Year: 2002

Fri Jan 25 16:37:12 PST 2002 — It has come to our attention that Network Solutions/VeriSign is sending renewal notices to the owners of recently transferred domains. These notices are being been sent via email and regular mail asking for the renewal of domain names that are no longer registered through Network Solutions/VeriSign. These notices may also contain stern warnings of how you may lose your domain name if you do not renew through them. If you have recently transferred a domain name to our registry, you may receive one of more of these renewal notices from Network Solutions/VeriSign. Be advised that you may disregard any mailings from Network Solutions/VeriSign requesting domain renewal. Your domain is safely registered through the Sonic.net registry and not under the control of Network Solutions/VeriSign.

-Chuckc

Thu Jan 24 17:39:13 PST 2002 — We have identified the root cause of the authentication failures after a lot of head scratching and bug crushing. As it turned out the problem was not where we were focusing our attention, the RADIUS authentication servers, or cucipop, the POP3 server software, but the underlying NIS libraries on our administrative server where the POP3 servers were being compiled. As it turns out the unthinkable was occurring: getpwnam() was not returning the correct struct to cucipop and hence the RADIUS server was receiving the wrong username with the right password. Compiling cucipop on a mail server resolved the bug and fixed all of the failures. Special kudos to Nathan for his diligence in tracking this problem down to it’s end! Before identifying that it was a core system library problem we replaced ypbind and ypserv, the NIS processes which resolve usernames on our servers, with new versions. Although it didn’t resolve the problems it turned out to be a good upgrade anyway since the new versions appear to perform better than the old. We made numerous other bug fixes and upgrades to cucipop and our RADIUS authentication library as well, including the use of proper serialized sequence numbers.

There are public stats available in Cricket at www.sonic.net/stats which show the dramatic drop in errors on the POP3 server. (Servers -> Mail -> ‘Mail Server Aggregate’ Errors)

-Kelsey, Nathan, Russ, Matt and Scott

Wed Jan 23 08:43:17 PST 2002 — Shell access now requires verification of customer identity by technical support before initial use. This one-time verification is designed to prevent late night sign-ups by individuals using stolen credit cards who then use shell.sonic.net as a platform for hacking, launching denial of service (DOS) attacks, IRC proxies and bots and other annoying behaviors. These actions cause problems with IRC servers who may blacklist us, and the impact a DOS attack from our dual T3 links can have on a smaller remote site can be crippling for them.

Any customers who have used the shell server in the past month and a half have been tagged as verified and have access currently. Customers who have not recently used the shell or who are new customers and need access to the shell server should contact support via email or phone for a brief call-back verification of contact information and identity.

This additional one-time security measure benefits all of our customers, as the impact of these behaviors, particularly the DOS attacks, can impact dialup, hosting and all other access. -Dane, Eli, Kelsey, Russ, ScottR

Wed Jan 23 16:29:11 PST 2002 — We are experiencing some authentication errors for customers trying to check their email. We are investigating the cause of the failure. -Matt, Russ, Scott, and Nathan

Tue Jan 22 12:14:40 PST 2002 — We experienced some authentication errors for customers trying to check their email. The problem is now resolved and we are investigating the cause of the failure. -Matt and Russ

Fri Jan 18 12:12:05 PST 2002 — In the interest of increasing privacy for our users we no longer are distributing user’s full names in the password database to our servers. This modification primarily effects shell users who may find that their MUA no longer includes their full name in the ‘From’ headers. If you wish to have your MUA include this information you will need to specifically enable it in it’s configuration. -Kelsey

Thu Jan 17 10:07:39 PST 2002 — We experienced the ‘All Circuits Are Busy’ recording on the Digital America LA Numbers this morning. After working with Focal Communications we were able to get those lines back up. If you called tech support and they moved you to a different phone number, it is ok to move back to the 9606 number. Thanks. -Steve, Matt and Russ

Sat Jan 12 20:49:38 PST 2002 — Broadlink WDSL service outage. Currently all Broadlink connected customers are offline and have been so since our SMS crashed earlier tonight. We are working with Broadlink trying to resolve the issue but do not yet have an ETR. – Eli, Nathan, Kelsey and Kavan

Update Sunday, Jan 12 10:52:00, BroadLink’s head end/ATM router that passes all traffic for customers between BroadLink and Sonic failed. A backup router was configured last night and installed this AM. Thanks to Broadlink for the hard work, much sleep was lost last night while they performed the repairs. -Sonic.net and Broadlink

Sat Jan 12 18:08:35 PST 2002 — RedBack SMS crash. About 20 minutes ago, the router that serves PacBell DSL, Broadlink DSL, and some FRATM customers crashed unexpectedly, causing a 15 minute outage. The box rebooted itself after a lengthy dump of it’s memory, and is back online now. We’ll be providing the core dump file to Redback’s engineers to determine what caused the crash. — Eli, Kelsey

Fri Jan 11 14:26:05 PST 2002 — The issue with the 9811 pop has been resolved and the pop should now be functioning properly. We’ll keep an eye on it for the next few days. -Kelsey and Russ.