Mon Oct 6 11:58:27 PDT 2003 — Upgrade to “tin” newsreader on Shell. The shell server now sports the absolute latest version of “tin”. Our version of tin has a disabled mail check, as it doesn’t understand maildir, the new format of our mail spools. (If you don’t know what a shell server is, you can safely ignore this update.) -Scott

Mon Oct 6 14:31:38 PDT 2003 — Our new E-Mail anti-virus solution is currently being tested on one of our inbound MX servers. If the system proves to be stable under the real world load presented we will deploy it on the rest of our mail servers in a few days. It should be noted that at this time there is no way for a user to optionally bypass the new anti-virus software. Users will not be able to bypass the filtering on outbound email, but if there is demand, we will consider allowing users to disable inbound virus filtering on their accounts. -Kelsey

Fri Oct 3 23:13:32 PDT 2003 — Network Event: We experienced significant packet loss on our circuit to Equinix tonight due to a possible fiber cut in San Jose. After shutting down the link to prevent poor performance one of the core routers at one of our San Francisco POPs rebooted due to an apparent software bug. This, of course, confounded any problems caused by the other trouble. All services has been restored at this time, both the San Francisco POP at Focal and Equinix are at 100%. -Kelsey and Nathan

Wed Sep 24 15:04:27 PDT 2003 — Testing New Email Anti-Virus Solution: We are currently testing a new anti-virus solution on custmx.sonic.net, our dedicated backup MX servers for customers with their own mail servers. If the test goes well we will deploy the system on both our inbound and outbound mail servers. The new anti-virus solution is based on MIMEDefang and Clamav which are both open source projects.

If you have any questions or comments, please bring them to news://news.sonic.net/sonic.net -Kelsey

Tue Sep 23 15:57:18 PDT 2003 — Time.sonic.net, our public NTP server, has been migrated to a new IP address, 209.204.159.18. -Kelsey

Wed Sep 17 19:24:19 PDT 2003 — Sendmail Buffer Overflow: There has been yet another buffer overflow announced in sendmail. We’ve just completed upgrading sendmail on all of our hosts and urge customers using this standard unix MTA to patch their installations before an exploit is available. Customers running unix should also note that OpenSSH has released a new version which fixes another potential security problem in sshd. -Kelsey and Russ

Wed Sep 17 17:01:04 PDT 2003 — DNS server changes: As some of you may be aware, VeriSign, who controls the .net and .com DNS registries, recently changed the behavior of their gTLD servers to capture web traffic destined to non-existent domains with their own ‘sitefinder’ portal. Sonic.net, and many other service providers, are concerned by VeriSign’s actions which, we believe, have had far-reaching negative affects on the Internet at large. In order to restore what we feel is the correct behavior of the .net and .com gTLD name servers on our network we replaced BIND on our name servers with a patched version that enforces receiving delegation-only responses from these servers.

For more information about this please see news://news.sonic.net/sonic.net

-Kelsey

Wed Sep 17 16:24:36 PDT 2003 — Altnews.sonic.net service issues: The out sourced NNRP provider that services altnews.sonic.net is currently reporting authentication problems for connections from our network. We’ve brought on another out sourced NNRP provider available at newscene.sonic.net in response to altnews’ (webusenet/ispnews) ongoing stability problems. For more information please see our support FAQs and news://news.sonic.net/sonic.net -Sonic Operations

Tue Sep 16 11:56:09 PDT 2003 — OpenSSH exploit in the wild. There are reports of a worm in the wild that exploits a bug in OpenSSH. Folks running OpenSSH are strongly encouraged to upgrade to the very latest version, and examine their machine for intrusion problems.

All vulnerable Sonic.net hosts have either been upgraded or firewalled, preventing intrusion on these Sonic.net servers. -Kelsey and Scott

Sun Sep 14 12:18:47 PDT 2003 — custsql.sonic.net (aka timber) public MySQL server is currently offline due to some kind of hardware failure. We’ll be swapping the hardware out with spares and should have services restored shortly. -Kelsey

UPDATE Sun Sep 14 13:04:06 PDT 2003 — The MySQL server has been replaced with new hardware and is currently back-online. Please report any issues to support. -Kelsey