Tweet
From http://www.userfriendly.org/:
[Illiad] ESCAPING A BLACK HOLE: ARCOR USERS IN .DE Posted:Mon Aug 18 14:04:43 2008
A LOW MEASURE ON THE FUN METRE: Earlier this year, an annoying, destructive script-kiddie started pounding on UF's servers, sucking down content, deliberately being evasive and overall behaving like a jerk. Our hostmaster worked mightily to stymie this charming example of human d*ckishness but eventually had to give up because of the number of IPs being used in the attack. All of the attacks came from a single German ISP, Arcor.
We contacted Arcor's abuse department many, many times, to no avail. When we did actually get a reply, we brought them up to speed on the abuse, but never received a response. As the attacks were continuing, I instructed our hostmaster to blackhole Arcor as a whole.
I hated having to do that, because ultimately the ones paying the price are UFies who used Arcor. I had hoped that they would pressure Arcor into doing something about the abuser, and many (dozens? hundreds?) of Arcor-using UFies did indeed make the effort to get a response from Arcor's NOC. Sadly, the response they received was similar to the one we received: nothing. Dead air.
We investigated a number of solutions, and had several very good ones suggested to us by some German UFies, but pretty much all of them required significant development or tech time, time we could ill-afford considering what other things we had on our plate. Months later, we think we have a few realistic ideas of what we can do, are now doing them, and as a result we're lifting the Arcor blackhole.
The blackhole should be lifted in a few hours after the timestamp on this post. Note that if you know of a fellow Arcor user who still has trouble accessing UF, please ask him or her to send us a note along with their IP address so that our hostmaster can investigate. Please use our tech **atthisdomain** email.
Please note that if we encounter large-scale scripting or DOSing again, we'll have to slam the door shut right away. We're really, really hoping that this isn't necessary.
To the UFies who use Arcor: you have my heartfelt apologies for dropping you in a hole for the past months. I also appreciate and thank those UFies who took the time to offer (in some cases very) clever solutions to our dilemma, and to those who tried very hard on our behalf to communicate the abuse to Arcor.
Has SN ever had a problem which was this serious? Did Royal ever have to blackhole an entire community? (Derby? Hutch? Eastbourgh? http://www.youtube.com/watch?v=bpAf1...eature=related).
[Illiad] ESCAPING A BLACK HOLE: ARCOR USERS IN .DE Posted:Mon Aug 18 14:04:43 2008
A LOW MEASURE ON THE FUN METRE: Earlier this year, an annoying, destructive script-kiddie started pounding on UF's servers, sucking down content, deliberately being evasive and overall behaving like a jerk. Our hostmaster worked mightily to stymie this charming example of human d*ckishness but eventually had to give up because of the number of IPs being used in the attack. All of the attacks came from a single German ISP, Arcor.
We contacted Arcor's abuse department many, many times, to no avail. When we did actually get a reply, we brought them up to speed on the abuse, but never received a response. As the attacks were continuing, I instructed our hostmaster to blackhole Arcor as a whole.
I hated having to do that, because ultimately the ones paying the price are UFies who used Arcor. I had hoped that they would pressure Arcor into doing something about the abuser, and many (dozens? hundreds?) of Arcor-using UFies did indeed make the effort to get a response from Arcor's NOC. Sadly, the response they received was similar to the one we received: nothing. Dead air.
We investigated a number of solutions, and had several very good ones suggested to us by some German UFies, but pretty much all of them required significant development or tech time, time we could ill-afford considering what other things we had on our plate. Months later, we think we have a few realistic ideas of what we can do, are now doing them, and as a result we're lifting the Arcor blackhole.
The blackhole should be lifted in a few hours after the timestamp on this post. Note that if you know of a fellow Arcor user who still has trouble accessing UF, please ask him or her to send us a note along with their IP address so that our hostmaster can investigate. Please use our tech **atthisdomain** email.
Please note that if we encounter large-scale scripting or DOSing again, we'll have to slam the door shut right away. We're really, really hoping that this isn't necessary.
To the UFies who use Arcor: you have my heartfelt apologies for dropping you in a hole for the past months. I also appreciate and thank those UFies who took the time to offer (in some cases very) clever solutions to our dilemma, and to those who tried very hard on our behalf to communicate the abuse to Arcor.
Has SN ever had a problem which was this serious? Did Royal ever have to blackhole an entire community? (Derby? Hutch? Eastbourgh? http://www.youtube.com/watch?v=bpAf1...eature=related).
Comment