It appears the newuser code is not available from the cyberspace.org webpage and as a login. Is this an intentional removal, or is it a snafu? I have a colleague who I would like to bring onto cyberspace.org, both as a platform on which she can learn the basics of UNIX and as a social environment to help bring her out of her shell. If newuser has been intentionally disabled, is it possible to have an existing user vouch for a potential user's trustworthiness to get an account made for her? Was this in a post or MOTD that I missed? Thanks.27 responses total.
I think when newuser opens back up I am going to start creating some pseudos for the purpose of giving to new users when newuser gets closed.
I think it would be wonderful if accounts were in such demand that they could be sold, by members, on the black market.
LOL, I wouldn't sell them. Or maybe I would, but it wouldn't be for money. Favors, baby, yeah.
You see, I think I could be a grex account philanthropist. A kick ass philanthropist! I would have all of these user accounts, and people would love me. Then they would come to me....and....beg! And if I felt like it, I would help them out. And then they would owe me big time! First thing I'm gonna need is a driver...
New user was turned off after a vandal disabled our ISP and is supposed to come back soon. Offsite mail has been gone since January for nonmembers but that will be available by special request (due to spammers).
Keesan, Thanks for the explanation. She doesn't need the additional email account (she has a metric assload of Y!, hushmail and hotmail accounts), so that shouldn't be a big deal. When newuser is back, I will probably still steer her this direction. What did the vandal do, anyway? All I saw was an outage for a bit, and then a few days later a MOTD saying it was taken offline by vandal activity.
Right - newuser is shut off pending implementation of a system to make the outbound net access that has always been allowed by default a by- request-only feature. It's unfortunate that we had to do that, but it was truly an emergency situation. See the minutes of the November board meeting (item:378) and the "call for volunteers" item (item:379). It's my hope we can get the system in place soon and turn newuser back on. Open access is part of our mission.
Response #6 slipped in. The vandal launched a denial-of-service attack from Grex that created problems not just for us but for the company that hosts our server.
I'm glad to step up and help, as I mentioned in the call for volunteers. Ok, rereading the minutes from the board meeting, I think I understand. Since the mission of cyberspace.org is at least in part to foster social interactions, would it be reasonable to have a system by which new users are vouched for by existing users? An existing user would have an incentive to only invite good people, since one presumes he would not want assholes breaking the system he has come to count on or at least enjoy. I guess I still don't understand the mindset that drives people to want to vandalize systems (whether physical systems like buildings or logical systems like a BBS).
Can we just track down the vandals and the spammers, rip their testicles off and force-feed them to the brats ?
Just wondering, would it be reasonable to implement something like altq to throttle-down traffic originating from the server so that even if someone is a pig about sending out a lot of traffic, it will have to wait patiently, and possibly discourage people from trying to take advantage of the system when their attack tools fail to do much? Perhaps per-user or per-port throttling will make the server seem more responsive to those not abusing it, as well. Since I know the value of a suggestion without offering to implement it is somewhat worthless (I should not be one to make other work for other people), I will offer to work with staff to come up with a ruleset that advances staff's understandings of the needs of cyberspace.org users and the historical traffic patterns and stuff. If this would be welcome assistance, you can mail me, username maus.
Yes, it would be easy to do that. And it ought to be possible to make a wrapper so that members (or some other group) could run newuser to create additional accounts here on grex.
I like the throttling idea, but it seems like it'd still be possible to set up a number of accounts that would collectively use a ton of bandwidth when activated. Server-wide limits would probably be a good way to prevent pissing off the ISP though.
All you'd end up with in that case is a DoS attack against grex, not against the ISP.
Sorry, by "activated" I mean "used in DNS flood" (I believe that's what method was used, right?), and by "accounts" I mean "malicious user accounts". ;)
Bump! Question: can we make a whitelist of programs new users are allowed to execute? Maybe it's possible to curb the vandalism by preventing the use of questionable scripts and programs?
re #16 Let's call it a yeslist and not a whitelist. The whole whitelist/blacklist thing is kinda historically racist.
And no more of this master/slave lingo either!
No, a "yeslist" won't work; folks will simply bring in their own binary and give it an appropriate name. Unless we don't allow programmers to test and run their own programs. Thus the kernel blocks, replaced by pf.
Please, let's not saying "kernel" because it historically refers to Colonel Klink then the holocaust.
Re 19: Hmm. Well I guess the naive method is out. ;) I hope they're able to get something figured out at the next board meeting.
odd, i have requested this (trig) account to have email access and i get nothing in return not even a go fuck yourself.
Probably because the request hasn't made it to the top of the queue.
does it take more than 6 months to do so? can we bump it up?
I'm sorry, we'll need a ticket number to track your request.
now serving number 3 you are number 12312931829302183092903
damn!
You have several choices: