A Week Unwound

This week was a crappy tech week, filled with server / network stresses, security vulnerability releases and spammers. To get some closure on these issues, I thought I’d blog about them a bit.

Our network provider, iWeb Technologies, was unable to solve an on-going router issue somewhere between their network and Pier1’s backbone. This router issue resulted in my servers primary IP address being inaccessible indefinitely until I logged in and ran a command to notify their router I was still there… highly annoying for me and my customers, I’m sure. Their only immediate solution to this problem is to have me run “arping” in cron every minute, which tells their routers my servers MAC address. The long term solution is to have me migrate from their old network to their new BGP network. Moving to the new network is a great long-term solution, but it requires a whole new set of IP addresses and moving 8 name servers with 260 domains is a bit stressful. Either way, so waking up in the morning and finding out your server is not accessible tends to ruin every day of the week. This issues has been “resolved” with the cron job now, but still.

Next we had security vulnerabilities left, right, and centre this week. The first one was with Mambo / Joomla, in the form of a worm that exploited code in most versions of Mambo / Joomla and allowed for any number of crazy things to be installed and run. Once finding out how serious this was, Greg and I ended up manually patching 12 – 14 client installations all over the server. Next I find out there’s problems with every available version of PHPMyAdmin (until they released 2.7.0-pl1) that was stressful in ways that’s for sure. Finally, a client’s website had a vulnerability in their contact form that was exploited by a damn spammer… which leads me to my next paragraph…

Spammers… for the love of pete, these people should have their arms removed. I don’t understand it, you’re making millions of people lives crappy so you can make a buck off of other stupid people? How do you sleep at night? We had two instances this week with spammers. The first one was outgoing spam, as I mentioned above, a spammer exploited a PHP contact form on a clients website sending hundreds of thousands of spam messages to AOL users. It took Greg and I quite a while to track this down and stop the flow… all this while Greg’s girlfriend was down trying to visit him for a night. I felt bad about that. Sorry Jocelyn. The following night we were hit by an incoming spam attack, what a nightmare. We’ve already done almost everything we can do to prevent this (RBL’s, SMTP Reject and our own black-list), so pretty much all you can do is sit there and watch. After about 1/2 an hour and a lot of bandwidth the attack subsided.

Like I said in the first sentence… it was a crappy tech week. So what better way to end the week than to get together with friends, eat pizza, play poker and get drunk. Needless to say, I had a great night last night doing all those things. I didn’t win at poker (albeit I had some damn good wins and loses) but had a great time playing. It was great to get together with everyone and unwind like that; I have some great friends, and I’m thankful for that.

Best Regards,
Matt Simpson

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.