Quote:
Originally Posted by Aergad
not really it still does go down it is just bounced faster now and actually i do have changelogs prior to 0.6 versions of the emulator which goe back heck probably almost all the way and most of your basecode was done by them just because its tweaked doesnt mean they didnt lay the foundation you know. without that foundation they helped lay there would be nothing for anyone to build upon give credit where credit is due.
|
I never said that they didn't earn respect in the past. I wish they had kept that respect and remained with the project this whole time, but neither is the case. They lost their respect long ago when they burned their bridges here. It doesn't matter how much anyone helps out if they can't keep from turning on the community at any given point.
They didn't leave the community willingly. They had their moderator or admin status (whatever) on the forums removed and were removed from the project forcefully years ago for having malicious intent against the project and/or community. Maybe one of them would be kind enough to lay out all of the details of why they were removed from the project in the first place, but I wouldn't expect the full truth either way.
Quote:
Originally Posted by Aergad
I read all the posts about it, yeah running on the same hardware and kls' answer was to shut the site down entirely for what two weeks or so because apache was using too many resources between the wiki and the forums mysql queries?
|
By KLS shutting down apache, it proved that the LS was stable enough to remain on the current hosting as long as we move the website to new hosting at some point. I much prefer having the forums down and the LS up if it is a choice between the 2 of them. The final resolution to the whole LS issue is still in the works. The site was kept down as a temporary solution while other options were being considered. At least the LS was working, which is top priority. I still don't have any kind of ETA on when the next steps will be taken.
Quote:
Originally Posted by Aergad
in any court aside from the admitted attacks the rest is circumstantial is all im saying. So yes to quote you... before making accusations have facts aside from 2 or 3 instances that were admitted to. There is no proof it was either of them all the times it crashed and its been admitted by the person takling care of the ls now that most of the issues were related to apache and mysql and lack of server resources. Unless of course you are calling kls a liar in her posts?
|
You are aware that the way that Devn00b was crashing the LS was by sending malformed packets to the LS. This means he probably has some code to simulate a very simple client connection and was able to write a structure that was not accepted by the LS, which is what caused it to crash. My best guess is that maybe they have a copy of the Simple Client source code, or some other old code that simulates a client connection. I know I have seen doodman link screenshots of a EQ Client simulation he had made, and it wouldn't surprise me at all if Image has something similar. Either way, it has to be something other than a normal EQ client that they were using for this "testing". I don't really know why they would want to simulate a client if they are building a LS to be designed to work with Titanium in the first place.
Basically, I don't know exactly how they did it, but I do know that it was a malformed packet that caused those crashes. Then, 3 days after those admitted crashes happened, I read reports on the PEQ forums of their world server crashing repeatedly. Their server was restarted several times and the problem repeated and then simply stopped as mysteriously as it had started. A couple hours after I first read about the issue on PEQ, I happened to be looking at the processes on Storm Haven and noticed that my world server had just started bouncing at random. I then got reports that all of the popular servers were sporadically popping off and on the Public LS list. This is because the same thing was happening to all of the Popular Public Servers. None of the servers with 0 or 1 players were having this issue, only the ones that get higher player numbers. It didn't take long for me to figure out that this was an intentional attack on our servers and I alerted Cavedude immediately.
After investigation, their team found that the world servers were being crashed by, you guessed it, Malformed Packets! The direct result of this exploit/hack was why Revision 396 was put in as a quick fix.
This was an obvious attack and anyone who would do something like this does not deserve to be a part of this community. The simple facts are these:
1. Devn00b had openly admitted to using this exact same technique to crash the Public LS 3 days prior to this whole incident happening.
2. Only a very small percentage of the community is aware that such exploits like this exists and even less of them would even know where to begin to be able to abuse them.
3. By making the Public LS look bad, unstable, and appear to be causing actual servers to crash, only someone hosting their own Login Server would have anything to gain from doing this.
4. Devn00b obviously already had something in place that could send malformed packets at any part of the connection process, so this would have been insanely simple for him to do.
5. This was barely 3 days after the same attack had occured on the Public Login Server itself, which was caused by Devn00b.
I don't know how there can be any doubt at all that it was them.
I certainly don't blame all of the LS issues on them, but the part they played should not be ignored. There were multiple issues with the site and LS that were all results of different things. One issue was caused by hackers who were flooding the site with requests and bogging it down so much that it hosed the LS. That was the initial issue we saw where the site would take forever to load and then the LS would still be reachable if you tried non-stop for like 10 minutes.
To battle that issue, doodman changed some stuff, which I believe started the "bad username/password" issue after MySQL would fail.
And somewhere in there, the LS was just crashing at random even while the Forums were up and speedy, which was the result of someone crashing it. I don't know how many times it happened, but IMO, that doesn't matter considering the world crashing attack that happened.
Quote:
Originally Posted by Aergad
Thats all im saying is you are accusing them because devnoob admitted to it 2 or 3 times your blaming the whole thing ont hem because the emu staff arent too thrilled that there is a new public loginserver system out for anyone to use. not based on proof that they had anything to do with the long term issues with the loginserver.
|
If a new Login Server had come from well-trusted, respected, long-time members of the community, then I think we would all be ecstatic to get it. Since that is not the case, I don't think it is right to not give our community a warning about the source of these Login Servers. Heck, you already lost your entire LS database to someone that now has all of their usernames and passwords! That is just the beginning of what would happen if this was to become widespread.
While it may seem like we are being controlling about the Login Server, it is actually that we are trying to find the best way to keep the communities passwords and other information safe and provide them with a reliable and trustworthy service.
Hybrid Mode
