Out of band contact?

  • 4 Replies
  • 164 Views

0 Members and 1 Guest are viewing this topic.

Offline pauldelbrot

  • *
  • 3f
  • ******
  • Posts: 1521
« on: October 23, 2019, 09:33:57 AM »
What is the best way to contact this site's admins out of band? I.e., not relying on the site itself. The Twitter linked in the page header has been inactive since January and nobody seems to be listening at the linked Facebook page.

This would be useful if there are any future incidents like tonight's hack-and-vandalism in which some miscreant was able to blank every page at the site, and it was over an hour before an admin realized there was a problem and restored a backup.

Linkback: https://fractalforums.org/discuss-fractalforums/5/out-of-band-contact/3151/

Offline 3DickUlus

  • *
  • 3f
  • ******
  • Posts: 1406
    • Digilantism
« Reply #1 on: October 24, 2019, 02:02:11 AM »
What is the best way to contact this site's admins out of band? I.e., not relying on the site itself. The Twitter linked in the page header has been inactive since January and nobody seems to be listening at the linked Facebook page.

There is no "out of band" contact afaik. I don't do Twitter or Facebook, just not my thing :-\ they are evil. >:D

This would be useful if there are any future incidents like tonight's hack-and-vandalism in which some miscreant was able to blank every page at the site, and it was over an hour before an admin realized there was a problem and restored a backup.

Please PM me, the time(s)/date(s) of these incidents and any information that you may have to corroborate the event(s), like which admin told you there was a restoration from backup ?
to my knowledge there has been no such hack, vandalism or restoration from backup.
Fragmentarium is not a toy, it is a very versatile tool that can be used to make toys ;)

https://en.wikibooks.org/wiki/Fractals/fragmentarium

Offline pauldelbrot

  • *
  • 3f
  • ******
  • Posts: 1521
« Reply #2 on: October 24, 2019, 03:33:56 AM »
There is no "out of band" contact afaik. I don't do Twitter or Facebook, just not my thing :-\ they are evil. >:D

Then how do we report problems, in the event that those problems prevent posting here or PMing you?

Quote
Please PM me, the time(s)/date(s) of these incidents and any information that you may have to corroborate the event(s), like which admin told you there was a restoration from backup ?
to my knowledge there has been no such hack, vandalism or restoration from backup.

I don't actually know. What I do know is that late last night someone blanked every page at this site, and that a few hours later there was a brief interval when trying to load a page here produced an error message after which things were back to normal. The logical supposition is that there was an act of vandalism that caused the blank pages, and that the brief interval of error messages before normal operations was a downtime to undo that vandalism. As for which admin found and fixed the problem, if it wasn't you it was probably either Caleidoscope or Fraktalist.

More disturbing is that you three don't coordinate enough for you to even know what happened until you saw my post here. I am wondering if any measures have been taken to identify the hole that was used by the miscreant, let alone to plug it so that last night's incident doesn't happen again. (But most likely it was an SQL injection vuln and some griefer used it to do a bunch of DROP TABLEs, given the observed symptoms and fast recovery once action was taken to begin recovery. If the DB supports journaling and rollback abilities for the last few transactions that was fixable without even reaching for the backup tape safe. The behavior observed during the short error message interval was consistent with the DB having been taken offline briefly to perform the restoration.)

Offline 3DickUlus

  • *
  • 3f
  • ******
  • Posts: 1406
    • Digilantism
« Reply #3 on: October 24, 2019, 04:04:37 AM »
hosting provider doing some routine maintenance? your provider doing some routine maintenance?
the "logical supposition" is at best a wild guess ie: no real evidence  :-X
if one of the admins didn't tell you that there had been a restoration from backup then I'm afraid that too is entirely speculation  :-\

yesterday there were a number of attempts to create bogus accounts blocked and some requests for things that don't exist, harmless, but the immediate indications based on the site logs is nothing out of the ordinary.

however, we don't take complaints of this nature lightly so I am reviewing the server logs this evening and if there is anything "funny" looking you can be assured that we will deal with it to the best of our abilities.

in the mean time I suggest you defrag your hardrive and run a deep scan with your virus checker just in case something actually may have been going on.

I'll let you know if I find anything  :thumbs:

Offline Fraktalist

  • *
  • Administrator
  • *******
  • Strange Attractor
  • Posts: 1148
« Reply #4 on: October 26, 2019, 10:01:30 PM »
As for which admin found and fixed the problem, if it wasn't you it was probably either Caleidoscope or Fraktalist.

More disturbing is that you three don't coordinate enough for you to even know what happened until you saw my post here. I am wondering if any measures have been taken to identify the hole that was used by the miscreant, let alone to plug it so that last night's incident doesn't happen again.

okay, I'll do this just once now, and I will just link to this post in the future.

If a problem keeps happening only to you, then you are likely the cause.
In the last years we hardly had any serious problems. But we have ONE user who keeps pointing fingers at guilty or not guilty persons who mess with his site. (a recurring theme, that ckleinhuis already had a problem with 5+ years ago.

We coordinate well in general. NOTHING happened in the las chance, no one took action, because.. nothing happened..
Your problem appeared on it's own and disappeared without help from us.. There were no reports of any other users (hello? please post if you feel mentioned).
No other reports - as the last times you reported.
Actually, we specifically coordinate far more than "you personally deserve" - if I look at that empty page that lists donations that came from the member that uses up the most of ff hd server space.
Not that donations give anyone who reports problems priority.

We keep the site clean and running because ourselves like to use it and because no one else wants this job that is nothing but time consuming responsibilties, no benefits that I can think of.
We do this in our free time.
We owe nobody anything, no personal contact info, no guaranteed response time.
If the site is down for a few minutes, an hour or even a day - go play outside!
If we face an issue that is of any concern, we take care of it and we will tell you about it.
The reason you don't hear anything is because nothing serious is happening.

Which brings me to something positive:

Since 3d took over the security part I can tell you that the site is far more secure and safe than it ever was. It was extremely vulnerable at .com,  we improved a bit when we switched to .org but since 3d looks after things, security is actually taken care by someone who really knows what he's doing. I feel more safe than ever with him. So: Thanks 3d for taking such good care of us here!



Oh and anyone else reading this: Don't let this little  rant by me stop you from reporting actual bugs/problems!
Reporting is crucial! We might not be aware of new issues.
But: If someone who shall not be named shouts "the wolve is coming" too often without any wolves ever showing up, you start to ignore that one.


Sincerly, Fraktalist
« Last Edit: October 27, 2019, 01:44:33 AM by Fraktalist »


xx
Out of band method to contact admins?

Started by pauldelbrot on Forum Help And Support

6 Replies
303 Views
Last post September 04, 2018, 08:37:11 AM
by quaz0r