stardot ORG slow and sometimes not working
stardot ORG slow and sometimes not working
The site is extremely slow today and has thrown up a SQL error a few time for me is there a problem with the site?
Regards Peter.
Re: stardot ORG slow and sometimes not working
I couldn't even get on at 7 this morning.
Re: stardot ORG slow and sometimes not working
Snap same challenge early today and again this evening.
Re: stardot ORG slow and sometimes not working
I think there's some flood of connections coming in... seeing this counter keep going up, lots of anonymous sessions:
and a minute laterIn total there are 297 users online :: 11 registered, 0 hidden and 286 guests (based on users active over the past 5 minutes)
Most users ever online was 1036 on Sun Nov 01, 2020 4:48 pm
In total there are 341 users online :: 11 registered, 0 hidden and 330 guests (based on users active over the past 5 minutes)
Re: stardot ORG slow and sometimes not working
The wonderful people at netnorth have, at least for now, fixed things. It is an external issue though
Re: stardot ORG slow and sometimes not working
Hurrah! Perhaps all those anon users were frustrated stardotters refreshing their pages, or something. That user count has calmed down now, anyway.
Re: stardot ORG slow and sometimes not working
seems to be behaving itself now, its once again responsive when you click something, no 5 min waiting
Regards Peter.
Re: stardot ORG slow and sometimes not working
Yes that did cross my mind as well, as it sometimes was fine and other times was totally dead.
Regards Peter.
- daveejhitchins
- Posts: 7888
- Joined: Wed Jun 13, 2012 6:23 pm
- Location: Newton Aycliffe, County Durham
- Contact:
Re: stardot ORG slow and sometimes not working
I'm still having issues - 21:15 . . .
Dave H.
Dave H.
Available: ARA II : ARA III-JR/PR : ABR : AP5 : AP6 : ABE : ATI : MGC : Plus 1 Support ROM : Plus 3 2nd DA : Prime's Plus 3 ROM/RAM : Pegasus 400 : Prime's MRB : ARCIN32 : Cross-32
- BeebMaster
- Posts: 7433
- Joined: Sun Aug 02, 2009 5:59 pm
- Location: Lost in the BeebVault!
- Contact:
Re: stardot ORG slow and sometimes not working
Yes, it's still happening for me here, same problems as have already been reported. Also I noticed (because as part of my unswerving policy to make life as difficult as possible for myself, and thereby never using bookmarks or anything like that, I always manually type the URL of any website I want to visit, but my brain hasn't updated to using the new URL for the forum yet, so I still ask for www.stairwaytohell.com/forums) that when it redirects to the correct site, Firefox gives me the old "secure site not available" http/https thing, which you then have to override, which it didn't do before today.
- BeebMaster
- Posts: 7433
- Joined: Sun Aug 02, 2009 5:59 pm
- Location: Lost in the BeebVault!
- Contact:
Re: stardot ORG slow and sometimes not working
Still very slow here, just in case you haven't noticed !
Re: stardot ORG slow and sometimes not working
I can absolutely guarantee that by the time someone reads it in this thread they'll have already noticed that it's slow.
It's external, it's not anything we can directly do anything about other than request the hosts investigate and block the offending IPs. We are doing this.
@beebmaster - I'm afraid you're either going to have to remember the forum address or just live with it. Or use bookmarks. It will be the redirect pointing at an http site. I've no control over that.
It's external, it's not anything we can directly do anything about other than request the hosts investigate and block the offending IPs. We are doing this.
@beebmaster - I'm afraid you're either going to have to remember the forum address or just live with it. Or use bookmarks. It will be the redirect pointing at an http site. I've no control over that.
- 1024MAK
- Posts: 12806
- Joined: Mon Apr 18, 2011 5:46 pm
- Location: Looking forward to summer in Somerset, UK...
- Contact:
Re: stardot ORG slow and sometimes not working
Just search for “StarDot forum”, it’s the first result normally…BeebMaster wrote: ↑Fri Mar 17, 2023 9:53 pm Also I noticed (because as part of my unswerving policy to make life as difficult as possible for myself, and thereby never using bookmarks or anything like that, I always manually type the URL of any website I want to visit, but my brain hasn't updated to using the new URL for the forum yet, so I still ask for www.stairwaytohell.com/forums) that when it redirects to the correct site, Firefox gives me the old "secure site not available" http/https thing, which you then have to override, which it didn't do before today.
Mark
For a "Complete BBC Games Archive" visit www.bbcmicro.co.uk NOW!
BeebWiki - for answers to many questions...
Fault finding index • Acorn BBC Model B minimal configuration • Logic Levels for 5V TTL Systems
BeebWiki - for answers to many questions...
Fault finding index • Acorn BBC Model B minimal configuration • Logic Levels for 5V TTL Systems
- BeebMaster
- Posts: 7433
- Joined: Sun Aug 02, 2009 5:59 pm
- Location: Lost in the BeebVault!
- Contact:
Re: stardot ORG slow and sometimes not working
Well, interestingly, I did it again just now, and I didn't get the "insecure" screen from Firefox, it went straight to the forum. So in that respect, something has "improved".
Re: stardot ORG slow and sometimes not working
My guess is that during the attack you entered a "bare" URL (without http or https prefix), so firefox attempted to auto-upgrade to https, but that took too long 'cos of the attack, and so firefox considered that a failure and printed the warning telling you it was going to the insecure http site instead.BeebMaster wrote: ↑Sat Mar 18, 2023 11:12 am Well, interestingly, I did it again just now, and I didn't get the "insecure" screen from Firefox, it went straight to the forum. So in that respect, something has "improved".
Rgds
Stephen
Stephen
Re: stardot ORG slow and sometimes not working
attack…?sweh wrote:…attack…
Sounds dramatic to us non-internet savvy types…?
Re: stardot ORG slow and sometimes not working
Yes, attack.
DDoS means "Distributed Denial of Service". It's a pretty self descriptive phrase. For a website suffering under a DDoS it means someone is trying to stop the web server from serving pages.
Typically this is done via resource starvation; send more requests to a website than it can handle. Now the site is spending all of its time trying to respond to the bad requests and has no time to handle real user requests. This sounds like the sort of stuff we saw here (based on what people have said and the high "guest" numbers).
Another sort of DDoS is to try and use up all the network bandwidth. This is normally overkill, especially for small sites like ours, but may be done on major sites (e.g. megabanks).
In the cyber security industry (where I work) we call this activity an attack because it is a deliberate action to prevent the correct and normal running of a service. It's literally an attack on the service availability.
Now the "distributed" nature of a DDoS is normally achieved by using a "bot army". These are typically compromised machines; they could be other compromised web servers or (more frequently) compromised desktops. There's a lot of Windows malware that exists solely to "recruit" desktops into bot armies. The desktop owner doesn't even know it's happened! The malware just listens for instructions sent from a C3 (aka CCC - Command and Control Center) and performs actions accordingly.
It's really cheap as well; if you know where to look you can hire small bot networks for a few dollars. A site like ours wouldn't need a large bot army. And because armies can change IP addresses (just change what compromised machines are used to do the attack) it's a whack-a-mole defense; as soon as you block the existing bad IPs a new set pop-up.
(There are commercial offerings that are smarter than just IP blocking; this is also an area where AI/ML is showing some worth in identifying attack patterns and blocking before the traffic even gets to the server).
Bot armies are used for more than DDoS attacks. If you've received email spam recently then it's probably been sent via a bot. And anyone who runs a webserver and looks at the logs will definitely see bots being used to run automated probes (no, I don't run Wordpress you dumb bot; you'll never find a WP vulnerability on my machine!).
I just don't know why someone decided to attack this forum. Odd.
DDoS means "Distributed Denial of Service". It's a pretty self descriptive phrase. For a website suffering under a DDoS it means someone is trying to stop the web server from serving pages.
Typically this is done via resource starvation; send more requests to a website than it can handle. Now the site is spending all of its time trying to respond to the bad requests and has no time to handle real user requests. This sounds like the sort of stuff we saw here (based on what people have said and the high "guest" numbers).
Another sort of DDoS is to try and use up all the network bandwidth. This is normally overkill, especially for small sites like ours, but may be done on major sites (e.g. megabanks).
In the cyber security industry (where I work) we call this activity an attack because it is a deliberate action to prevent the correct and normal running of a service. It's literally an attack on the service availability.
Now the "distributed" nature of a DDoS is normally achieved by using a "bot army". These are typically compromised machines; they could be other compromised web servers or (more frequently) compromised desktops. There's a lot of Windows malware that exists solely to "recruit" desktops into bot armies. The desktop owner doesn't even know it's happened! The malware just listens for instructions sent from a C3 (aka CCC - Command and Control Center) and performs actions accordingly.
It's really cheap as well; if you know where to look you can hire small bot networks for a few dollars. A site like ours wouldn't need a large bot army. And because armies can change IP addresses (just change what compromised machines are used to do the attack) it's a whack-a-mole defense; as soon as you block the existing bad IPs a new set pop-up.
(There are commercial offerings that are smarter than just IP blocking; this is also an area where AI/ML is showing some worth in identifying attack patterns and blocking before the traffic even gets to the server).
Bot armies are used for more than DDoS attacks. If you've received email spam recently then it's probably been sent via a bot. And anyone who runs a webserver and looks at the logs will definitely see bots being used to run automated probes (no, I don't run Wordpress you dumb bot; you'll never find a WP vulnerability on my machine!).
I just don't know why someone decided to attack this forum. Odd.
Rgds
Stephen
Stephen
Re: stardot ORG slow and sometimes not working
Also attacked the Exxos forum by the looks of things. Seemed to be run from Amazon Web Services. Very odd.
Deep seated hatred of retrocomputers?
Edit:
I think it's a general attack on phpbb forums:
https://forums.raspberrypi.com/viewtopic.php?t=349000
Deep seated hatred of retrocomputers?
Edit:
I think it's a general attack on phpbb forums:
https://forums.raspberrypi.com/viewtopic.php?t=349000
Re: stardot ORG slow and sometimes not working
Hmm. I've asked at https://www.phpbb.com/community/viewtopic.php?t=2638941 (but my post is awaiting moderation since I'm a new user there). I linked to this thread and the rPi thread.
Rgds
Stephen
Stephen
Re: stardot ORG slow and sometimes not working
I had ddos issues on my website, I have no idea why anyone would target my crappy website
so I linked it up with cloudflare (free) which has a ddos protection mode and everything has been fine since
maybe it could help here too ?
so I linked it up with cloudflare (free) which has a ddos protection mode and everything has been fine since
maybe it could help here too ?
- 1024MAK
- Posts: 12806
- Joined: Mon Apr 18, 2011 5:46 pm
- Location: Looking forward to summer in Somerset, UK...
- Contact:
Re: stardot ORG slow and sometimes not working
Hmm, well I’ve not had problems with the other “retro” computer phpbb forums that I regularly visit.danielj wrote: ↑Sat Mar 18, 2023 8:22 pm I think it's a general attack on phpbb forums:
https://forums.raspberrypi.com/viewtopic.php?t=349000
Mark
For a "Complete BBC Games Archive" visit www.bbcmicro.co.uk NOW!
BeebWiki - for answers to many questions...
Fault finding index • Acorn BBC Model B minimal configuration • Logic Levels for 5V TTL Systems
BeebWiki - for answers to many questions...
Fault finding index • Acorn BBC Model B minimal configuration • Logic Levels for 5V TTL Systems
Re: stardot ORG slow and sometimes not working
Thanks for the explanations. I saw Daniel write just ‘DDOS’ and Ian’s reply - I genuinely thought it was some kind of retro-related ‘in’ joke and that he was referring to our familiar DDOS mnemonic. Not everyone on here is necessarily a general computing technology ninja….
Re: stardot ORG slow and sometimes not working
And, apparently, that was enough to get my account deleted. Ummm... OK?sweh wrote: ↑Sat Mar 18, 2023 9:14 pm Hmm. I've asked at https://www.phpbb.com/community/viewtopic.php?t=2638941 (but my post is awaiting moderation since I'm a new user there). I linked to this thread and the rPi thread.
Rgds
Stephen
Stephen
Re: stardot ORG slow and sometimes not working
just possibly they have rules about posting links to forums? Who knows...
Re: stardot ORG slow and sometimes not working
Someone with a bit of cash and a grudge... is there any reason why it would be counterproductive to block great swathes of AWS address space? I can't quite think why legitimate access would come from a cloud service. (I don't like broad bans - sometimes people under attack ban whole countries, but that seems wrong to me. AWS is not a country!)
Re: stardot ORG slow and sometimes not working
Lots of PHPBB instances have suffered as far as I know. Some speculation it's a badly written search engine bot. The relevant user agent was barred and that seems to have shut it up.BigEd wrote: ↑Mon Mar 20, 2023 10:17 am Someone with a bit of cash and a grudge... is there any reason why it would be counterproductive to block great swathes of AWS address space? I can't quite think why legitimate access would come from a cloud service. (I don't like broad bans - sometimes people under attack ban whole countries, but that seems wrong to me. AWS is not a country!)