SEARCH

Enter your search query in the box above ^, or use the forum search tool.

You are not logged in.

#376 2013-10-23 18:21:32

jaws222
Member
Registered: 2012-01-07
Posts: 36

Re: DDoS Attack 2013-10-17 (resolved)

mw wrote:

I was kind of shocked to see that there is no round robin DNS for the default package server.
It would be nice to have the crunchbang packages mirrored on another server since the userbase is scratching the point where I'd consider the distribution significant.
Since it's an open source project, you should be able to get a mirror network fairly easily. Many universities offer mirroring for Linux distributions.
For instance, you could consider contacting the administrators for http://ftp.uni-erlangen.de here: http://www.rrze.uni-erlangen.de/impressum.shtml

To make it easier for people willing to mirroring crunchbang to get a copy of the full package repository, you should take a look at setting up an rsyncd, it is the best solution for this kind of job.

I'm willing to help in case you need any help contacting university ftpmasters (Edit: or setting up rsync, but it's really easy)

Hope the kiddies will settle down eventually.


I would guess there's a cost associated with that and since Crunchbang is free maybe there is not enough money to support something like that.

Offline

Be excellent to each other!

#377 2013-10-23 18:25:19

mw
New Member
Registered: 2013-09-09
Posts: 7

Re: DDoS Attack 2013-10-17 (resolved)

jaws222 wrote:

I would guess there's a cost associated with that and since Crunchbang is free maybe there is not enough money to support something like that.

No, universities do it for free, which is the whole point of me writing this message. I can't imagine that debian would have always been paying for their mirror network, instead I think universities volunteered to host mirrors for a lot of Free Software. Part of the reason for this is that research networks have multiple hundreds of GBit/s bandwidth and they need to fill it up to get grants for even faster networks. Faster networks on the other hand are important to do research in that area.

Edit: Another reason is obviously that universities and research institutes use a lot of free software and prefer having their own mirrors for speed. It's usually cheaper for them to provide a bit of bandwidth and storage space for Free Software projects and thus supporting the ideology they depend on, rather than buying windows licenses for the entire campus. (Do you have any idea how many hundreds of computers there are on a campus?)

Last edited by mw (2013-10-23 18:28:47)

Offline

#378 2013-10-23 18:37:34

jaws222
Member
Registered: 2012-01-07
Posts: 36

Re: DDoS Attack 2013-10-17 (resolved)

mw wrote:
jaws222 wrote:

I would guess there's a cost associated with that and since Crunchbang is free maybe there is not enough money to support something like that.

No, universities do it for free, which is the whole point of me writing this message. I can't imagine that debian would have always been paying for their mirror network, instead I think universities volunteered to host mirrors for a lot of Free Software. Part of the reason for this is that research networks have multiple hundreds of GBit/s bandwidth and they need to fill it up to get grants for even faster networks. Faster networks on the other hand are important to do research in that area.

Edit: Another reason is obviously that universities and research institutes use a lot of free software and prefer having their own mirrors for speed. It's usually cheaper for them to provide a bit of bandwidth and storage space for Free Software projects and thus supporting the ideology they depend on, rather than buying windows licenses for the entire campus. (Do you have any idea how many hundreds of computers there are on a campus?)


Okay, I wasn't too sure how that works.  Maybe someone else can chime in and tell us why?

Offline

#379 2013-10-23 18:41:19

mosesgunn
#! CrunchBanger
Registered: 2012-10-20
Posts: 133

Re: DDoS Attack 2013-10-17 (resolved)

The debian repos are mirrored, it's the crunchbang repos that are being attacked.

So far as I understand it.

Offline

#380 2013-10-23 18:44:23

mw
New Member
Registered: 2013-09-09
Posts: 7

Re: DDoS Attack 2013-10-17 (resolved)

mosesgunn wrote:

The debian repos are mirrored, it's the crunchbang repos that are being attacked.

So far as I understand it.

Yes, so having crunchbang mirrored would make it harder to DDoS all package repository copies by taking down one server with a DDoS.

That's what debian does. Their master server isn't even public. It's mirrors all the way down.

Offline

#381 2013-10-23 19:14:02

corenominal
WRONG
From: Lincoln, UK
Registered: 2008-11-20
Posts: 5,058
Website

Re: DDoS Attack 2013-10-17 (resolved)

The null route on your Linode's IP address has been removed at this time and we have set this ticket to automatically close in 48 hours while we monitor for any additional issues.

smile

Offline

#382 2013-10-23 19:17:59

#!_828
#! Tinfoil Hat
From: Ohio, U. S. of A.
Registered: 2013-09-19
Posts: 1,162

Re: DDoS Attack 2013-10-17 (resolved)

Sector11 wrote:
pvsage wrote:

@xskoulax:  How many licks does it take to get to the Tootsie Roll center of a Tootsie Pop?

So the HHGTTG asked the wrong question with "The Answer to the Ultimate Question of Life, the Universe, and Everything" but came up with the same answer ....

42

How about that! They could have come up with the answer so much faster had they just licked a Tootsie Pop!

Well, yes & no. While it's true that nobody had guessed the right question, the question is not "The ulrimate question of life , the universe, & everything", which is a fragment, not even a sentance, much less a question.


Those who would trade essential liberty for temporary security deserve neither
Member of the (Un)Official #! Emergency Tinfoil Hat Distribution Center
Emergency Tinfoil Hat Conky Alert System development team

Offline

#383 2013-10-23 19:19:57

xero
#! Junkie
From: 0x000000
Registered: 2013-09-30
Posts: 379
Website

Re: DDoS Attack 2013-10-17 (resolved)

corenominal wrote:

The null route on your Linode's IP address has been removed at this time and we have set this ticket to automatically close in 48 hours while we monitor for any additional issues.

smile

w00t w00t!


▬▬ι═════════ﺤ
dotfiles http://git.io/.files

Offline

#384 2013-10-23 19:20:07

Malice
Member
From: Poland
Registered: 2013-10-15
Posts: 49

Re: DDoS Attack 2013-10-17 (resolved)

Wait what, resolved?

Edit:
1fVJiva

Last edited by Malice (2013-10-23 19:23:02)

Offline

#385 2013-10-23 19:23:35

Linuxephus™
Banned
From: Reality Check 101.
Registered: 2013-09-11
Posts: 158

Re: DDoS Attack 2013-10-17 (resolved)

Le Barde wrote:

Hi there,
I'm new to this forum (but not to #!).

I see another reason that may not have been told upon here : what if somebody has discovered a full-disclosure vulnerability only in #! ?
In that case, preventing people from upgrading should leave this vulnerability unfixed...

In any case, I do not want to contribute to a possible hysteria ! Just pointing out...

This would predicate an unknown vulnerability (infer potential zero day exploit in the packages) that does not realistically exist.
Furthermore, as it stands to this date at present time of this comment, all packages stand as secure even with no specific Crunchbang updates available currently. Hence the use of specific wording, Secure and Stable, in regards to Crunchbang being based upon Debian directly. Thus negating the need for immediate updates with the Stable packages based upon them being Secured from the start by the package maintainers themselves (infer Crunchbang related as well).


-Evolution Is Merely God's Way Of Performing An Upgrade.-
-Linux: Guerrilla UNIX Development...Venimus, Vidimus, Dolavimus.-
-Linux: The Operating System With A C.L.U.E...Command Line User Environment.-

Offline

#386 2013-10-23 19:27:34

photonucleon
Quantum Geek
From: Hogwarts
Registered: 2013-06-10
Posts: 878

Re: DDoS Attack 2013-10-17 (resolved)

corenominal wrote:

The null route on your Linode's IP address has been removed at this time and we have set this ticket to automatically close in 48 hours while we monitor for any additional issues.

smile

Yaaay!  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile  big_smile


-I made some music!- -A CrunchBanger's blog- -Enable boot from USB on older computers-
“We are, with a delicate machete, carving out a new path” - Steven Sharp Nelson

Offline

#387 2013-10-23 19:27:48

#!_828
#! Tinfoil Hat
From: Ohio, U. S. of A.
Registered: 2013-09-19
Posts: 1,162

Re: DDoS Attack 2013-10-17 (resolved)

pvsage wrote:

If we define "ultimate" as "final", The Ultimate Question has yet to be asked, and will never be asked until the end of Life, the Universe, and Everything. tongue

Then, in that sense, the "ultimate question" is actually not the most powerful question in the universe (or multiverse), instead, the most powerful question in the universe is the first one to be asked & the last one to be answered (according to some, it must never be answered), that has been hiding in plain sight since the dawn of time. For it is written "on the Fields of Trenzalore, at the fall of the Eleventh, when no living creature can speak falsely or fail to answer, a question will be asked — a question that must never ever be answered" That question, my friends, is: "Doctor Who?"

Last edited by #!_828 (2013-10-23 19:30:54)


Those who would trade essential liberty for temporary security deserve neither
Member of the (Un)Official #! Emergency Tinfoil Hat Distribution Center
Emergency Tinfoil Hat Conky Alert System development team

Offline

#388 2013-10-23 19:30:53

Malice
Member
From: Poland
Registered: 2013-10-15
Posts: 49

Re: DDoS Attack 2013-10-17 (resolved)

Offtopic:

I love the way that from the thread where we were worried about DDoS, this transformed into finding Ultimate Question, solving problems of Universe, and much much more... smile

Offline

#389 2013-10-23 19:35:01

#!_828
#! Tinfoil Hat
From: Ohio, U. S. of A.
Registered: 2013-09-19
Posts: 1,162

Re: DDoS Attack 2013-10-17 (resolved)

Malice wrote:

Offtopic:

I love the way that from the thread where we were worried about DDoS, this transformed into finding Ultimate Question, solving problems of Universe, and much much more... smile

Well, keeping up with the initial hysteria got a bit tedious after a day or so, & if you go back to pages 5-10,  there's nothing but accusations of trolling, "tinfoil hat conspiracies", people yelling at each other to calm the [insert expellative here] down, & so on. The current state of affairs is much more manageable  smile

Last edited by #!_828 (2013-10-23 20:09:01)


Those who would trade essential liberty for temporary security deserve neither
Member of the (Un)Official #! Emergency Tinfoil Hat Distribution Center
Emergency Tinfoil Hat Conky Alert System development team

Offline

#390 2013-10-23 19:47:08

canpolat
#! CrunchBanger
Registered: 2012-09-25
Posts: 113

Re: DDoS Attack 2013-10-17 (resolved)

corenominal wrote:

The null route on your Linode's IP address has been removed at this time and we have set this ticket to automatically close in 48 hours while we monitor for any additional issues.

smile

Great news!


Every solution is an intermediate solution.

Offline

#391 2013-10-23 20:30:59

thegoat31
New Member
Registered: 2013-10-17
Posts: 1

Re: DDoS Attack 2013-10-17 (resolved)

corenominal wrote:

The null route on your Linode's IP address has been removed at this time and we have set this ticket to automatically close in 48 hours while we monitor for any additional issues.

smile

I can now install #! on my netbook and update and Install all software I want. Woot! Woot! I love #!

Offline

#392 2013-10-23 20:44:41

coelacanth
New Member
From: USA
Registered: 2013-02-01
Posts: 9

Re: DDoS Attack 2013-10-17 (resolved)

I installed #! on the day of the DDoS; is the Debian swirl image in the grub boot screen a result of upgrading with the #! repos commented out of my sources list? If so, is there a way to keep it after re-adding the #! repos and upgrading? I like it.

Last edited by coelacanth (2013-10-23 20:46:56)

Offline

#393 2013-10-23 21:25:54

lurka
Member
Registered: 2012-04-20
Posts: 46

Re: DDoS Attack 2013-10-17 (resolved)

Congrats to corenom and everybody's who's been waiting for this to let up.

Hi coelacanth, I think what your referring to is handled in the desktop-base package - you can keep the debian (as opposed the the waldorf) version by editing your apt/preferences.

Last edited by lurka (2013-10-23 21:30:40)

Offline

#394 2013-10-23 21:29:06

lowrider
#! Die Hard
From: Germany
Registered: 2011-09-10
Posts: 675

Re: DDoS Attack 2013-10-17 (resolved)

I just re-enabled #!repos, update/dist-upgrade. Everything is back to normal...


came for the distro, stayed for the community
streamripper :: smxi

Offline

#395 2013-10-23 21:35:25

pvsage
Internal Affairs
From: North Carolina
Registered: 2009-10-18
Posts: 12,776

Re: DDoS Attack 2013-10-17 (resolved)

@coelacanth:  I think if you reduce the pinning of Waldorf in /etc/apt/preferences, you'll keep the newer packages from Debian; if you don't they'll be downgraded.  I think a pinning of 800 will allow Waldorf to have priority for newly-installed packages, yet prevent already-installed ones from being downgraded.

EDIT:  I haven't attempted to install any new packages from Waldorf, but I've tested and confirmed that with Waldorf pinned at 1001, desktop-base, libdvdcss2, libxft2, lxappearance, terminator, and tint2 are downgraded, while they are not if Waldorf is pinned at 800.  Gotta get ready for work right now, but I can try a fresh install with Waldorf pinned at 800 before any dist-upgrade...on the morrow.

Last edited by pvsage (2013-10-23 21:55:15)


I'm a moderator here.  How are we doing?  Feedback is encouraged.

Offline

#396 2013-10-23 22:01:47

CSCoder4ever
#! Keyboard Troll
From: llun\ved\
Registered: 2013-09-03
Posts: 1,955

Re: DDoS Attack 2013-10-17 (resolved)

YAY! I'm so glad!

Offline

#397 2013-10-23 22:11:32

coelacanth
New Member
From: USA
Registered: 2013-02-01
Posts: 9

Re: DDoS Attack 2013-10-17 (resolved)

lurka wrote:

Congrats to corenom and everybody's who's been waiting for this to let up.

Hi coelacanth, I think what your referring to is handled in the desktop-base package - you can keep the debian (as opposed the the waldorf) version by editing your apt/preferences.

Thanks. I want my system to stay in sync with Crunchbang though, could this cause problems later?

pvsage wrote:

@coelacanth:  I think if you reduce the pinning of Waldorf in /etc/apt/preferences, you'll keep the newer packages from Debian; if you don't they'll be downgraded.  I think a pinning of 800 will allow Waldorf to have priority for newly-installed packages, yet prevent already-installed ones from being downgraded.

Thanks for the info. Similar to my question above: If the devs decide to make their own modifications to the affected packages, could this screw up my #! setup later? I don't want to go through a bunch of crap just because I like the pretty picture that shows up on the boot screen for 10 seconds.

Offline

#398 2013-10-23 22:24:41

porkpiehat
#! Die Hard
Registered: 2012-10-02
Posts: 830

Re: DDoS Attack 2013-10-17 (resolved)

There are no "devs" -- there's just corenominal. AFAIK, the modifications made to the Debian packages to make them #!-worthy are mainly theming ("look and feel" -- think Debian swirl vs gray background) and nothing that will "screw up" your setup if you have them or not. In addition, modifications to these packages don't appear to happen very often. Many people run #! with the Waldorf repos permanently commented out or removed (this is actually recommended for people moving to Testing or sid). In fact, having the Waldorf repo pinned at 1001 (where it forces versions from that repo to be installed, even if there are newer versions in the Debian repo) has caused problems for some people.

But of course this is just my opinion, and this has now moved beyond discussing the DDoS attack. Perhaps you should start a separate support topic.

Last edited by porkpiehat (2013-10-23 22:26:56)


# echo 0.0.0.0 crunchbang.org >> /etc/hosts

Offline

#399 2013-10-23 22:35:21

Linuxephus™
Banned
From: Reality Check 101.
Registered: 2013-09-11
Posts: 158

Re: DDoS Attack 2013-10-17 (resolved)

Coelacanth:
Essentially what Porkpiehat has already stated.
Corenominal has always been carefull to make sure that any modifications to the Debian base upon which Crunchbang is built on remains compatible with Debian packages.


-Evolution Is Merely God's Way Of Performing An Upgrade.-
-Linux: Guerrilla UNIX Development...Venimus, Vidimus, Dolavimus.-
-Linux: The Operating System With A C.L.U.E...Command Line User Environment.-

Offline

Help fund CrunchBang, donate to the project!

#400 2013-10-23 22:39:39

coelacanth
New Member
From: USA
Registered: 2013-02-01
Posts: 9

Re: DDoS Attack 2013-10-17 (resolved)

Thanks to all who replied. I'll look into it more and start a new topic if I want to inquire futher.

Also thanks to corenomial for keeping the distro going strong and seeing us through the downtime.

Last edited by coelacanth (2013-10-23 22:40:14)

Offline

Board footer

Powered by FluxBB

Copyright © 2012 CrunchBang Linux.
Proudly powered by Debian. Hosted by Linode.
Debian is a registered trademark of Software in the Public Interest, Inc.

Debian Logo