Month: March 1999

In response to the media hype about the…

Mon Mar 29 22:59:08 PST 1999 — In response to the media hype about the Melissa virus, we’ve put up filtering in place on our inbound mail server to detect and remove email containing the Melissa virus. While we were at it, we added protection for Happy99.exe as well. In the past 30 minutes, we’ve blocked two live copies of Happy99.exe, but haven’t seen nor heard about any incidents of Melissa. For more on Melissa, see the article at the following (really long) URL:

dailynews.yahoo.com/headlines/tc/story.html?s=v/nm/19990328/tc/internet_virus_2.html

CNN/IDG has reported a copy-cat virus called Papa which we’re also filtering for now. Boy, what a flood of nuisances. From CNN:

cnn.com/TECH/computing/9903/29/melissa.copycat.idg/index.html

This type of filtering protection is designed to prevent our customers from having problems due to use of the Internet, but we’d still recommend that users run virus checkers and keep their system software up to date.

We’ve also turned on filtering for two types of SPAM. See the newsgroup news:sonic.spam-can.d for a complete description of this filtering.

All of these filters apply today only to mail delivered to sonic.net addresses. If you use a domain name, these filters are not in place. We’ll be moving domain name email handling to add these features in a day or few. -Dane and Scott

After quite a few users reported error 650…

Mon Mar 29 21:49:52 PST 1999 — After quite a few users reported error 650 ‘unable to negotiate a compatible set of network protocols’ on our 522-1002 dialup, we have done a software update on equipment serving this group. The infamous Computone IntelliServer equipment had a new OS version available, and we took this as a sign it was time for a change. If we still have problems after the update, we’ll pursue it further with Computone. The upgrade and reboot was done during prime time due to current and ongoing user problems with this error, so we unfortunately booted about 140 user connections. These users had to reconnect – sorry about that! -Dane

We’ve run into capacity issues in our Santa…

Mon Mar 29 21:07:07 PST 1999 — We’ve run into capacity issues in our Santa Rosa 522-1001 through 1003 groups. Pacific Bell brought up two new circuits for a total of 46 new ports of capacity a week ago, but has had problems getting those lines actually configured and working. I’m following up with PacBell right now and making this a very high priority. We’re continuing expansion, with four new trunks (92 new ports) going online in four weeks, in addition to these two new trunks. -Dane

In preparation for this evening’s peak…

Mon Mar 15 16:28:33 PST 1999 — In preparation for this evening’s peak utilization period, we’ve been performing maintenance on the 1001 and 1002 hunt groups. (Checking port counts, rebooting modems, etc.) A few folks were disconnected during this maintenance; we apologize for the inconvenience. -Scott

The upgrade of our core Cisco router is…

Sun Mar 14 03:36:14 PST 1999 — The upgrade of our core Cisco router is complete. The new Cisco 7507 router gives us much more CPU power for computing routes, a backplane capable of four times as much bandwidth and a switching engine supporting many more packets per second. Additionally, this architecture supports new features and optimizations that we’ve been craving. The new larger chassis has more slots. The old 7010 unit was full. This enhanced core router also has redundant hot swap power supplies and fans.

Upgrade downtime was less than five minutes as we transitioned our interface processors from the old Cisco 7010 unit to the new 7507. -Dane and Scott

On Tuesday morning, Eli found a USR MP16i…

Wed Mar 10 00:05:52 PST 1999 — On Tuesday morning, Eli found a USR MP16i modem in our 522-1002 dial group in a fail state. This group serves overflow for our 522-1001 group during busy times. The modem failure meant that the unit was answering the line, but not giving a carrier. A reboot has fixed it, and we’re watching the unit for further trouble in the future. Hopefully this will clear up many of the troubles that users have had with the 1002 and 1001 dialup groups. -Dane

On Sunday, March 7th, at 1:15pm, an intruder…

Mon Mar 8 18:21:50 PST 1999 — On Sunday, March 7th, at 1:15pm, an intruder gained superuser privileges on our shell server, Bolt.sonic.net. The intruder left a ‘backdoor’ program and a ‘sniffer’ program running. These were detected and shut down at 8:50pm.

Additionally, we’ve discovered (and closed) the security hole that was apparently used for the attack. We are continuing investigation to ensure that there are no other security holes that have escaped our notice.

Any users who’s passwords may have been compromised have been notified via email. Users who were using SSH or who were dialing up directly to the shell server were not compromised, only users who use telnet. For further discussions, please see the newsgroup news:sonic.net -Dane

Our first Lucent Portmaster serving the west…

Tue Mar 2 10:49:15 PST 1999 — Our first Lucent Portmaster serving the west county 823 and 887 numbers had trouble. It was failing to accept user logins. We’ve rebooted it, and have opened a ticket with the manufacturer to see if they have any diagnosis ideas. Sorry about the trouble logging in! -Dane