22 posts • joined 17 Oct 2007
Re: just block it
If the random ip addresses make a connection to the smtp server and either drop the connection or do anything invalid then they can be blocked by fail2ban. True if there are enough it may cause issues with iptables but I've never had a problem yet and get random attacks like this multiple times a day now and then from blocks of random addresses which are blocked within seconds
am I missing something
Surely you just outlaw shipping goods in and out to avoid charging vat.
so goods produced in either Jersey or Guernsey are not affected.
If you want one you can connect to ethernet and use 3G if its not available then try one of these.
They are cheaper, a little larger and work well.
I use the NET-3G-ESR-6650, great little router with 3G backup.
And its not that good
From tests I've seen this ONLY works on 3G, no 3G no connection.
Try a Zoom We 3G instead, smaller and works on any mobile signal.
no need for seperate ips for ssl
There is no need for a multiple ips for ssl, you can have as many domains as you like using a multi domain certificate, they've only been around a couple of years (to my knowledge) but you can have one ssl cert that supports multiple domains and thus can be used on one or many ips.
for example http://www.sslshopper.com/ssl-checker.html#hostname=www.ippatrol.co.uk
Just ask them
I faced this situation in PCWORLD (online price was cheaper).
I picked up an item not realising the store price was different, I got to the checkout, the guy rang it in the till, I was surprised by the price and questioned it, seems the price I had was online only, so I asked if I walked out to my car, fired up the laptop, ordered it and walked back in I would get the online price which I would, I pointed out it was all a bit silly, was there nothing he could do and he quitely logged on to the web on his till into an existing dummy account on their website and placed an order. He then put the order no. into the till and charged me the web price.
Guess you just have to be nice!
Pants on fire
Housekeeping (the person with the trolley) goes over straight away and asks her if she is ok, security even confirmed she said she was just a little wet, someone else also approaches her so this statement is untrue.
“My issue is I don't think security was professional because they didn't send anyone to check on me until 20 minutes later and I had already left,”
Clearly the security guards and the person filming it are watching all the videos on playback sometime later, and as anyone would having a laugh.
Quite how she knows they didn't send anyone for 20 mins when she had 'already left' is rather confusing, if she wasn't there any longer how did she know?
Just another idiot, if she had kept quiet its doubtful anyone would have recognised her.
"I think the most forward-looking CIOs are coming to the realization that the productivity of the person, the creativity of the employee, is materially more important than everyone using the same thing,"
couldn't have put it better myself. Some people like a droid, some a laptop, some a large phone etc etc and ios does't work on them.
Not just the iphone4
I got an iphone 3GS and sent it back for exactly this reason (having visited an apple store and swopped it just in case it was just mine that was duf), losing two or 3 bars when you pick the device up, same when I tested a mates 3G. Vodas answer was a sure signal, which is no answer as you then have a non mobile mobile, and can't max out your broadband.
A quick google search will confirm many similar cases, vodafone know about it and will admit it in the end, apple turn a deaf ear but are 'looking at it'.
Losing 2 bars when you only have 2 or 3 means its useless, phone rings, pick up, hello, hmm no signal.
Was hoping the new design fixed this issue. I guess they never do real world testing or only do it in full signal areas.
Not just iphones either!
Ok ok so you can still use Betamax videos you have if you have a player but I remember many people bemoaning the fact they had bought Betamax when VHS became the defacto standard in the UK as they could not get films etc any more and were going to have to buy a VHS system as their system was basically obsolete.
I bought VHS but copped for BSB.
P.S. Thats not the R.P. I used to know at N.P is it? Small world if so :)
Whats the problem
You paid £30 for an identity card - you got one?
OK its now useless but then so were beta max videos, BSB Kit and god knows how many other things. Its life - get used to it!
Move along, nothing to see here, next!
detect the issue?
Surely their letter writing system should have baulked at these figures (if not some other internal checks) and alerted them so they didn't send letters for such stupid amounts? I guess they don't have any sensible checks on their system so that they know about issues before pissing off 12,000 odd customers and causing 12,000 odd phone calls to their call centre.
I really hate it when you call a call centre to be told oh its an automated letter, well if its automated get it to automatically detect stupidity. Its not very hard. create an exception report which can be processed by someone with common sense.
Bugs happen but with reasonable controls you should find them before the customer does!
"So, you give a contractor the keys to the kingdom. Every fscking key to every fscking one of your 4000 servers. What could possibly go wrong?
Funny how organizations which give proper jobs with proper salaries to their admins don't usually have this kind of problems...?"
Pierre I think you are jealous, knock that chip off your shoulder, get a life or get a contract. Being a contractor has nothing to do with this, he'd been there for 3 years for a start. He was dishonest end of. Good luck if you ever hire anyone, if you make the assumption just cause you have given them a 'proper job' on a 'proper salary' they will be honest good luck to you.
Very happy with pin sentry.
Device arrived automatically as I regularly do transfers and set up new payees. I have had no issues what so ever and did not have to replace my debit card. The system is very simple to use and also means that new transfers are validated immediately rather than getting held for 24 hours for fraud checks as previously happened.
Only issues I see are leaving my debit card at home in the device by mistake and possibly having to take it away with me as I sometimes do transfers whilst travelling.
With any new system or large rollout, there will always be those who don't like it, take time to get used to it, find it difficult to understand and a few circumstances were things don't go smoothly.
Streamline appear to be hosted at rackspace - so seperate issue?
4 10.102.240.129 (10.102.240.129) 30.266 ms 168.671 ms 204.099 ms
5 10.102.240.221 (10.102.240.221) 203.198 ms 183.862 ms 174.135 ms
6 10.102.57.7 (10.102.57.7) 15.593 ms * 17.085 ms
7 g3-15.edge3.lon.rackspace.net (184.108.40.206) 16.264 ms 17.779 ms 15.647 ms
8 vl901.core1.lon.rackspace.net (220.127.116.11) 16.236 ms 15.672 ms 16.108 ms
9 g1-0-25.aggr3a.lon.rackspace.net (18.104.22.168) 17.553 ms 15.622 ms 16.441 ms
10 www.streamline.net (22.214.171.124) 16.167 ms 16.171 ms 16.106 ms
How to solve it
Well its looks a no brainer to me.
Actually get your head out of the sand (isps) and do something REAL about spam. Since about 95% of email is spam think how much bandwidth would be saved if you actually DID something.
You could then actually do something about DOS attacks and continual probes by compromised kit and save even more bandwidth.
Not only that it would be green too, think of all the power you will save by not having to add more kit to cope with demand to transmit all that spam and all that DOS/probe traffic.
but then back in the real world.....
I guess just adding more bandwidth and moaning about it is simpler.
As far as I know secondary name server services like everydns.net will not work with most isps as they don't allow zone transfers. I just checked reg-123 and it does not allow them. Try a host -axfr yourdomain.co.uk if you have a linux system.
It would be great if such companies allowed you to enable zone transfers on a per domain basis via their control panel so that you could use secondary service but the majority do not.
Nice idea but impossible in most cases unless I am mistaken.
Keep it simple....
Rather than having a huge cluster with a gazillion domains on it, just have a number of smaller servers, when you register a domain the control panel automatically assigns you to the latest dns servers.
That way you don't need to run complicated software and the zones don't take an age to load etc etc. When you do have an issue its isolated to a subset of all the domains registered with you rather than every domain. You can limit how many domains are on any one set of servers and upgrade them if the performance starts to take a hit. If you plan your capacity this should never happen.
The down side, a few more servers to run. Up side common kit, common components easy hardware fixes.
On the subject of using other dns servers as a backup, this would be a good option but reg-123 like many reg-123 won't allow you to do this automatically as they have disabled zone transfers and there is no option to enable it.
I guess you could manually update both but that would lead to a situation where at best your dns looks (even if it isn't) out of synch.
I migrated all my domains from reg-123 a while ago once pipex took over and it started going down hill, there was just one too many cockups so I bit the bullet and moved elsewhere (domainmonster.com as it happens).
As for "Whine Whine, Whinge Whinge" By Graham Wood you say you haven't been affected, of course not as you state you run your own dns servers so it would not affect you.
Unfortunately not everyone is as lucky or perhaps didn't realise the importance of dns servers. Perhaps this is a wake up call for many. Its pointless spending thousands on your web site and advertising and then losing your business for the sake of a few pounds spent on some decent dns servers run by a company who provides reasonable support, monitors its kit correctly and can fix things in a reasonable time frame.
A few pointers for anyone looking for a new dns provider.
Ensure they have at least 2 dns servers, preferably 3. At least one should be in a different location/data center. Ensure the dns servers are in the country you expect, many so called uk providers are actually hosted in the US which means slower lookups and more chance of problems due to network issues.
If you are also using them as a registrar also check if it costs to transfer away in the event they don't work out and make sure this can be done automatically via a control panel without their intervention. If its costs money or you can't do it online yourself then avoid them.
Finally check your dns by using someone like dnsreport.com whenever you change it to make sure its working correctly. We regularly get customers querying alerts we send them and when we check their dns setup we generally find it is not totally valid. The most common mistake is different name servers specified at the root servers to those in their own name server records.
uk update url
UK - url - guessed it as I couldn't find it.
Pit annoyed as I bought a macbook pro in March as I couldn't wait any longer for Leopard and I'm now having to pay the full price for the upgrade, surely it could be staged and say a 50% discount if you have bought your kit in the last 6-12 months bearing in mind how late the release is.
Keep it simple stupid....
You should of course run a backup BEFORE doing any major upgrades/housekeeping not AFTER, then ensure it has worked before starting your work (as much as is possible). Belt and braces says you run one after as well and these are kept out of the standard backup cycle for a period until you are sure there are no negative affects/data loss.
Any upgrade/housekeeping 'plan' should have a regression plan and a testing phase. Clearly there was neither. Questions should be asked of who ever is in charge and signed the work off. Simple change control procedures and standard operating procedures prevent cockups.
Pretty simple stuff.