Blog - Page 91

This is a test of the new photoblog feature of my website... as you can see it worked!

So I just added a cool feature to my website. If I send a photo email from my cellphone to a certain email address with the correct username and password (just for photo blogging) it will be posted to my photo blog archive and into my main blog. The next message on here will be a test from my phone! The image is actually one my mom took and sent me.

I have updated my website to now support iCalendar import and export. This means that you can upload a calendar that you export from nearly any organizer application and you can subscribe to a calendar with the same application. It doesn't currently support recurring events, but it will eventually. Here is a link to my calendar, and here is where you can add my calendar to your organizer program (like iCal, Outlook, Lotus Notes, etc).

Here are some Cool Places in Southern California that I found on HowStuffWorks. I plan on checking out most of them throughout 2005... I will post pictures.:

The other day when I posted my old pictures from One Wilshire I did a bit of research and found out some interesting facts. One Wilshire is owned and managed by the Carlyle Group, which is everyone's favorite Bush Family mega-corp which makes billions from the war on terrorism. I wonder why they would want the most expensive real estate in North America, which happens to be the name of a really cool art / architecture exhibit. Here is a excerpt from the study:

One Wilshire is the meet-me room for over 240 of big players in the telecom industry. Everyone who is anyone is located there and they all interconnect for free as they are in the same big room.

I also found some neat stuff like the Tenant Handbook and an Elevator / Card Key request form.

A few years ago I got a tour of One Wilshire in Downtown Los Angeles where I took some cool pictures. Some of them were also at Pajo Networks which is now called Tier Zero. I host my servers with Tier Zero. Here is the gallery

I took this a couple of years ago in front of a 7/11 on Sunset in Hollywood. He looks really excited as you can tell. I'm sure he really enjoyed big annoying tourists wanting to take a picture with him.

So I've been working on a few thing over the last few days and I have finished them for the most part. I have changed all the code on my site to be XHTML compliant and everything should now validate... you can test for yourself with the links at the bottom of the page. I also finished importing about 20,000 images from my old junglescene photo albums. All of the archive pages should be generated in the next few hours... feel free to look through them. I have also changed the CSS code for the image pages so now you can see more than one column at a time (note that this works in everything except Mac IE). I still have about 2000 of the new images from junglescene to import and then I have to import all my old articles and journal entries. Finally I will be creating a page where I can easily edit a whole groups' captions... when that is done I will go through and label all the thousands of unlabeled photos.

Joy!

A few days after Christmas I received an email from an upset University server admin who thought my servers were attacking his servers through email. What was actually happening was that a spammer was sending email using random fake address at his server's domain name which I will call anonymous.edu. It wouldn't have been a problem if the server was correctly responding with 550 errors which mean Permanent Failure, but the servers were sending 450 which are Temporary errors, so all the servers that were trying to deliver the bounces, kept trying.

So here is the first email I received from [email protected]:

From: [email protected]
 Subject: Hosts from your domain are attacking our server
 Date: December 28, 2004 2:19:23 PM PST
 To: [a bunch of my email address]


Network/Security Administrator,


I'm sending you this mail because one or more IP addresses in your domain
are currently attacking our electronic mail server with a denial of service
attack consisting of multiple, rapid attempts to send mail to randomly
generated, non-existent email addresses.


Please take action with regard to the below hosts immediately to stop this
worm or virus. This attack may be reported to the U.S Federal Bureau of
Investigation for criminal prosecution. These hosts may also have been
blacklisted from sending mail to our server.


64.239.136.142 (www.eecue.com)

To which I responded:

From: eecue AT eecue.com
 Subject: Re: Hosts from your domain are attacking our server
 Date: December 28, 2004 2:32:16 PM PST
 To: [email protected]


Hi you will notice those emails are not actually coming from my server.


The spammers are using my domain as their From: address.


Is this email for real?


-Dave

My guess was close, but I had it backwards...

After getting three more of those emails they sent me this:

From: [email protected]
 Subject: Hosts from your domain are attacking our server
 Date: December 28, 2004 2:59:32 PM PST
 To: [a bunch of my email addresses]


Excuse me if this email is a duplicate. I forgot to list the IP address
of the victim of this attack. It is: atlantis.anonymous.net (192.168.139.69)
Also, I can be contacted at: [email protected]


I'm sending you this mail because one or more IP addresses in your domain
are currently participating in a distributed denial of service attack
consisting of multiple attempts to send mail to randomly generated,
non-existent email addresses at our site.


Please take action with regard to the below hosts immediately to stop this
worm or virus. These hosts may also have been blacklisted from sending
mail to our server. They can be re-enabled once the DDoS attack subsides.


64.239.136.142 (www.eecue.com)

To which I responded this:

From: eecue AT eecue.com
 Subject: Re: Hosts from your domain are attacking our server
 Date: December 28, 2004 3:01:28 PM PST
 To: [email protected]


Hello,


Please send me the full email in question including the headers
so I can track down who is sending said email.


Thanks


-Dave

I didn't hear back about it until today when I received this email:

From: anon\[email protected]
 Subject: Re: Hosts from your domain are attacking our server
 Date: January 3, 2005 12:42:57 AM PST
 To: eecue AT eecue.com


It was for real, but was the result of a mis-diagnosis of the problem...


Things have returned to normal, there is no need to do anything on your
side. Our domain was the subject of a massive spam forgery ("Joe Job")
with randomly generated reply-to fields @anonymous.edu. This occurred for over
14,000 domains, and our mail server was sending a 450 temporary error.


Basically we told 14,000 sites to keep trying to deliver bounce messages
back to us, with no valid local recipient, at whatever rate they did queue
flushes. Making it look very much to us like a Distributed Denial of
Service Attack. When really this whole thing would have been only briefly
painful if we had changed the failure notice to a permanent failure,
causing those 14000 servers to trash those invalid messages.


It was not apparent to us what was happening (since we never received any
of the bounces) until someone said, "Hey you know this bounce says that you
are replying with a 450 temporary failure..." It has now been changed to a
550 (permanent failure) response.


Thanks again for looking into this!

Well that was nice of them to fix everything.

From: eecue AT eecue.com
 Subject: Re: Hosts from your domain are attacking our server
 Date: January 3, 2005 7:17:39 PM PST
 To: anon\[email protected]


Glad you worked everything out.


I thought it was somewhat humorous, so I posted about it on my website:


http://eecue.com/


I changed the names to protect the innocent.


-Dave


....
A. David Bullock
eecue : programmer / designer / admin / human
http://eecue.com/ -
anything is possible

I want to wish everyone a safe, happy and prosperous new year. I also want everyone to take a few minutes from their day and a few dollars from their bank accounts and help out with Tsunami Relief. Click the link in the article below to find charities to donate to. Thanks!