <removed> and starting the subject line with: [issue]

Update: Not in use since 5 Jan 2009, never recieved any issues via this channel.

Posted in Uncategorized | Leave a comment

Wiki – Userpages

Posted on April 25, 2008 by independence

I made a little script that extracts some info from the signup database and imports it into userpages on the wiki, so now almost everyone has a userpage on the wiki. Also, it’s possible to log in to the wiki with your signup account’s username and password again (it was disabled for a while after upgrading MoinMoin). Feel free to try it out, log in and edit your userpage!

Go to Wiki login, log in with signup account info, find your userpage (Userpages) and click Edit under Wikipage in the menu (you have to click on the header/arrow to see the Edit link)!

Edit, 26 Apr: Wiki login with signup account should work for real now 😉

Posted in web | Leave a comment

Proxy scan

Posted on April 22, 2008 by independence

Blinkenshells IRCd now scans all connecting clients for open proxies using BOPM. This is to prevent abuse from users connecting via proxys and thereby evading bans etc.

If you’re noticing some strangs messages in your firewall log or similar when connecting to our server, it might be due to BOPM checking for open proxies on your machine.

You can stop reading here if you’re not interested in running BOPM yourself.

If someone else out there is trying to use BOPM and UnrealIRCD (recent version, like 3.2+), I might be able to save you some pain by giving you this regexp to use in the bopm.conf:

connregex = "\\*\\*\\* Notice -- Client connecting: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";

The regexp given in BOPMs config and the one in their FAQ is not working, I found this one in some forum and modified it a bit for UnrealIRCD and finally got it working.

I got this strange message while trying to use the regexp from the FAQ:

pmatch[4].rm_so is -1 while parsing??? Aborting.

Posted in irc, security | Leave a comment

WordPress 2.5 on Blinkenshell

Posted on April 16, 2008 by independence

Users have reported some problems upgrading WordPress from 2.4 -> 2.5 on Blinkenshell. The problem seems to be that the upgrade script requires a lot of memory, more than the limit at Blinkenshell. Normally you can change this in your PHP script yourself, but since we use Suhosin for PHP this setting is locked down. I’ve now reconfigured Suhosin to allow users to set the memory limit up to 16MB (instead of 8MB.) I’ve now myself tried upgrading WordPress and it seems to have worked.

I followed the basic instructions here: http://codex.wordpress.org/Upgrading_WordPress

However, I had to change WP_MEMORY_LIMIT in wp-settings.php from 32MB to 16MB. Also, I had to redo the fix for canonical redirects (Howto WordPress.) The problem with canonical redirects might get fixed in 2.6, atleast that’s what the ticket in their bugtracking system said.

Posted in software, web | Leave a comment

Network down

Posted on February 25, 2008 by independence

As you probably noticed, Titan’s internet connection has been down for almost the entire weekend. After a powerfailure this Saturday some of my ISP’s equipment died, and since they don’t work on weekends we had to wait until today to get this fixed. Sorry, there’s nothing I can do about these kinds of things 🙁

Additionally, this afternoon there was Another powerfailure and the server rebooted again.

Posted in downtime, internet | Leave a comment

Reboot

Posted on February 22, 2008 by independence

There was a poweroutage at 04.01AM this morning, it was long enough to force the server to shut down after the UPS ran out of power.

When I woke up I used this opportunity to put some more RAM into the box (because it was down anyways), so it’s now a total of 2GB DDR in there 🙂 I ran memtest for a little while, and everything looks alright.

The powercompany said they were going to upgrade the powergrid to the server place this year, so hopefully we won’t have to deal with these darn poweroutages anymore after that 😉

Posted in downtime | 2 Comments

Blinkenshell Paid Service

Posted on February 19, 2008 by independence

I’ve been thinking of setting up another server for Blinkenshell to host paid accounts. This would be a more professional server, hosted in a dedicated datacenter with redundant Internet connections, 10/100Mbit/s, UPS, backup diesel power generators and so on. I’m thinking maybe 500MB quota, one open TCP port for servers or bouncers, and more generous limits on resource usage and more allowing rules. Because of the datacenter hosting, this service will not be free of course. I’d like to know how much you would pay for such a service? Please vote (and comment!) 🙂

[poll=2]

Posted in services | 5 Comments

Linux Local Root Exploit

Posted on February 11, 2008 by independence

There was news about a Local Root Exploit for Linux 2.6 on Slashdot yesterday. It’s pretty serious, and it affects most of the recent 2.6 kernels from what I can gather, up to kernel 2.6.24.2 which is patched against this exploit. I don’t know much about the inner workings of the kernel, but it seems like it had something to do with not enough security checks when using the vm splice function.

A user on Blinkenshell decided to try this exploit out on the shell, and he almost succeeded. Instead of getting a root shell though, he froze the entire box which then rebooted. When it came back up online, the network settings was off since I forgot to change a config file after the IP change. When I finally got back on the machine, which is not entirely easy since I only have remote access which depends on the network being online, I tried the exploit myself and it froze up the machine once more.

I then had to patch and recompile the kernel and change out the old one remotely via ssh, which is kinda scary since you only get one shot at it (if it doesn’t boot you can’t go back and try again.) It turned out good though, and we now have a new, patched kernel running! 😀

And btw, don’t try and exploits things like these on your own, tell me about it instead. Otherwise you will end up like charlie, with your account disabled! >:)

Posted in downtime, linux, security | Leave a comment

DOS Attack

Posted on February 8, 2008 by independence

Blinkenshell was once again target for a DOS attack, this time I had to change IP because the attacker was a bit persistant.

DNS records are updated to the new IP, and should not be in any caches anymore.

However, I need to change some information about I-lines at other IRC-networks. Until this is done most networks usually only allows a few connections.

Quakenet are having some problems with their services/bots, so we can not change the I-line at the moment. I do not have an estimate for when Quakenet will fix this, but hopefully not too long.

Edit1: Quakenet trust is now working again (as of 17:10, Feb 9)

Posted in attack, internet, irc | Leave a comment

Ident DDoS

Posted on January 28, 2008 by independence

You may have noticed that the shell server was a bit slow last night, this is because someone launched a DDoS attack on the server, more specifically the ident daemon. The network was down or very slow between 03-04, but the attack didn’t really stop until about 06 AM.

There was at times more than 7000 open connections, and during the night a total of roughly 200000 connections were made to the identd.

When I woke up this morning (7.30) it was over, but I’ve put in some extra protections so this should not be able to happen again. The identd is now rate limited in the firewall (with the limit filter to iptables), and there was also some parameters to the identd (oidentd in this case) to tweak the timeouts and number of connections.

It’s too bad those scriptkiddies can’t leave a decent provider like us alone, but I guess it’s a part of IRC and shell hosting bussiness. Hopefully they will grow up and learn some day 🙂

Posted in attack, internet, security | Leave a comment