●● IRC: #boycottnovell @ FreeNode: Wednesday, April 14, 2021 ●● ● Apr 14 [07:37] schestowitz the cron job choked up last night for a bot being offline, so today's IRC stuff and IPFS has only just been generated on the pi ● Apr 14 [08:04] Techrights-sec ok I'll re-check [08:05] schestowitz eventually I need to amend the code for exceptions there the IRC bots are absent [08:59] schestowitz x https://www.nytimes.com/2021/04/13/technology/racist-computer-engineering-terms-ietf.html [08:59] -TechrightsBN/#boycottnovell-www.nytimes.com | Racist Computer Engineering Words: Master, Slave and the Fight Over Offensive Terms - The New York Times [08:59] schestowitz # trolls still trolling [08:59] schestowitz = [08:59] schestowitz x https://itwire.com/deals/medlab-selects-microsoft-dynamics-remote-assist-for-pandemic-lab-work.html [08:59] schestowitz = [08:59] -TechrightsBN/#boycottnovell-itwire.com | iTWire - Medlab selects Microsoft Dynamics remote assist for pandemic lab work [08:59] schestowitz x https://people.gnome.org/~michael/blog/2021-04-12-excommunicating.html [08:59] -TechrightsBN/#boycottnovell-people.gnome.org | Stuff Michael Meeks is doing [08:59] schestowitz = [08:59] schestowitz x https://thehill.com/policy/cybersecurity/548032-federal-government-urges-groups-to-patch-systems-after-discovery-of-new [08:59] -TechrightsBN/#boycottnovell-thehill.com | Federal agencies urge groups to patch systems over new Microsoft vulnerabilities | TheHill [08:59] schestowitz # s/patch/remove/g; ● Apr 14 [11:43] schestowitz attacks back at high capacity ● Apr 14 [12:21] *TechrightsBN has quit (Ping timeout: 268 seconds) ● Apr 14 [14:49] *TechrightsBN (~b0t@techrights.org) has joined #boycottnovell [14:49] TechrightsBN Hello World! I'm TechrightsBN running phIRCe v0.75 ● Apr 14 [16:55] Techrights-sec I can't even log in [16:55] Techrights-sec TR, TM, and even HV are all inaccessible [16:55] Techrights-sec vi SSH [16:55] Techrights-sec via SSH [16:55] Techrights-sec $ ping -n -c 3 techrights.org [16:55] Techrights-sec PING techrights.org (23.161.112.116) 56(84) bytes of data. [16:55] Techrights-sec --- techrights.org ping statistics --- [16:55] Techrights-sec 3 packets transmitted, 0 received, 100% packet loss, time 2043ms [16:55] Techrights-sec $ ping -c 3 -n 23.161.112.114 [16:55] Techrights-sec PING 23.161.112.114 (23.161.112.114) 56(84) bytes of data. [16:55] Techrights-sec --- 23.161.112.114 ping statistics --- [16:55] Techrights-sec 3 packets transmitted, 0 received, 100% packet loss, time 2034ms [16:55] Techrights-sec traceroute does not reach anything either. Somethine else is going on, IMO [16:55] Techrights-sec ssh: connect to host 23.161.112.114 port 22: Connection timed out [16:55] Techrights-sec for what it's worth I have recent backup copies of the dbs from 0345 UTC approx [16:55] Techrights-sec ? [16:55] Techrights-sec things have been back about 20 minutes? [16:55] Techrights-sec outge was from 11:15 or a little earlier? [16:55] Techrights-sec TR is bogged down with 'php-fpm: pool www' [16:59] Techrights-sec netstat, lsof, tcpdump, fstat are all absent from the toolkit :( [16:59] Techrights-sec two bots are crawling the site it seems [16:59] schestowitz just got back [16:59] schestowitz can't see buffer above "I can't even log in" ● Apr 14 [17:04] schestowitz I will type in a hurry [17:04] schestowitz also typed some crap into terminak [17:04] schestowitz glad I did not miss much in the buffer [17:05] schestowitz irc has more info [17:05] schestowitz noticed downltime in gym [17:05] schestowitz seems like hv went down [17:05] schestowitz when it came back online the ddos defence was not running, so tm seems to be the culprit for the load, now running in tmux [17:08] Techrights-sec there wasn't much, if anything, above that line [17:08] Techrights-sec Yes, TR, TM, and HV were all unavailable via SSH [17:08] Techrights-sec and ping [17:08] Techrights-sec and traceroute [17:09] schestowitz I have tons to catch up with now... this whole back to gym thing is hectic [17:16] schestowitz seems to be the nature of reqs to tuxmachines rather than quantity [17:26] schestowitz still investigating, but I am pretty sure HV downtime isn't related to the attacks in any way [17:31] schestowitz I have better grasp of things now [17:31] schestowitz seems the sole culprit is TM [17:31] schestowitz but the HV downtime may have emboldened the attacker [17:32] schestowitz I think I can get it under control with some more investigation [17:40] Techrights-sec how can HV be restarted if it is unavailable via SSH? [17:40] schestowitz we don't have that access level [17:41] schestowitz BTW, THANK YOU SO MUCH for looking into it. We're just trying to buy all the things we've long needed to buy. So unfortunately this mess happened today [17:42] Techrights-sec ok [17:42] Techrights-sec np but I wan't able to change anyting for the better (or at all) [17:42] schestowitz it helps to know there's at least another person with access while we're out. I think I'll get it under control soonish, I also try to post in TM to signal we're OK ● Apr 14 [18:33] Techrights-sec https://nitter.cc/h_ckrh_rt/status/1382326092908924928#m [18:33] -TechrightsBN/#boycottnovell-nitter.cc | BLVCK 9INE (@h_ckrh_rt): "GNU not Linux began way beyond:It was to include a kernel, utilities and everything else. Wonder why @fedora won't include GNU in their upcoming title. #freesoftware is not #opensource nor #ethicalsource WTF!!! is "ethic..."!!! http://techrights.org/2021/04/13/gnu-operating-system-genesis/" | nitter [18:34] schestowitz seems to be calming down now, I also have a separate session to monitor things in the main laptop for now... let's hope the storm is all behind now [18:35] schestowitz I need more focus for articles, videos etc. but safety and uptime come first so when it all settles I'll do posts. As for OS upgrades, depends on mood of kaniini (having a hard time these days)