|
|
| Author |
Message |
maus
|
|
Question about newuser
| 
Dec 6 10:07 UTC 2006 |
It appears the newuser code is not available from the cyberspace.org
webpage and as a login. Is this an intentional removal, or is it a
snafu? I have a colleague who I would like to bring onto cyberspace.org,
both as a platform on which she can learn the basics of UNIX and as a
social environment to help bring her out of her shell. If newuser has
been intentionally disabled, is it possible to have an existing user
vouch for a potential user's trustworthiness to get an account made for
her? Was this in a post or MOTD that I missed? Thanks.
|
| 27 responses total. |
nharmon
|
|
response 1 of 27:
|
Dec 6 13:14 UTC 2006 |
I think when newuser opens back up I am going to start creating some
pseudos for the purpose of giving to new users when newuser gets closed.
|
mary
|
|
response 2 of 27:
|
Dec 6 13:29 UTC 2006 |
I think it would be wonderful if accounts were in such demand that
they could be sold, by members, on the black market.
|
nharmon
|
|
response 3 of 27:
|
Dec 6 14:10 UTC 2006 |
LOL, I wouldn't sell them. Or maybe I would, but it wouldn't be for
money.
Favors, baby, yeah.
|
nharmon
|
|
response 4 of 27:
|
Dec 6 14:12 UTC 2006 |
You see, I think I could be a grex account philanthropist. A kick ass
philanthropist! I would have all of these user accounts, and people
would love me. Then they would come to me....and....beg! And if I felt
like it, I would help them out. And then they would owe me big time!
First thing I'm gonna need is a driver...
|
keesan
|
|
response 5 of 27:
|
Dec 6 15:06 UTC 2006 |
New user was turned off after a vandal disabled our ISP and is supposed to
come back soon. Offsite mail has been gone since January for nonmembers but
that will be available by special request (due to spammers).
|
maus
|
|
response 6 of 27:
|
Dec 6 16:17 UTC 2006 |
Keesan,
Thanks for the explanation. She doesn't need the additional email
account (she has a metric assload of Y!, hushmail and hotmail accounts),
so that shouldn't be a big deal. When newuser is back, I will probably
still steer her this direction.
What did the vandal do, anyway? All I saw was an outage for a bit, and
then a few days later a MOTD saying it was taken offline by vandal
activity.
|
remmers
|
|
response 7 of 27:
|
Dec 6 16:26 UTC 2006 |
Right - newuser is shut off pending implementation of a system to make
the outbound net access that has always been allowed by default a by-
request-only feature. It's unfortunate that we had to do that, but it was
truly an emergency situation. See the minutes of the November board
meeting (item:378) and the "call for volunteers" item (item:379).
It's my hope we can get the system in place soon and turn newuser back on.
Open access is part of our mission.
|
remmers
|
|
response 8 of 27:
|
Dec 6 16:29 UTC 2006 |
Response #6 slipped in. The vandal launched a denial-of-service attack
from Grex that created problems not just for us but for the company that
hosts our server.
|
maus
|
|
response 9 of 27:
|
Dec 6 16:35 UTC 2006 |
I'm glad to step up and help, as I mentioned in the call for volunteers.
Ok, rereading the minutes from the board meeting, I think I understand.
Since the mission of cyberspace.org is at least in part to foster social
interactions, would it be reasonable to have a system by which new users
are vouched for by existing users? An existing user would have an
incentive to only invite good people, since one presumes he would not
want assholes breaking the system he has come to count on or at least
enjoy.
I guess I still don't understand the mindset that drives people to want
to vandalize systems (whether physical systems like buildings or logical
systems like a BBS).
|
maus
|
|
response 10 of 27:
|
Dec 6 16:37 UTC 2006 |
Can we just track down the vandals and the spammers, rip their testicles
off and force-feed them to the brats ?
|
maus
|
|
response 11 of 27:
|
Dec 6 17:10 UTC 2006 |
Just wondering, would it be reasonable to implement something like altq
to throttle-down traffic originating from the server so that even if
someone is a pig about sending out a lot of traffic, it will have to
wait patiently, and possibly discourage people from trying to take
advantage of the system when their attack tools fail to do much? Perhaps
per-user or per-port throttling will make the server seem more
responsive to those not abusing it, as well.
Since I know the value of a suggestion without offering to implement it
is somewhat worthless (I should not be one to make other work for other
people), I will offer to work with staff to come up with a ruleset that
advances staff's understandings of the needs of cyberspace.org users and
the historical traffic patterns and stuff.
If this would be welcome assistance, you can mail me, username maus.
|
cross
|
|
response 12 of 27:
|
Dec 6 19:25 UTC 2006 |
Yes, it would be easy to do that. And it ought to be possible to make a
wrapper so that members (or some other group) could run newuser to create
additional accounts here on grex.
|
easlern
|
|
response 13 of 27:
|
Dec 6 22:15 UTC 2006 |
I like the throttling idea, but it seems like it'd still be possible to set
up a number of accounts that would collectively use a ton of bandwidth when
activated. Server-wide limits would probably be a good way to prevent pissing
off the ISP though.
|
cross
|
|
response 14 of 27:
|
Dec 6 23:54 UTC 2006 |
All you'd end up with in that case is a DoS attack against grex, not against
the ISP.
|
easlern
|
|
response 15 of 27:
|
Dec 7 15:11 UTC 2006 |
Sorry, by "activated" I mean "used in DNS flood" (I believe that's what method
was used, right?), and by "accounts" I mean "malicious user accounts". ;)
|
easlern
|
|
response 16 of 27:
|
Dec 29 19:57 UTC 2006 |
Bump! Question: can we make a whitelist of programs new users are allowed to
execute? Maybe it's possible to curb the vandalism by preventing the use of
questionable scripts and programs?
|
tod
|
|
response 17 of 27:
|
Dec 30 00:16 UTC 2006 |
re #16
Let's call it a yeslist and not a whitelist. The whole whitelist/blacklist
thing is kinda historically racist.
|
cyklone
|
|
response 18 of 27:
|
Dec 30 00:33 UTC 2006 |
And no more of this master/slave lingo either!
|
gelinas
|
|
response 19 of 27:
|
Dec 30 01:27 UTC 2006 |
No, a "yeslist" won't work; folks will simply bring in their own binary and
give it an appropriate name. Unless we don't allow programmers to test and
run their own programs.
Thus the kernel blocks, replaced by pf.
|
tod
|
|
response 20 of 27:
|
Dec 31 06:18 UTC 2006 |
Please, let's not saying "kernel" because it historically refers to Colonel
Klink then the holocaust.
|
easlern
|
|
response 21 of 27:
|
Jan 2 14:05 UTC 2007 |
Re 19: Hmm. Well I guess the naive method is out. ;) I hope they're able
to get something figured out at the next board meeting.
|
trig
|
|
response 22 of 27:
|
Jan 4 23:02 UTC 2007 |
odd, i have requested this (trig) account to have email access and i get
nothing in return not even a go fuck yourself.
|
gelinas
|
|
response 23 of 27:
|
Jan 5 00:48 UTC 2007 |
Probably because the request hasn't made it to the top of the queue.
|
trig
|
|
response 24 of 27:
|
Jan 6 14:59 UTC 2007 |
does it take more than 6 months to do so? can we bump it up?
|