 | | Re: Important message for people connecting via NNTP
|
|
(...) Todd, I would consider Emailing everyone registered with Lugnet and explaining the situation and providing guidance how to go about fixing their news reader so thay can start posting again. -Orion (21 years ago, 28-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: Important message for people connecting via NNTP
|
|
(...) Did you move to port 1119? You didn't say if you had, but if you haven't, you might try that. Did you try repeatedly and check that the web access was working at the time that you got the failure? My experience has been that service is still (...) (21 years ago, 28-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: Important message for people connecting via NNTP
|
|
Not working for me. Using Outlook Express I get errors 0x800CCC13 and 0x800CCC15, 'Unable to read Winsock reply' and 'Unable to open Windows Socket'. Can anyone help me with this? Thanx, Duq (...) (21 years ago, 28-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: Important message for people connecting via NNTP
|
|
(...) Oh, that's the deal. Thanks Todd, for all your hard work! Rob (21 years ago, 27-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: Important message for people connecting via NNTP
|
|
(...) As I said offline, I fear this may not be enough, I still get lots of return code 0s from posting. (21 years ago, 26-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: Important message for people connecting via NNTP
|
|
(...) Thanks for your continued efforts, Todd. It is appreciated. Dave K (21 years ago, 26-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: Important message for people connecting via NNTP
|
|
(...) SFF Net (URL) had similar problems and has the following page of documentation on how to reconfigure your newsreader: (URL) you read LUGNET via the web interface, please disregard this. This is only if you read via NNTP. --Todd (21 years ago, 26-Sep-03, to lugnet.admin.nntp)
|
| |
| | Important message for people connecting via NNTP
|
|
Due to a recent distributed denial of service attack, we have shut down NNTP service on port 119 to prevent further service interruptions. Alternate ports 1119, 8000, and 8080 are still available. --Todd (21 years ago, 26-Sep-03, to lugnet.admin.nntp, lugnet.announce) !!
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Hard to know for sure. More and more, it's seeming like the former rather than the latter. Early on, the attacks all consisted of commands to repeatedly list the contents of known existing newsgroups on this server, which made it seem (...) (21 years ago, 25-Sep-03, to lugnet.admin.nntp)
|
| |
| | Please cancel my last message.
|
|
Todd, Could you cancel my previous message to this group? I was grumpy from lugnet withdrawl and posted without thinking first. Don (21 years ago, 25-Sep-03, to lugnet.admin.nntp)
|
| |
| | (canceled)
|
|
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Adapted you say, could this be the BORG !!! (:-)) (21 years ago, 25-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Todd, pardon my ignorance, but is this a DoS aimed at Lugnet specifically, or a more generic NNTP attack? who would want to pester Lugnet? Chris (21 years ago, 25-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Cool. One person posting over on BL suggested that the attack might be a generic SWEN attack looking to gather email addresses for other neferious purposes. One site[1] has chossen to move the NNTP port to 1119 temporarily until such time as (...) (21 years ago, 25-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Yup, started doing that Monday evening. It worked quite well for a while, until the author of the attacks discovered the tarpit behavior and adapted. --Todd (21 years ago, 24-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Just a passing idea.. setting up a tarpit to mimmic the NNTP server, then sending the misbehaving traffic there rather than blocking it. That might slow down the offending servers to such a point that they back off. Ray (21 years ago, 24-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) I suggest it as a temporary measure only until this problem were resolved other ways. Think of it as a detour while the real road is repaired. I have no idea if it's technically even feasible, or would solve the problem (from the outside (...) (21 years ago, 24-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
"Larry Pieniazek" <lpieniazek@mercator.com> wrote in message news:HLp90M.191p@lugnet.com... [ ... snipped .. ] (...) worse, or (...) Please don't do this. Turning off NNTP would dramatically reduce my (and I suspect many others) participation in (...) (21 years ago, 24-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Any chance that turning off NNTP (except as presented by the web or mail interfaces, but not accepting stuff from the outside world) would work? It would mean that nntp users would be cut off completely, but is that worse, or better, than (...) (21 years ago, 24-Sep-03, to lugnet.admin.nntp)
|
| |
| | Re: NNTP is working (mostly)
|
|
(...) Actually, the site wasn't down -- only the dynamic portions of the webserver were shut off (voluntarily and automatically by the system) to help keep the load average down. The NNTP attacks are still coming and the total number of compromised (...) (21 years ago, 23-Sep-03, to lugnet.admin.general, lugnet.admin.nntp)
|
