Results 1 to 11 of 11

Thread: The Recent Database Issues

  1. #1
    Administrator John Pierce's Avatar
    Join Date
    May 2006
    Location
    Bristol, VA
    Posts
    1,735

    Cool The Recent Database Issues

    Ok. I believe that I have resolved the issues that have been plaguing us since last Friday's upgrade to vBulletin 4.10 PL 2.

    In attempting to address the symptoms, I made a number of changes to the forum, some of which I plan to keep and some of which I will roll back (and some I didn't realize until members reported it).

    So ... if you are experiencing anything that you think I need to change, please let me know. And thanks for being patient as I worked through the issue.

    For those who are curious and technically minded, the issue was a combination of a brute force attack by parties unknown using the search features of the forum combined with the back-end database using table level locking which allowed one attack query to take down the entire database as subsequent queries backed up and quickly consumed all available system resources waiting for a table lock release that never came.

    I hope that with the latest changes we have seen the end of the issues. But please report any problems if you encounter them.

    Thanks again!


    John

  2. #2
    Banned
    Join Date
    Jan 2010
    Location
    Fairborn, Ohio, USA
    Posts
    13,063
    Quote Originally Posted by Administrator View Post
    Ok. I believe that I have resolved the issues that have been plaguing us since last Friday's upgrade to vBulletin 4.10 PL 2.

    In attempting to address the symptoms, I made a number of changes to the forum, some of which I plan to keep and some of which I will roll back (and some I didn't realize until members reported it).

    So ... if you are experiencing anything that you think I need to change, please let me know. And thanks for being patient as I worked through the issue.

    For those who are curious and technically minded, the issue was a combination of a brute force attack by parties unknown using the search features of the forum combined with the back-end database using table level locking which allowed one attack query to take down the entire database as subsequent queries backed up and quickly consumed all available system resources waiting for a table lock release that never came.

    I hope that with the latest changes we have seen the end of the issues. But please report any problems if you encounter them.

    Thanks again!


    John
    Thanks for the explanation.

    Question. If you do identify the culprit and if it turns out that the act was deliberate and malicious (for example, say, revenge from a disgruntled former member), did that person commit a crime? Can criminal (or civil) law be used to take the perp to task?

  3. #3
    Administrator John Pierce's Avatar
    Join Date
    May 2006
    Location
    Bristol, VA
    Posts
    1,735
    Quote Originally Posted by eye95 View Post
    Thanks for the explanation.

    Question. If you do identify the culprit and if it turns out that the act was deliberate and malicious (for example, say, revenge from a disgruntled former member), did that person commit a crime? Can criminal (or civil) law be used to take the perp to task?
    There is at least one federal law making such an attack a criminal offense. And it also gives rise to a number of civil issues. However, a clever attacker, using anonymous proxies is VERY difficult to track.

    The important thing is to be able to move forward.


    John

  4. #4
    Founder's Club Member
    Join Date
    Nov 2006
    Location
    Fairfax Co., VA
    Posts
    18,766
    Quote Originally Posted by Administrator View Post
    SNIP...the issue was a combination of a brute force attack by parties unknown using the search features of the forum combined with the back-end database using table level locking which allowed one attack query to take down the entire database as subsequent queries backed up and quickly consumed all available system resources waiting for a table lock release that never came.
    Huh!?! Wudhesay? Lawyers. Phhht.
    Last edited by Citizen; 12-21-2010 at 05:51 PM.

  5. #5
    Regular Member TFred's Avatar
    Join Date
    Oct 2008
    Location
    Most historic town in, Virginia, USA
    Posts
    7,705
    Quote Originally Posted by Citizen View Post
    Huh!?! Wudhesay? Lawyers. Phhht.
    Actually, that's pretty good for a lawyer! Techno-babble like that is usually reserved for computer weenies!!

    TFred

  6. #6
    Founder's Club Member
    Join Date
    Nov 2006
    Location
    Fairfax Co., VA
    Posts
    18,766
    Quote Originally Posted by TFred View Post
    Actually, that's pretty good for a lawyer! Techno-babble like that is usually reserved for computer weenies!!

    TFred
    Look, just tell me that the feed lips were bent, or something understandable.


  7. #7
    Moderator / Administrator Grapeshot's Avatar
    Join Date
    May 2006
    Location
    North Chesterfield, Va.
    Posts
    34,603
    Quote Originally Posted by Citizen View Post
    Look, just tell me that the feed lips were bent, or something understandable.

    There are no feed lips on my magazine.

    Kudos to John for solving this.

    Opps - just found out I cannot copy and paste a picture.
    Last edited by Grapeshot; 12-22-2010 at 02:14 PM. Reason: format
    You will not rise to the occasion; you will fall back on your level of training. Archilochus, 650 BC

    Old and treacherous will beat young and skilled every time. Yata hey.

  8. #8
    Founder's Club Member ixtow's Avatar
    Join Date
    Nov 2006
    Location
    Suwannee County, FL
    Posts
    5,069
    Many forum moderators ban all TOR exit nodes. It does, however, also stifle free speech to ban TOR exit nodes. Many censored locales depend on TOR to take back what has been taken from them.

    So it's a double-edged sword.

    You might want to check the published list of exit nodes (TOR exit nodes are exposed and known by their very nature). It won't tell you whodunit, but it will tell you what level of sophistication your adversary has. Just a stupid script kiddie? Or a professional you can expect more trouble from...

    I run a TOR node myself.

    http://www.torproject.org/

    When the enemies of freedom get smarter than you, you lose.
    Last edited by ixtow; 12-22-2010 at 02:53 PM.

  9. #9
    Administrator John Pierce's Avatar
    Join Date
    May 2006
    Location
    Bristol, VA
    Posts
    1,735
    See this thread for an update on the anonymous proxy issue.

    http://forum.opencarry.org/forums/sh...93#post1427393

    John

    Quote Originally Posted by ixtow View Post
    Many forum moderators ban all TOR exit nodes. It does, however, also stifle free speech to ban TOR exit nodes. Many censored locales depend on TOR to take back what has been taken from them.

    So it's a double-edged sword.

    You might want to check the published list of exit nodes (TOR exit nodes are exposed and known by their very nature). It won't tell you whodunit, but it will tell you what level of sophistication your adversary has. Just a stupid script kiddie? Or a professional you can expect more trouble from...

    I run a TOR node myself.

    http://www.torproject.org/

    When the enemies of freedom get smarter than you, you lose.

  10. #10
    Regular Member
    Join Date
    Dec 2010
    Location
    California
    Posts
    8
    Is this why everytime I try to search I have to do a damn captcha?

  11. #11
    Banned
    Join Date
    Jan 2010
    Location
    Fairborn, Ohio, USA
    Posts
    13,063
    Quote Originally Posted by TopSnake View Post
    Is this why everytime I try to search I have to do a damn captcha?
    Yes. However, since the implementation of Captcha, the site has stabilized. There is little doubt that someone (or someones) were trying to sabotage the site. This is good work by the owners in heading these juvenile and destructive actions off.

    Those perpetrating them are thugs.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •