Stilly

Today was the great upgrade adventure.

The front page is nearly complete, and should work well on mobile and desktop. Most of the other skins will be done in this fashion to insure that everything remains comparable cross-platform. I'm still trying to figure out how to get the signatures to work once per page rather than per topic, but the database is very poorly documented, so I'm shooting blind on that one.

I will continue creating / recreating themes for each subforum in the coming days/weeks/whenever I have a chance. Like I said, it looks like much of the heavy lifting has been done there. I won't roll out a new skin until I'm sure it looks good. I've also created local copies of all the skins we had prior to the update, so I will stripmine those for images/color schemes/etc.

This will be fun, and is going well so far! Night everyone

 

Edit: Ok, so maybe not the color schemes. Regardless, I will do what I can to make them interesting.

I just like true mobile support 

More importantly, I brought the chatbox back to the frontpage

Got the main theme up and "modernized". Should be working well on desktops and mobile devices everywhere. Let me know if there are any issues.

I will try to start porting the other skins over to this type of theme soon. Some will be changed more than others, some will likely be completely different. We'll have to see on an individual basis. I'm trying to recreate things that others put together years ago, but it shouldn't be too painful!

13 minutes ago, The NZA said:

no arguments here! I miss our green skin, and logo and junk 

gonna browse the free ones at invision marketplace soon!

I'm working on hacking that one together, actually.

 

EDIT: Green is back (ish). At the bottom of each page, you can select the theme. TestFront is my sandbox if you wanna check it out

Ew, this is ugly.

As a side note, I would be wary of the ever so slightly less than honest Kodi addons. Kodi wasn't necessarily designed to be a streamers paradise, and certain groups are paying a lot of attention to those addons. That coupled with the fact that nearly anyone could write an addon...I don't know, my tinfoil hat is pinging on this one.

I'm ready to get started on my end. I'll make a backup of the current skins and such over the weekend, and start working on it a bit here and there. Progress will come quicker once I see exactly what I'm working with as far as the update is concerned!

spam-bot makers can sue for libel?

I doubt it would have any merit, but the big one from the last time we were hit has threatened people with legal action for daring to suggest that their botnet was a botnet. Just don't want to risk that.

At approximately 1:30 AM CST, I noticed that we had a large amount of guests on the boards at once. I quickly noticed that the majority of them were from the same IP range (which I will not disclose publicly*), and that they were, in fact, sequential IP addresses. This is a bad sign, as it means they are either:

1. Spam bots
   
2. Attackers
   

I blocked the entire IP range, and the number of guests dropped dramatically. I also copied the robots.txt file to what I believe is the appropriate folder, so hopefully that won't be an issue anymore.

 

I will continue to monitor for suspect IP address ranges, and will repeat the process in the future, if needed.

 

 

* Some people get litigious if you mention that they might be doing something bad. I'm sure mentioning their IP range explicitly might piss some bad people off.

Hey All,

 

I've been given admin powers again to try to help Nick with the transition over to the latest version of IPB. I will be using these newfound powers to try to upgrade / port over various skins / features if at all possible. I will also be trying to keep things working a bit better around here as far as the innards of the site goes.

 

This being said, unless it's a stupid minor change here or there (which I'm notorious for), I will try to keep a log of everything that has gone on, and my various actions taken.

 

For starters, I have been given access to an FTP account, and I have already used it to make a small change to the site (which I will detail in my next post, which will follow immediately after this one).

 

Anyway, I hope to be of some use.

-S

Nah, Spawn had the Filter/TCM crossover (Can't You) Trip Like I Do?

 

Looks like it would still be an awesome vinyl to have, though.

Side A:

- Nowhere to Run (Vapor Trail) - DMX vs. TCM

- Vapor Trail - Demo? Or the Nowhere to Run remix instrumental?

 

Side B:

- I Think I'm Crystallized (Extended) - Garbage vs. TCM

- Ten Miles Back - From Tweekend, seems like a demo version.

 

Closest Discogs link I could find, but those are numbered and I just noticed that side B has the tracks reversed on mine. I'll do a double post and drop some pictures in a minute.

https://www.discogs..../release/130906

Just picked up a completely unlabeled LP with 4 (unreleased / demo) songs by The Crystal Method. From what little I've been able to find online, it looks like there were <1000 pressed and I'm basically crapping myself about it. Just had to share.

Yeah, people are charging between $15-$30 per skin which is stupid if you've got anyone on the board that has the slightest inkling of what they're doing.

 

Should be able to have everything ported over "fairly quickly" (school and work schedule allowing, I'll still try to bash everything out quick-ish), but then I'll begin trying to somewhat modernize a few of them.

 

I assure you, this won't be HondosInc all over again. Totally promise that.

 

Edit: Totally. For reals.

This issue isn't because of me logging in from my job, is it? Web security is kind of insane here.

Nah, that shouldn't have anything to do with it. You'd likely be accessing the site via HTTPS in that case, but there were only a relative few requests. You're good.

Ok, here are my official findings on the issue. I'm not sure if this is what caused the downtime earlier this year, but I suspect this is the culprit. Also, I will not be naming any names or companies for reasons that will become clear momentarily.

 

 

The Problem:

 

Upon examining the logs, it appears that Hondo's is being overrun with bots. For the most part, these seem to be your run-of-the-mill web crawlers that do little more than index various pages in a site for use in search engines. There are several types of these:

• The bots that index several pages per second and scurry off to other parts of the internet to do their thing. They return from time to time, but don't really use much as far as resources go.
  
• The bots that index several thousand pages per second, take a break, and may or may not come back again. These use up a fair bit of resources but they don't hit things multiple times, generally speaking.
  
• The bots that index hundreds of thousands of pages per second, use scripts, drain resources, and potentially make backups of everything. These are the strip miners of the internet.
  

Without writing a program to parse everything out, and because the logs are so long (the log for June, when unzipped, is 190 megabytes in size and contains 716,081 records), I was basically looking for records that stood out. I was able to identify approximately 7-9 bots that accounted for approximately 10.13% of all GET calls to the server (for those who don't know, basically your computer tells the server to GET a file for you, and the server sends it to you). These bots were of the first two varieties from the list above.

 

I reported this to Nick, and we began discussing what to do.

 

As we were discussing, I was absentmindedly scrolling through the records, just in case there were any more bots that I had yet to find. Lo and behold, I came across one that made a lot of calls (thousands) in a matter of seconds. Of the 716,081 records, this bot was responsible for 195,322 or 27.28% of all traffic. Upon further investigation, this web crawler may actually be part of a malicious botnet. I will not speculate on the motivations for targeting this site, when it may, in fact, be random.

 

Upon even further investigation, the company behind the crawler has pursued legal action against various groups for mentioning the malicious botnet, so I'm not bringing that up.

 

It should be noted that this bot acted different from other bots, which leads me to believe that this was the problem. This bot would actually use various scripts that are part of the code of the forum. For instance, the bot(s) would visit specific posts and then share them as a blog post several thousand times a second. As far as I know (and I might be wrong), this functionality is unused as part of Hondo's everyday operations. This bot, from what I was able to find online, targets IPB forums for various reasons.

 

The Current Solution

 

Theoretically, every site on the internet has a little file called robots.txt that has instructions for the bots that visit aforementioned page. This is generally set up by the webmaster, but sometimes the hosting company has one for all sites on their servers. The file can basically tell bots not to visit certain folders, or which bots can visit certain areas, etc.

 

From all appearances, this did not exist on the domain, nor did it appear that the hosting company has server-wide policies. This is not the norm, but it is far from being uncommon. It's easy to forget, or not even know about.

 

A robots.txt file has been created, and a blanket ban on all crawlers / bots has been implemented. Again, this is not an uncommon thing to do. From what I can tell, there's very little benefit (if any) for this site to be crawled by untold bots.

 

This being said, bots do not have to obey robots.txt, which is why other measures will be implemented if necessary.

 

 

The Future

 

In the event that the new robots.txt file fails to block a potentially malicious botnet / bot, I will curate a list of known bot IP addresses from the logs. This would likely be done automatically via a program that I'll write. It's parsing information, not a huge pain. This list would then be used to implement IP bans at the domain level.

 

In the event that this wasn't the problem to begin with, I'll likely start over and try to figure out what else might be going wrong. That being said, I'm pretty sure that 37% of all traffic being bots and 27% of all being "bad" bots probably did it.

 

I also currently recommend that the IPB software be upgraded to the latest version and kept at the latest version at all times. I understand that this may not be possible due to $$$, but it's usually a good idea. The older a piece of software gets, the more well-known any exploits will become. I'm not saying that another attack is more probable, but it is certainly more possible the further the board gets from the current version.

 

 

So that's my tear-down on what I think has been going on and what I've done to try to stop it. I may or may not be around, but if anyone needs me, Nick knows how to get to me. Thank you, and good night!

 

 

Edit: Also, here's the data from my tear-down. Names will be censored:

• Total Records: 716,081
  
• M*********: 25,852 records
  
• B*********: 16,738 records
  
• B*********: 10,661 records
  
• Y*********: 1,323 records
  
• O*********: 5,598 records
  
• A*********: 252 records
  
• N**********: 3 records
  
• S***********: 830 records
  
• S***********: 220 records
  
• S*********: 9,669 records
  
• M**********: 195,332 records
  

Built 6 of these kinds of things for a work friend over the holidays. An absolute joy once you get them to work. Hit me up if you run into any problems. I'm not always around but Nick knows how to get a hold of me.

 

Tips:

• RetroPie is a godsend. I would recommend using that as your OS as opposed to trying to installing that (or any other emulation environment) on top of another OS. You can launch right into it at boot this way.
  
• The Raspberry Pi 3 is powerful, but you're going to have some issues if you're trying to run a bunch of N64 games. A handful will work, but most are a pain in the ass.
  
• Once you get the roms moved over to the Pi, you might have to go game by game to get all the appropriate metadata (title, screenshots, etc). This is optional, and is a pain in the ass, but it brings the whole system together.
  
• Best tip: ALWAYS MAKE SURE YOU PROPERLY EJECT THE SD CARD. I've killed more than a couple cards on various RasPi projects just from yanking the damn thing out of the computer.
  

Best of luck!

This monstrosity and getting married are the two main reasons I haven't been around in forever and a day. Damn you Minecraft...damn you...

Plastic Beach.

 

Due out the 8th/9th of March.

 

Also...

 

PARRRRRTY THREAD!!!

I love Gorillaz and I can't wait for the 3rd album to come out in a couple months.

 

/now back into seclusion...

I'm still in love with the music from FFX. It's the only import OST I've ever gotten.

Right now I'm on Azuremyst (that look right?), with a level 15 night elf priest...because I wanted to, damn it.

Damn it, you guys got me.

 

I just upgraded and am also faced with a massive (MASSIVE) download.

 

Oh well, here goes nothing.