Year: 2002

Thu Mar 14 20:13:35 PST 2002 — Covad reports: Some services out of Santa Rosa, CA (SNRSCA01-SL1) CO are down. Covad tx tech dispatched. If you have a Covad circuit with Sonic.net that is affected by this, please let us know and we’ll keep on top of the repair. -Dane

Thu Mar 14 19:37:12 PST 2002 — We’ve found and fixed incorrect permissions settings on a large number of user’s FTP incoming directories. Setting permissions of read/write/execute on these directories allows pirates to dump stolen software into the directory to be downloaded by others, and is generally a bad thing.

Please set permissions for incoming directories to write/execute only for group and other, eg drwx-wx-wx, or mode 0733. This allows people to upload into the directory so that they can submit files to you, but not to list the contents or download from the directory. 130 directory permissions were fixed. -Dane

Wed Mar 13 11:17:32 PST 2002 — Emergency maintenance on our 707-522-1002 dialup pool today by PacBell. This was scheduled to be done tonight but PacBell has informed me that they need to do it this afternoon. If you normally dial our 1002 dialup pool, this will cause a 15 to 20 minute outage at 1:00pm today. The 1002 pool should be back up by 1:20pm We apologize for the short notice on this. Thank you. -Steve

Wed Mar 13 16:43:28 PST 2002 — We just completed deploying a new Linux kernel on all of our mail servers. The new kernel fixes a small build error that was preventing all of the RAM on our servers with 1GB of RAM and more from being fully utilized.

This morning we also corrected another small build error with our name servers that prevented Bind 9.2.0 from properly multi-threading. The new properly threaded build isn’t faster than the single-threaded build but better utilizes both CPUs in each server, as well as maintaining responsiveness during cache and zone maintenance. -Kelsey and Nathan

Tue Mar 12 12:53:43 PST 2002 — We have corrected a small bug in our POP-B4-SMTP authentication system that caused occasional failures for mailbox customers sending mail through our SMTP servers from off-site. -Russ and Nathan

Tue Mar 12 11:34:14 PST 2002 — Sundry Upgrades: We have been working hard on a series of key upgrades to improve the performance of our network and servers over the past few months. Due to our use of server load balancing, none of these upgrades caused any interruption of services to our customers.

We are in the process of replacing our slower mail servers with dual 1Ghz PIII’s and have already replaced two of the six, and have plans to upgrade two more shortly. The new servers are many times faster than the old ones, and can handle more intensive and intelligent spam and anti-virus filtering as well as providing better responsiveness to our customers while sending and receiving mail.

We have replaced marine.sonic.net, our old out-bound qmail server, with a group of faster load balanced qmail servers. This upgrade increases the speed at which we can deliver mail destined for other networks and gives us redundancy where we used to have a single point of failure.

We are in the process of adding SPOP (or POP3S) support to our POP3 server. This protocol encrypts POP3 traffic with the same type of key used to secure SSL/HTTPS web sites and allows for users to securely connect to our POP3 server from insecure networks. SPOP is supported by most of the common mail clients for Windows, Mac and Unix. Clients which do not support SPOP directly can use a helper application to connect via SPOP.

We also upgraded our three main DNS servers. First we upgraded their hardware so they are now all dual PIII’s with 1GB of RAM and then recently upgraded the name server software – Bind – to version 9.2.0. Our name servers are blazingly fast now and Bind 9.2.0 is proving to be less problematic for us than Bind 9.1.3. -Kelsey and Nathan

Mon Mar 11 14:15:48 PST 2002 — Server pool upgraded to use SYN cookies. Both our mail servers and web servers have been upgraded to resist a kind of attack called “SYN floods.” This is an attack where the attacker tries to open hundreds, if not thousands, of connections to our servers, which can result in denial of service. Following some anti-spam actions, we have seen an increase in these types of attacks on our web servers — apparently, we’ve ticked off some spammers who are now trying to “make us pay.” They will not succeed. -Kelsey, Nathan, and Scott

Fri Mar 8 14:59:37 PST 2002 — We found a routing error which affected the 522-1001 modem pool. The error was corrected and all is working well now. Thanks -Steve

Thu Mar 7 16:47:03 PST 2002 — This morning we put filtering in place for the W32.Gibe@mm Internet worm and removed more than 100 copies of it from our users’ mail spools. This new worm poses as a security report direct from Microsoft with the subject ‘Internet Security Update’ and contains the body:

Microsoft Customer, this is the latest version of security update, the update which eliminates all known security vulnerabilities affecting Internet Explorer and MS Outlook/Express as well as six new vulnerabilities

For more information on this new Trojan worm please see securityresponse.symantec.com/avcenter/venc/data/w32.gibe@mm.html As always, the Sonic.net staff urges all of our customers to install and run anti-virus software and to be cautious of any unexpected email containing attachments. -Kelsey, Russ and Dane

Wed Mar 6 16:56:53 PST 2002 — Web Server Updates: We’ve just completed an update to the latest versions of Apache and PHP. This was in response the the recent exploits announced in all versions of PHP. We also took the opportunity to add support for the GD image library and True-Type font support to PHP to allow users to take advantage of dynamic image creation and manipulation. -Nathan and Kelsey