|
Grex > Coop11 > #120: Grex Board of Directors Informational Meeting Minutes - August 23, 1999 | |
|
| Author |
Message |
janc
|
|
Grex Board of Directors Informational Meeting Minutes - August 23, 1999
| 
Aug 24 03:27 UTC 1999 |
Cyberspace Communications
August 1999 - Board of Director's Informational Meeting
Minutes
Presiding: John Remmers (remmers)
Recording: Jan Wolter (janc)
Other Board Member Present:
Scott Helmke (scott)
Members of the Public:
Mary Remmers (mary)
Andrew Lanagan (drew)
Valerie Mates (valerie)
Arlo Mates (arlo)
Carson (carson)
Board Members Absent:
Mark Conger (aruba)
Dan Gryniewicz (dang)
Steve Andre (steve)
Misti Tucker (mta)
AGENDA ITEM 1: Gavel Banging
- John Remmers began the meeting at 7:14pm. Since only three board members
were present, we did not have a quorum, so only an "informational" meeting
could be held.
AGENDA ITEM 2: Chairman's Report
- John Remmers had nothing to report.
AGENDA ITEM 3: Treasurer's Report
- Jan Wolter is filling in as treasurer while Mark Conger is on vacation.
- Jan Wolter presented the treasurer's report for July. The full report
is available on-line in coop item 117.
* July was our eight consecutive month in the black (though
this is still partly due to the phone tax refund).
Total Income: $453.20
Total Expenses: $176.07
New Members: 2
* We ended the month with 92 members, 79 of which are fully paid up.
The number seems to have been slowly declining for a while now.
* Our bank balance is at $5,577.42, a record high in our history.
- Jan Wolter presented a preliminary report for August. The phone tax
rebate is history, and we are once again paying full phone bills. Income
this month isn't too impressive so far:
Income to Date: $208.00
Expenses: $471.17
- We are still in some doubt over how much electricity we are using.
Scott has repeatedly measured the current being drawn at 5.6 amps, but
this seems too much of a drop from our old usage of 7.5 amps. We have
eliminated the box fan that was cooling the drives, and have replaced the
old SCSI enclosures with ones with newer and better power supplies, but
the power drop seems too great. We are wondering if the new power
supplies are introducing a power factor effect that is distorting this
reading. We have a new meter installed, but don't think it is correctly
calibrated. We decided to use the value of 6.5 amps this month. That's
possibly too high, but at least we're pretty sure it isn't too low. At
6.5 amps, we will be paying $54.33 per month for electricity.
- There was some discussion over whether the treasurer should accept
starter checks as ID for validating members for internet access. We
felt that under the terms of the existing ID policy, a check need not
have the customer's address pre-printed on it, but it does have to have
the person's name pre-printed on it. Thus starter checks would not be
acceptable as ID.
AGENDA ITEM 4: Publicity Committee Report
- Misti Tucker, the Publicity Czar, was not present.
AGENDA ITEM 5: Technical Committee Report
- Scott Helmke reported for the staff.
- Marcus Watts has installed an new kernel that is more efficient at
stopping fork bombs. Whenever a user tries to launch too many processes,
it instantly kills all the user's processes. So far this seems to be
working great. Stops fork bombs fast, and doesn't interfere with normal
usage.
- Scott Helmke and Steve Andre are likely to add another disk drive soon.
- Staff breifly suspected that we might have had a root break-in because
the permissions of one system file were reset oddly, but after
investigation it was found that a misbehaving system program was
responsible. That program has been fixed.
- Charles Mitchell is working on installing a newer version of the
operating system on the yet to be used mail machine.
- Grex was the subject of a "smurf attack" which caused network connections
to be slow and flakey for a while. Our internet service provider dealt
with it.
- Some of our dial-ins were failing to connect. Scott Helmke determined
that the terminal server was misbehaving. He swapped in the spare and
the problem went away.
- The staff forgot to meet this month.
AGENDA ITEM 6: ACLU Suit
- Judge Tarnow granted us an injunction against the Internet Censorship
Act (Michigan Public Act 33 of 1999). This means it will not go into
effect unless the Attorney General's office can win an appeal. It is
likely to be six to nine months before such an appeal is heard.
- Some members objected to the temporary shut down policy passed by the
Grex board in July, and a referendum was held to overthrow the policy.
The final member vote was:
14 Yes
27 No
So the policy remains in force.
- We need on-line discussion on what we would actually do if some kind of
law were passed that made it a problem to run an uncensored conferencing
system with an open newuser. John Remmers said he would enter an item.
AGENDA ITEM 7: Credit Card Info
- Grex now has a credit card number, which we need to pay the web banking
company various fees.
- We are ready to send in the paper work, or will be as soon as Mark comes
back and can prepare copies of the necessary attachments (our Articles
of Incorporation and our "Grex" DBA). John Remmers currently has the
forms. He will sign them after reviewing them.
AGENDA ITEM 8: Future Planning Meeting.
- Future planning meeting will be either Sunday, September 19 or Sunday,
October 3. The 19th is Yom Kippur, but the holiday doesn't start until
sunset, and we plan to hold the meeting early in the afternoon.
AGENDA ITEM 9: New Business
- No new business.
AGENDA ITEM 10: Gavel Cessation
- John Remmers ended the informational meeting at 8:12pm
|
| 25 responses total. |
scg
|
|
response 1 of 25:
|
Aug 24 04:45 UTC 1999 |
I was there too. I got there a bit late, though.
(I wasn't listed under "members of the public)
|
janc
|
|
response 2 of 25:
|
Aug 24 05:08 UTC 1999 |
Sorry.
With only 3 board members attending, this represents the worst board turn-out
in recent history. Here's the recent history of board attendance, based on
meeting minutes (which are not 100% reliable):
aruba robh srw mta scg scott valerie
Jan 1996 * * * * * * * 7/7
Feb 1996 * * * * * * - 6/7
Mar 1996 - - * * * * * 5/7
Apr 1996 * * * * * * * 7/7
May 1996 * * * * * * * 7/7
Jun 1996 * * * * * * - 6/7
Jul 1996 - * * * * * * 6/7
Aug 1996 * - * * * * * 6/7
Sep 1996 * - - - * * * 4/7 (special)
Sep 1996 * * * - * * * 7/7
Oct 1996 * * * * * * * 7/7
Nov 1996 * * * * * * * 7/7
Dec 1996 * * * * * * * 7/7
janc
Jan 1997 * * * - * - * 6/7 (special)
Jan 1997 * * * * * * * 6/7
Feb 1997 * * * * * - * 6/7
Mar 1997 * * * * * * 6/6
dang
Apr 1997 * * * * * * * 7/7
May 1997 * * * * * - * 6/7
Jun 1997 * * * - * * * 6/7
Jul 1997 * * * * * - * 6/7
Aug 1997 - * * * * * * 6/7
Sep 1997 * * * - * * * 6/7
Oct 1997 * * * * * * * 7/7
Nov 1997 * - * * * - * 5/7
Dec 1997 * * * - - * * 5/7
Jan 1998 * * * * * * * 7/7
Feb 1998 - - * - * * * 4/7
Mar 1998 * * * * * - * 6/7
Apr 1998 * * * * * * * 7/7
May 1998 - * * - * * * 5/7
Jun 1998 * - * * - * * 5/7
Jul 1998 * * * * * * * 7/7
Aug 1998 - * * * * * * 6/7
Sep 1998 * * * * * * * 7/7
Oct 1998 * * * * * * * 7/7
Nov 1998 * - * * * * * 6/7
Dec 1998 * * * * * * * 7/7
steve remmers
Jan 1999 * - * * * * * 6/7
Feb 1999 * * - * * * * 6/7
Mar 1999 * - * - * * * 5/7
Apr 1999 * * * - - * * 5/7
May 1999 * * * * * * * 7/7
Jun 1999 * * * * * * * 7/7 (special)
Jun 1999 * - * * * * * 6/7
Jul 1999 * * * * * * * 7/7
Aug 1999 - - * - - * * 3/7
|
mdw
|
|
response 3 of 25:
|
Aug 24 13:37 UTC 1999 |
Evidently, a majority of the board feels a need to take a summer recess.
|
steve
|
|
response 4 of 25:
|
Aug 24 18:08 UTC 1999 |
Had I not been feeling sick I would have been there. I'm sorry.
|
don
|
|
response 5 of 25:
|
Aug 24 23:40 UTC 1999 |
Would I be correct in assuming that new names in a column means that someone's
term ended with the next guy/gal the successor?
|
tpryan
|
|
response 6 of 25:
|
Aug 25 00:11 UTC 1999 |
Seems to be a rash of no quorum making going around town.
|
scg
|
|
response 7 of 25:
|
Aug 25 03:26 UTC 1999 |
re 5:
yup.
|
richard
|
|
response 8 of 25:
|
Aug 25 21:15 UTC 1999 |
hey, grex's board members do better than mnet-- apparently mnet was down
to $65 in the bank at the first of the month, and the August board meeting
didnt take place-- board didnt make quorum (I guess as long as mnet hs at
least $20 in the bank a board meeting isnt considered that critical)
|
albaugh
|
|
response 9 of 25:
|
Aug 27 00:32 UTC 1999 |
a) What is deemed to be "too many processes" for a user to have?
b) What is a "smurf attach"?
|
mdw
|
|
response 10 of 25:
|
Aug 27 02:17 UTC 1999 |
(a) 32.
(b) the possible consequence of running /a/s/f/sflux/smurf2.c
|
albaugh
|
|
response 11 of 25:
|
Aug 27 04:56 UTC 1999 |
(sorry, smurf *attack*) OK, I'll try to check out that file the next
time I telnet...
|
scg
|
|
response 12 of 25:
|
Aug 27 05:22 UTC 1999 |
A smurf attack works as follows:
IP subnets, in addition to containing a host IP address for every computer
on the network, also contain two special IP addresses, the network address
and the broadcast address. The network address is the lowest address in the
subnet, and the broadcast is typically the highest address. Generally, data
sent to either the network or broadcast address gets sent to every computer
on the network.
There are several Internet protocols that can send what are known as echo
requests, which means that computers receiving those packets will generally
copy the data in the packet and send it back to the computer that sent the
packet (or at least the computer that the packet claims to have been sent by,
but we'll get to that in a minute). This is intended for testing purposes
(and is, in fact, a very useful diagnostic tool). The most common protocol
used for that is Internet Control Message Protocol, or ICMP. For those of
you familiar with the ping command, ping sends an ICMP echo packet to a remote
computer and then times the response.
At some point, computer vandals noticed that they could slow down other
computers' network connections by doing "ping floods." A ping flood involves
sending very large ICMP echo packets, often in very quick succession, to the
other computer. That is, however of very limited destructiveness unless you
have a fairly fast Internet connection, as a user on a 28.8 modem can't suck
up more than 28.8kbps of bandwidth on the remote link using that method.
Instead, the vandals realized, they could ping the network or broadcast
addresses of remote networks, and cause every computer on the remote network
to generate an echo response for each incoming packet. If a remote network
has a hundred computers on it, it would send out 100 times the amount of data
the vandal was sending into the network, thus being able to cause some serious
problems.
There is also the issue of the remote computers deciding where to send the
echo responses back to. Each IP packet contains a source address and a
destination address, saying where the packet came from and is going to. A
computer responding to data that gets sent back to it will send data to the
IP address that it sees as the source address on the incoming packets.
However, assuming you don't care if you can actually communicate on the
Internet, the source address on the packets doesn't have to be the real IP
address of the computer that's sending the packets. Therefore, when sending
out these echo request packets that would hit a network or broadcast address
and send back far more data than was being sent out, the vandals would send
out their packets with a "spoofed" source address, thus redirecting the
replies towards a third computer or network (generally the intended victim),
and subjecting that network to the full force of the flood of data. Sometimes
such things were a huge pain only for the person on the receiving end of the
attack (who may well have done something to provoke it). More often it would
saturate some network connection between the amplifier network and the victim,
and cause huge problems for the networks the data was passing through. That
is what smurf does.
So what's being done about this? A couple of things. Network operators are
now being strongly encouraged to make computers on their network not respond
to broadcast packets coming from outside their network. Many modern Internet
routers have easy to enable features that block such broadcast packets from
entering their networks. It is also possible to put filters in routers, such
that it will only let through data with certain specified source addresses.
Causing replies to echo packets, and various other evil things that can be
done through source address spoofing, can be largely prevented by network
operators doing that on their routers. On Grex we are doing both of those.
Our router has a filter in it such that data can't leave our network unless
it has a source address on it that's within Grex's IP address range. Grex's
router is also configured such that packets coming into Grex's network bound
for either the network or broadcast address will get filtered out and will
never make it to Grex's ethernet. As such, smurf is absolutely useless on
Grex, or used with Grex as the amplifier network.
|
albaugh
|
|
response 13 of 25:
|
Aug 27 18:43 UTC 1999 |
Thank you very much! :-)
|
spooked
|
|
response 14 of 25:
|
Aug 27 23:08 UTC 1999 |
Yep, well explained Steve. One must note that the broadcast message will only
work on a broadcast topology, of which an Ethernet by standard is.
|
scg
|
|
response 15 of 25:
|
Aug 28 00:33 UTC 1999 |
Yes and no. Point to point links often have their own IP subnet, with an IP
address for each end, and a network and broadcast for the subnet. As such,
if "no ip directed-broadcast" or its equivalent hasn't been set on those
interfaces you can generally get two responses to your one echo packet out
of it. Of course, that's pretty ineffective compared to other smurf amplifier
networks, but I've heard of that sort of thing getting used.
|
janc
|
|
response 16 of 25:
|
Sep 29 02:32 UTC 1999 |
I've been out of town for a week. What happened to the September board
meeting?
|
scg
|
|
response 17 of 25:
|
Sep 29 03:51 UTC 1999 |
The board apparrently decided they wanted to be like the staff. ;)
|
steve
|
|
response 18 of 25:
|
Sep 29 15:57 UTC 1999 |
I vote to have a meeting.
|
aruba
|
|
response 19 of 25:
|
Sep 29 17:16 UTC 1999 |
remmers is working on trying to coordinate everyone's schedules, since many
people changed as of September.
|
dpc
|
|
response 20 of 25:
|
Sep 29 18:17 UTC 1999 |
Are people saying the the Board didn't meet in September? Combined
with the quorumless meeting in August, I'm wondering if there is
a problem.
|
remmers
|
|
response 21 of 25:
|
Sep 30 19:31 UTC 1999 |
Nah. I think we'll have a quorum for the next one.
|
remmers
|
|
response 22 of 25:
|
Sep 30 19:36 UTC 1999 |
Or, more verbosely: I don't know what the problem was with the
quorumless August meeting. I doubt that it will happen two times in a
row. The absence of a September meeting was due to my temporary lack of
organization. I'm working on scheduling the October one. Probably should
be early October if possible.
|
danr
|
|
response 23 of 25:
|
Oct 17 21:59 UTC 1999 |
Did one take place in October? I guess not since I didn't see any minutes.
|
janc
|
|
response 24 of 25:
|
Oct 18 03:39 UTC 1999 |
Mark is trying to schedule a meeting for next week.
|