Cannot Access Site Without Proxy

Obsolete, fixed, and incorrect bug requests and problems. Browse here before posting a new topic, to avoid duplicates.
Locked
User avatar
Tamuz
Tamuz
Mafia Scum
User avatar
User avatar
Tamuz
Mafia Scum
Mafia Scum
Posts: 2807
Joined: March 20, 2005
Location: Seattle, Washington State

Cannot Access Site Without Proxy

Post Post #0 (ISO) » Wed Jun 26, 2013 8:44 pm

Post by Tamuz »

So after the downtime (~June 23) I haven't been able to get on mafiascum.net, the forums or the wiki.

After getting 3 emails with prods today I tried using proxies to get on... and can, but I still can't get onto the site without a proxies.

No specific error messages, just can't connect. Using ping:

Code: Select all


Pinging mafiascum.net [8.17.5.8] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 8.17.5.8:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),


any idea whats up or things to try to diagnose? Having to proxy should not be happening :S

TIA
Tamuz is the expression of the alienated, of the ambitious, of the dispossessed.
User avatar
Mr. Flay
Mr. Flay
Metatron
User avatar
User avatar
Mr. Flay
Metatron
Metatron
Posts: 24969
Joined: March 12, 2004
Location: Gormenghast
Contact:

Post Post #1 (ISO) » Thu Jun 27, 2013 4:35 am

Post by Mr. Flay »

Your ip may have been caught in the net of DoS mitigation. This is a server-level block if so, hohum will have to be the one to reset it.
Retired as of October 2014.
User avatar
hohum
hohum
Uncle Potbear
User avatar
User avatar
hohum
Uncle Potbear
Uncle Potbear
Posts: 4192
Joined: July 22, 2008
Location: Shenandoah Valley
Contact:

Post Post #2 (ISO) » Thu Jun 27, 2013 6:10 am

Post by hohum »

PM me your IP address and I'll remove it.
User avatar
Ghostlin
Ghostlin
Mafia Scum
User avatar
User avatar
Ghostlin
Mafia Scum
Mafia Scum
Posts: 4768
Joined: March 21, 2008

Post Post #3 (ISO) » Tue Jul 02, 2013 5:36 am

Post by Ghostlin »

I am also experiencing this problem. I can access it from my college but NOT my home network at all. I'm also unable to PM except from the college servers (which IP I'm not having trouble with.) If you can send a email to solnac@gmail.com or give me a good proxy, I can get you the IP to unblock.
"You live for the fight when it's all that you've got."--Bon Jovi, Living on a Prayer
User avatar
hohum
hohum
Uncle Potbear
User avatar
User avatar
hohum
Uncle Potbear
Uncle Potbear
Posts: 4192
Joined: July 22, 2008
Location: Shenandoah Valley
Contact:

Post Post #4 (ISO) » Tue Jul 02, 2013 6:46 am

Post by hohum »

lulz.

We're no longer filtering traffic so there's something else going on here.

Can you paste the output of a traceroute (tracert in cmd prompt) to 8.17.5.13 please?

Thanks.
User avatar
Ghostlin
Ghostlin
Mafia Scum
User avatar
User avatar
Ghostlin
Mafia Scum
Mafia Scum
Posts: 4768
Joined: March 21, 2008

Post Post #5 (ISO) » Tue Jul 02, 2013 8:52 am

Post by Ghostlin »

1 3 ms 2 ms 1 ms 192.168.0.1
2 20 ms 23 ms 24 ms boid-dsl-gw15.boid.qwest.net [184.99.64.15]
3 22 ms 22 ms 21 ms boid-agw1.inet.qwest.net [184.99.65.113]
4 34 ms 34 ms 34 ms sea-brdr-02.inet.qwest.net [67.14.41.18]
5 * 34 ms 36 ms ae14.edge2.Seattle1.Level3.net [4.68.62.189]
6 98 ms 100 ms 101 ms ae-32-52.ebr2.Seattle1.Level3.net [4.69.147.182]

7 96 ms 96 ms 113 ms ae-2-2.ebr2.Denver1.Level3.net [4.69.132.54]
8 106 ms 97 ms 96 ms ae-1-100.ebr1.Denver1.Level3.net [4.69.151.181]

9 96 ms 96 ms 98 ms ae-2-2.ebr2.Dallas1.Level3.net [4.69.132.106]
10 98 ms 98 ms 97 ms ae-72-72.csw2.Dallas1.Level3.net [4.69.151.141]

11 97 ms 96 ms 120 ms ae-71-71.ebr1.Dallas1.Level3.net [4.69.151.138]

12 101 ms 98 ms 98 ms ae-2-2.ebr1.Miami1.Level3.net [4.69.140.134]
13 98 ms 96 ms 99 ms ae-14-51.car4.Miami1.Level3.net [4.69.138.69]
14 * * * Request timed out.
15 * * * Request timed out.
16 * * * Request timed out.
17 * * * Request timed out.
18 * * * Request timed out.
19 * * * Request timed out.
...and that continues for the remaining 11 hops. I managed to find a proxy, but I'd like that not to be a permanent solution.
"You live for the fight when it's all that you've got."--Bon Jovi, Living on a Prayer
User avatar
Tamuz
Tamuz
Mafia Scum
User avatar
User avatar
Tamuz
Mafia Scum
Mafia Scum
Posts: 2807
Joined: March 20, 2005
Location: Seattle, Washington State

Post Post #6 (ISO) » Tue Jul 02, 2013 10:42 am

Post by Tamuz »

I'm also still unable too, lol.

PM'ing you my IP and tracerout.

Even just opening the url not from a browser fails.
Tamuz is the expression of the alienated, of the ambitious, of the dispossessed.
User avatar
hohum
hohum
Uncle Potbear
User avatar
User avatar
hohum
Uncle Potbear
Uncle Potbear
Posts: 4192
Joined: July 22, 2008
Location: Shenandoah Valley
Contact:

Post Post #7 (ISO) » Tue Jul 02, 2013 9:41 pm

Post by hohum »

Fixed.
User avatar
Tamuz
Tamuz
Mafia Scum
User avatar
User avatar
Tamuz
Mafia Scum
Mafia Scum
Posts: 2807
Joined: March 20, 2005
Location: Seattle, Washington State

Post Post #8 (ISO) » Thu Jul 04, 2013 9:09 am

Post by Tamuz »

Thanks hohum!

Out of curiosity what was the issue?
Tamuz is the expression of the alienated, of the ambitious, of the dispossessed.
User avatar
hohum
hohum
Uncle Potbear
User avatar
User avatar
hohum
Uncle Potbear
Uncle Potbear
Posts: 4192
Joined: July 22, 2008
Location: Shenandoah Valley
Contact:

Post Post #9 (ISO) » Fri Jul 05, 2013 12:29 am

Post by hohum »

In post 8, Tamuz wrote:Out of curiosity what was the issue?
Highly technical explanation inbound.

As is the case with Denial of Services attacks, you can't really stop the traffic from coming down the pipe -- and it's rather trivial these days to generate attacks in excess of 10Gbit/sec.

But most transit providers have a mechanism for blackholing traffic destined to your own IP addresses. It works by allowing you to announce /32s (single IP addresses) using a specific BGP community tag. Routes announced with that specific tag are then filtered at the provider's edge instead of yours. You're basically telling your upstream providers not to route you traffic destined for a particular IP address.

It's a last ditch effort in the world of DDoS mitigation. It effectively shuts down a single service on your network to allow other service to continue to function.

At some point during the 24 hours that we were seeing the traffic we blackholed the web server. Not necessarily because we were receiving too much traffic -- but because it looked as if the attacker was exploiting extremely specific vulnerabilities in PHPBB to shut the service down.

There were also problems with the consistency of the data loaded on the server. Things were no longer being indexed correctly. So there's no way to tell for sure if it was coincidence or a targeted attack vector.

When we figured out that rolling the database back was going to fix the problem we immediately switched to more progressive (and automated) filtering techniques and dropped the BGP blackhole announcements. But we forgot to drop the advertisement to Level3. Anyone who has an ISP that uses Level3 as its best path to Mafiascum was affected.
User avatar
Tamuz
Tamuz
Mafia Scum
User avatar
User avatar
Tamuz
Mafia Scum
Mafia Scum
Posts: 2807
Joined: March 20, 2005
Location: Seattle, Washington State

Post Post #10 (ISO) » Sat Jul 06, 2013 6:52 pm

Post by Tamuz »

Mostly makes sense :P

Thanks Hohum
Tamuz is the expression of the alienated, of the ambitious, of the dispossessed.
Locked

Return to “Solved Requests”