Re: [racket-dev] [racket] [ANN] RacketCon 2013: 29 September

2013-09-22 Thread Eric Hanchrow
My wife and I will be in Boston a day early (Friday).  Does anyone
have a must-see touristy suggestion for us?

On Wed, May 8, 2013 at 8:49 AM, Asumu Takikawa as...@ccs.neu.edu wrote:
 RacketCon 2013
 --

 We are pleased to announce that (third RacketCon) will take place on
 September 29, 2013 at Northeastern University in Boston.  This year, we
 plan to bring in several speakers from industry, as well as host talks
 from Racket developers and users.

 Lunch will be provided.

 On the Saturday (28th) before RacketCon, we plan to hold a hackathon to work 
 on
 various Racket projects.

 Registration will open during the summer, and we will post a detailed
 schedule of events around the same time. The conference website is at

   http://con.racket-lang.org/

 Asumu Takikawa and PLT

 
   Racket Users list:
   http://lists.racket-lang.org/users
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] [racket] [ANN] RacketCon 2013: 29 September

2013-09-22 Thread Sam Tobin-Hochstadt
Things I really enjoy in Boston:

- The Museum of Fine Arts, right across the street from Northeastern
- The Freedom Trail, a self-guided walking tour of many historic Boston sights
  This goes through the North End, which is a nice place to walk
around all on its own.
- The Boston Harbor Islands (requires a ferry ride)
- The Rose Kennedy Greenway, if it's a nice day
- The Public Garden and Boston Common

More conventional touristy areas, which are all still nice:

- Newbury St, the main upscale shopping area, which also has some nice
places to eat
- the Aquarium
- Harvard Square

Sam, ex-Bostontonian

On Sun, Sep 22, 2013 at 11:30 AM, Eric Hanchrow eric.hanch...@gmail.com wrote:
 My wife and I will be in Boston a day early (Friday).  Does anyone
 have a must-see touristy suggestion for us?

 On Wed, May 8, 2013 at 8:49 AM, Asumu Takikawa as...@ccs.neu.edu wrote:
 RacketCon 2013
 --

 We are pleased to announce that (third RacketCon) will take place on
 September 29, 2013 at Northeastern University in Boston.  This year, we
 plan to bring in several speakers from industry, as well as host talks
 from Racket developers and users.

 Lunch will be provided.

 On the Saturday (28th) before RacketCon, we plan to hold a hackathon to work 
 on
 various Racket projects.

 Registration will open during the summer, and we will post a detailed
 schedule of events around the same time. The conference website is at

   http://con.racket-lang.org/

 Asumu Takikawa and PLT

 
   Racket Users list:
   http://lists.racket-lang.org/users
 
   Racket Users list:
   http://lists.racket-lang.org/users
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] [racket] [ANN] RacketCon 2013: 29 September

2013-09-22 Thread Greg Hendershott
+1 to all of Sam's suggestions.

I'd also add the waterfront as being a nice area (relatively new to
Boston). If you head to the water from Quincy Market, there's the
Aquarium. Then you can turn right and walk along the water through
Rowes Wharf and to the old rotating bridge that's pedestrian only.

From there you can turn left to go past the courthouse and Barking
Crab, and to the ICA. Or keep going straight to the area with the
Children's Museum and the Boston Tea Party museum. ;)




On Sun, Sep 22, 2013 at 11:41 AM, Sam Tobin-Hochstadt
sa...@cs.indiana.edu wrote:
 Things I really enjoy in Boston:

 - The Museum of Fine Arts, right across the street from Northeastern
 - The Freedom Trail, a self-guided walking tour of many historic Boston sights
   This goes through the North End, which is a nice place to walk
 around all on its own.
 - The Boston Harbor Islands (requires a ferry ride)
 - The Rose Kennedy Greenway, if it's a nice day
 - The Public Garden and Boston Common

 More conventional touristy areas, which are all still nice:

 - Newbury St, the main upscale shopping area, which also has some nice
 places to eat
 - the Aquarium
 - Harvard Square

 Sam, ex-Bostontonian

 On Sun, Sep 22, 2013 at 11:30 AM, Eric Hanchrow eric.hanch...@gmail.com 
 wrote:
 My wife and I will be in Boston a day early (Friday).  Does anyone
 have a must-see touristy suggestion for us?

 On Wed, May 8, 2013 at 8:49 AM, Asumu Takikawa as...@ccs.neu.edu wrote:
 RacketCon 2013
 --

 We are pleased to announce that (third RacketCon) will take place on
 September 29, 2013 at Northeastern University in Boston.  This year, we
 plan to bring in several speakers from industry, as well as host talks
 from Racket developers and users.

 Lunch will be provided.

 On the Saturday (28th) before RacketCon, we plan to hold a hackathon to 
 work on
 various Racket projects.

 Registration will open during the summer, and we will post a detailed
 schedule of events around the same time. The conference website is at

   http://con.racket-lang.org/

 Asumu Takikawa and PLT

 
   Racket Users list:
   http://lists.racket-lang.org/users
 
   Racket Users list:
   http://lists.racket-lang.org/users
 _
   Racket Developers list:
   http://lists.racket-lang.org/dev
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] [racket] [ANN] RacketCon 2013: 29 September

2013-09-22 Thread Greg Hendershott
p.s. The walk I described is mostly parallel to the Rose Kennedy
Greenway that Sam mentioned, just a block apart, so you could head out
one way and back the other.

On Sun, Sep 22, 2013 at 11:58 AM, Greg Hendershott
greghendersh...@gmail.com wrote:
 +1 to all of Sam's suggestions.

 I'd also add the waterfront as being a nice area (relatively new to
 Boston). If you head to the water from Quincy Market, there's the
 Aquarium. Then you can turn right and walk along the water through
 Rowes Wharf and to the old rotating bridge that's pedestrian only.

 From there you can turn left to go past the courthouse and Barking
 Crab, and to the ICA. Or keep going straight to the area with the
 Children's Museum and the Boston Tea Party museum. ;)




 On Sun, Sep 22, 2013 at 11:41 AM, Sam Tobin-Hochstadt
 sa...@cs.indiana.edu wrote:
 Things I really enjoy in Boston:

 - The Museum of Fine Arts, right across the street from Northeastern
 - The Freedom Trail, a self-guided walking tour of many historic Boston 
 sights
   This goes through the North End, which is a nice place to walk
 around all on its own.
 - The Boston Harbor Islands (requires a ferry ride)
 - The Rose Kennedy Greenway, if it's a nice day
 - The Public Garden and Boston Common

 More conventional touristy areas, which are all still nice:

 - Newbury St, the main upscale shopping area, which also has some nice
 places to eat
 - the Aquarium
 - Harvard Square

 Sam, ex-Bostontonian

 On Sun, Sep 22, 2013 at 11:30 AM, Eric Hanchrow eric.hanch...@gmail.com 
 wrote:
 My wife and I will be in Boston a day early (Friday).  Does anyone
 have a must-see touristy suggestion for us?

 On Wed, May 8, 2013 at 8:49 AM, Asumu Takikawa as...@ccs.neu.edu wrote:
 RacketCon 2013
 --

 We are pleased to announce that (third RacketCon) will take place on
 September 29, 2013 at Northeastern University in Boston.  This year, we
 plan to bring in several speakers from industry, as well as host talks
 from Racket developers and users.

 Lunch will be provided.

 On the Saturday (28th) before RacketCon, we plan to hold a hackathon to 
 work on
 various Racket projects.

 Registration will open during the summer, and we will post a detailed
 schedule of events around the same time. The conference website is at

   http://con.racket-lang.org/

 Asumu Takikawa and PLT

 
   Racket Users list:
   http://lists.racket-lang.org/users
 
   Racket Users list:
   http://lists.racket-lang.org/users
 _
   Racket Developers list:
   http://lists.racket-lang.org/dev
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


[racket-dev] DOS attack on planet?

2013-09-22 Thread Andrei Mikhailov
Sorry if I am rising a false alarm. I noticed that there is a massive
download of my package
called bystroTeX :
http://planet.racket-lang.org/display.ss?package=bystroTeX.pltowner=amkhlv
All the downloads are of the (old) version 1.6

What is going on?
Is it possible to figure out who downloads it?

Andrei
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] DOS attack on planet?

2013-09-22 Thread Robby Findler
I don't think that the planet server itself doesn't keep enough information
to say much about this, but the requests come via apache so there might be
more information in a log file at that level that Eli might be able to tell
us about.

I do see lots of requests coming in for packages, tho. In addition to
yours, dracula.plt fasttest.plt, drocaml.plt, and xmlrpc.plt seem to be
being continuously asked for.

Robby


On Sun, Sep 22, 2013 at 12:40 PM, Andrei Mikhailov a.mk...@gmail.comwrote:

 Sorry if I am rising a false alarm. I noticed that there is a massive
 download of my package
 called bystroTeX :
 http://planet.racket-lang.org/display.ss?package=bystroTeX.pltowner=amkhlv
 All the downloads are of the (old) version 1.6

 What is going on?
 Is it possible to figure out who downloads it?

 Andrei


 _
   Racket Developers list:
   http://lists.racket-lang.org/dev


_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] DOS attack on planet?

2013-09-22 Thread Eli Barzilay
I just looked into that, and it seems that there's something bad going
on with some machine at BYU which started yesterday.  (Ping: Jay.)

The offending traffic comes from fltr5.byu.edu, at a very high rate.
The new log file for the week had started at 2013-09-22 03:40 local
time (about 12.5 hours ago) with 92000 queries for this period, and
85% of this traffic (about 78k, about a 100 hits per second) is coming
from this BYU IP.  Looking back, it seems that it's something recent
that had started just yesterday, so whatever it is, it's new.  Most of
the traffic is basically a repeating loop of these 8 lines, shown below.

(I will restart the server now, in an attempt to get whatever it is
that causes this mess to crash.)

128.187.97.22 - - [22/Sep/2013:03:49:17 -0400] GET /servlets/pkg-info.ss 
HTTP/1.1 200 5650 - -
128.187.97.22 - - [22/Sep/2013:03:49:18 -0400] GET 
/servlets/planet-servlet.ss?lang=%225.90.0.9%22name=%22dracula.plt%22maj=1min-lo=0min-hi=%23fpath=%28%22cce%22%29
 HTTP/1.1 404 79 - -
128.187.97.22 - - [22/Sep/2013:03:49:18 -0400] GET 
/servlets/planet-servlet.ss?lang=%225.90.0.9%22name=%22dracula.plt%22maj=2min-lo=0min-hi=%23fpath=%28%22cce%22%29
 HTTP/1.1 404 79 - -
128.187.97.22 - - [22/Sep/2013:03:49:18 -0400] GET 
/servlets/planet-servlet.ss?lang=%225.90.0.9%22name=%22dracula.plt%22maj=5min-lo=0min-hi=%23fpath=%28%22cce%22%29
 HTTP/1.1 404 41 - -
128.187.97.22 - - [22/Sep/2013:03:49:18 -0400] GET 
/servlets/planet-servlet.ss?lang=%225.90.0.9%22name=%22drocaml.plt%22maj=1min-lo=0min-hi=%23fpath=%28%22abromfie%22%29
 HTTP/1.1 404 79 - -
128.187.97.22 - - [22/Sep/2013:03:49:18 -0400] GET 
/servlets/planet-servlet.ss?lang=%225.90.0.9%22name=%22fasttest.plt%22maj=1min-lo=0min-hi=%23fpath=%28%22cce%22%29
 HTTP/1.1 404 79 - -
128.187.97.22 - - [22/Sep/2013:03:49:19 -0400] GET 
/servlets/planet-servlet.ss?lang=%225.90.0.9%22name=%22xmlrpc.plt%22maj=3min-lo=0min-hi=%23fpath=%28%22schematics%22%29
 HTTP/1.1 404 79 - -
128.187.97.22 - - [22/Sep/2013:03:49:19 -0400] GET 
/servlets/planet-servlet.ss?lang=%225.90.0.9%22name=%22bystroTeX.plt%22maj=1min-lo=0min-hi=%23fpath=%28%22amkhlv%22%29
 HTTP/1.1 200 63508 - -




30 minutes ago, Robby Findler wrote:
 I don't think that the planet server itself doesn't keep enough
 information to say much about this, but the requests come via apache
 so there might be more information in a log file at that level that
 Eli might be able to tell us about.
 
 I do see lots of requests coming in for packages, tho. In addition
 to yours, dracula.plt fasttest.plt, drocaml.plt, and xmlrpc.plt seem
 to be being continuously asked for.
 
 Robby
 
 On Sun, Sep 22, 2013 at 12:40 PM, Andrei Mikhailov a.mk...@gmail.com wrote:
 
 Sorry if I am rising a false alarm. I noticed that there is a massive
 download of my package
 called bystroTeX : http://planet.racket-lang.org/display.ss?package=
 bystroTeX.pltowner=amkhlv
 All the downloads are of the (old) version 1.6

 What is going on?
 Is it possible to figure out who downloads it?

-- 
  ((lambda (x) (x x)) (lambda (x) (x x)))  Eli Barzilay:
http://barzilay.org/   Maze is Life!
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


[racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

2013-09-22 Thread Eli Barzilay
Update: bringing it down for a few minutes didn't help, and the
offending process continues its merciless traffic.  I've added a
temporary rule that effectively blacklists planet access from that IP
address.  (Apologies in case that's a shared machine.)  All I see now,
are failed attempts to get /servlets/pkg-info.ss (which are answered
with a 403 to that IP).

Can someone at BYU look into this?



20 minutes ago, Eli Barzilay wrote:
 I just looked into that, and it seems that there's something bad going
 on with some machine at BYU which started yesterday.  (Ping: Jay.)
 
 The offending traffic comes from fltr5.byu.edu, at a very high rate.
 The new log file for the week had started at 2013-09-22 03:40 local
 time (about 12.5 hours ago) with 92000 queries for this period, and
 85% of this traffic (about 78k, about a 100 hits per second) is coming
 from this BYU IP.  Looking back, it seems that it's something recent
 that had started just yesterday, so whatever it is, it's new.  Most of
 the traffic is basically a repeating loop of these 8 lines, shown below.
 
 (I will restart the server now, in an attempt to get whatever it is
 that causes this mess to crash.)

-- 
  ((lambda (x) (x x)) (lambda (x) (x x)))  Eli Barzilay:
http://barzilay.org/   Maze is Life!
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

2013-09-22 Thread Eli Barzilay
(Note that instead of the apache rule I now switched to a firewall
rule, so it won't even get 403 responses now.)


40 minutes ago, Eli Barzilay wrote:
 Update: bringing it down for a few minutes didn't help, and the
 offending process continues its merciless traffic.  I've added a
 temporary rule that effectively blacklists planet access from that IP
 address.  (Apologies in case that's a shared machine.)  All I see now,
 are failed attempts to get /servlets/pkg-info.ss (which are answered
 with a 403 to that IP).
 
 Can someone at BYU look into this?

-- 
  ((lambda (x) (x x)) (lambda (x) (x x)))  Eli Barzilay:
http://barzilay.org/   Maze is Life!
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

2013-09-22 Thread Jay McCarthy
Next time, feel free to follow the directions on
internal.racket-lang.org. Now that you've turn off its access, rather
than just logging in and killing it, I can't test and see what the
underlying problem was. Let me know when you have turn traffic back
on.

Jay

On Sun, Sep 22, 2013 at 3:26 PM, Eli Barzilay e...@barzilay.org wrote:
 (Note that instead of the apache rule I now switched to a firewall
 rule, so it won't even get 403 responses now.)


 40 minutes ago, Eli Barzilay wrote:
 Update: bringing it down for a few minutes didn't help, and the
 offending process continues its merciless traffic.  I've added a
 temporary rule that effectively blacklists planet access from that IP
 address.  (Apologies in case that's a shared machine.)  All I see now,
 are failed attempts to get /servlets/pkg-info.ss (which are answered
 with a 403 to that IP).

 Can someone at BYU look into this?

 --
   ((lambda (x) (x x)) (lambda (x) (x x)))  Eli Barzilay:
 http://barzilay.org/   Maze is Life!
 _
   Racket Developers list:
   http://lists.racket-lang.org/dev



-- 
Jay McCarthy j...@cs.byu.edu
Assistant Professor / Brigham Young University
http://faculty.cs.byu.edu/~jay

The glory of God is Intelligence - DC 93
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

2013-09-22 Thread Robby Findler
It is like he is trying to justify his existence while he is on his way out
the door which seems strange. IIUC, we cannot afford $80/90k or whatever it
was he costs anyway.

So I have no idea what to think about his message.

Robby


On Sun, Sep 22, 2013 at 5:34 PM, Jay McCarthy jay.mccar...@gmail.comwrote:

 Next time, feel free to follow the directions on
 internal.racket-lang.org. Now that you've turn off its access, rather
 than just logging in and killing it, I can't test and see what the
 underlying problem was. Let me know when you have turn traffic back
 on.

 Jay

 On Sun, Sep 22, 2013 at 3:26 PM, Eli Barzilay e...@barzilay.org wrote:
  (Note that instead of the apache rule I now switched to a firewall
  rule, so it won't even get 403 responses now.)
 
 
  40 minutes ago, Eli Barzilay wrote:
  Update: bringing it down for a few minutes didn't help, and the
  offending process continues its merciless traffic.  I've added a
  temporary rule that effectively blacklists planet access from that IP
  address.  (Apologies in case that's a shared machine.)  All I see now,
  are failed attempts to get /servlets/pkg-info.ss (which are answered
  with a 403 to that IP).
 
  Can someone at BYU look into this?
 
  --
((lambda (x) (x x)) (lambda (x) (x x)))  Eli Barzilay:
  http://barzilay.org/   Maze is Life!
  _
Racket Developers list:
http://lists.racket-lang.org/dev



 --
 Jay McCarthy j...@cs.byu.edu
 Assistant Professor / Brigham Young University
 http://faculty.cs.byu.edu/~jay

 The glory of God is Intelligence - DC 93
 _
   Racket Developers list:
   http://lists.racket-lang.org/dev

_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

2013-09-22 Thread Eli Barzilay
50 minutes ago, Jay McCarthy wrote:
 Next time, feel free to follow the directions on
 internal.racket-lang.org.

I have no practical way to know whether it's actually one of your
machines.  (I did check that it's not an IP that is in our DNS.)


 Now that you've turn off its access, rather than just logging in and
 killing it,

Nor do I know what it is that should be killed.  (And I will
certainly not going to ssh into your account and sniff around.)


 I can't test and see what the underlying problem was. Let me know
 when you have turn traffic back on.

It's back on now.

-- 
  ((lambda (x) (x x)) (lambda (x) (x x)))  Eli Barzilay:
http://barzilay.org/   Maze is Life!
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

2013-09-22 Thread Jay McCarthy
On Sun, Sep 22, 2013 at 5:31 PM, Eli Barzilay e...@barzilay.org wrote:
 50 minutes ago, Jay McCarthy wrote:
 Next time, feel free to follow the directions on
 internal.racket-lang.org.

 I have no practical way to know whether it's actually one of your
 machines.  (I did check that it's not an IP that is in our DNS.)


 Now that you've turn off its access, rather than just logging in and
 killing it,

 Nor do I know what it is that should be killed.  (And I will
 certainly not going to ssh into your account and sniff around.)

In retrospect, I guess it's not so obvious that the package server
contacts the old server regularly to build the compatibility version
packages.

 I can't test and see what the underlying problem was. Let me know
 when you have turn traffic back on.

 It's back on now.

Thanks... it looks like I'm still getting 403s though.

Jay

-- 
Jay McCarthy j...@cs.byu.edu
Assistant Professor / Brigham Young University
http://faculty.cs.byu.edu/~jay

The glory of God is Intelligence - DC 93
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

2013-09-22 Thread Eli Barzilay
A few minutes ago, Jay McCarthy wrote:
 
 In retrospect, I guess it's not so obvious that the package server
 contacts the old server regularly to build the compatibility version
 packages.

Is this the package server??  The IP I have for that is
128.187.105.226, which is different from the IP that caused the
traffic.  This is why I couldn't guess what causes the traffic, and
guessed some rogue experiment in indexing on some test machine.

In any case, if it is the package server through some other machine,
then it's best to change it so it comes from the actual server.


  It's back on now.
 
 Thanks... it looks like I'm still getting 403s though.

Ah, sorry -- I forgot to remove the apache rule too.  Should be
working now.

Also, since it's scanning the planet packages (at least looks like
that), and those really don't change that often, then it'll be much
better to do this scan much more infrequently -- like once every hour
or so rather than once every two seconds...

-- 
  ((lambda (x) (x x)) (lambda (x) (x x)))  Eli Barzilay:
http://barzilay.org/   Maze is Life!
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

2013-09-22 Thread Jay McCarthy
On Sun, Sep 22, 2013 at 6:53 PM, Eli Barzilay e...@barzilay.org wrote:
 A few minutes ago, Jay McCarthy wrote:

 In retrospect, I guess it's not so obvious that the package server
 contacts the old server regularly to build the compatibility version
 packages.

 Is this the package server??  The IP I have for that is
 128.187.105.226, which is different from the IP that caused the
 traffic.  This is why I couldn't guess what causes the traffic, and
 guessed some rogue experiment in indexing on some test machine.

 In any case, if it is the package server through some other machine,
 then it's best to change it so it comes from the actual server.

I don't know what's going on with that. It's in a VM, so maybe
something is fishy when traffic leaves it versus when it comes to it?

  It's back on now.

 Thanks... it looks like I'm still getting 403s though.

 Ah, sorry -- I forgot to remove the apache rule too.  Should be
 working now.

Yes, thanks.

 Also, since it's scanning the planet packages (at least looks like
 that), and those really don't change that often, then it'll be much
 better to do this scan much more infrequently -- like once every hour
 or so rather than once every two seconds...

It is supposed to do it weekly. I just turned it back on and did not
get an error, so I'm not sure what the problem was. (The 403 errors
totally filled the log, so I couldn't tell what the problem was
earlier in the day.) So, I'm not sure what the problem was.

Jay


 --
   ((lambda (x) (x x)) (lambda (x) (x x)))  Eli Barzilay:
 http://barzilay.org/   Maze is Life!



-- 
Jay McCarthy j...@cs.byu.edu
Assistant Professor / Brigham Young University
http://faculty.cs.byu.edu/~jay

The glory of God is Intelligence - DC 93
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

2013-09-22 Thread Eli Barzilay
Just now, Jay McCarthy wrote:
 On Sun, Sep 22, 2013 at 6:53 PM, Eli Barzilay e...@barzilay.org wrote:
 
  In any case, if it is the package server through some other
  machine, then it's best to change it so it comes from the actual
  server.
 
 I don't know what's going on with that. It's in a VM, so maybe
 something is fishy when traffic leaves it versus when it comes to
 it?

Ooh, that's pretty bad for a server.  Having an IP address that
doesn't resolve back to the IP name is nothing new these days, but
having traffic from the server come via a different IP address is
really not a good idea.  Think about dealing with some kind of an
external service, who would need to be aware of your traffic: having
it come from a different IP address is something that would make it
very hard.

It would be a good idea to ask the people who manage that if it's
possible to get the expected behavior.

(FWIW, it might be some result of a firewall or something like that
too.  In NEU, our public machines are all in a DMZ network so they're
not affected by such firewalling.  (But it does mean dealing with a
public machine -- for example, dealing with ssh dictionary attacks,
not having some kind of expected weaknesses exposed like PHP and
similar junkware, etc.))


 It is supposed to do it weekly. I just turned it back on and did not
 get an error, so I'm not sure what the problem was. (The 403 errors
 totally filled the log, so I couldn't tell what the problem was
 earlier in the day.) So, I'm not sure what the problem was.

I can tell you exactly when it happend -- the flood started with this
entry:

128.187.97.22 - - [21/Sep/2013:22:10:10 -0400] GET /servlets/pkg-info.ss 
HTTP/1.1 200 5650 - -

This was the first entry from that IP address for the whole week, so
it was probably the weekly run which then went bad.

-- 
  ((lambda (x) (x x)) (lambda (x) (x x)))  Eli Barzilay:
http://barzilay.org/   Maze is Life!
_
  Racket Developers list:
  http://lists.racket-lang.org/dev


Re: [racket-dev] Pinging BYU people!! (was: DOS attack on planet?)

2013-09-22 Thread Robby Findler
One last self-reply for future readers who may judge Eli more by this one
interaction than his body of work, let me also add that Eli has been a huge
part of whatever success we've had with Racket. He positive influence
cannot be overstated.

Sorry again for being a jerk, Eli.

Robby



On Sun, Sep 22, 2013 at 5:58 PM, Robby Findler
ro...@eecs.northwestern.eduwrote:

 Eli: I'm sorry. I (obviously) didn't mean to send this message publicly
 and it was also definitely sent in frustration (in lots of directions, not
 only yours).

 My apologies.

 Robby



 On Sun, Sep 22, 2013 at 5:44 PM, Robby Findler 
 ro...@eecs.northwestern.edu wrote:

 It is like he is trying to justify his existence while he is on his way
 out the door which seems strange. IIUC, we cannot afford $80/90k or
 whatever it was he costs anyway.

 So I have no idea what to think about his message.

 Robby


 On Sun, Sep 22, 2013 at 5:34 PM, Jay McCarthy jay.mccar...@gmail.comwrote:

 Next time, feel free to follow the directions on
 internal.racket-lang.org. Now that you've turn off its access, rather
 than just logging in and killing it, I can't test and see what the
 underlying problem was. Let me know when you have turn traffic back
 on.

 Jay

 On Sun, Sep 22, 2013 at 3:26 PM, Eli Barzilay e...@barzilay.org wrote:
  (Note that instead of the apache rule I now switched to a firewall
  rule, so it won't even get 403 responses now.)
 
 
  40 minutes ago, Eli Barzilay wrote:
  Update: bringing it down for a few minutes didn't help, and the
  offending process continues its merciless traffic.  I've added a
  temporary rule that effectively blacklists planet access from that IP
  address.  (Apologies in case that's a shared machine.)  All I see now,
  are failed attempts to get /servlets/pkg-info.ss (which are answered
  with a 403 to that IP).
 
  Can someone at BYU look into this?
 
  --
((lambda (x) (x x)) (lambda (x) (x x)))  Eli
 Barzilay:
  http://barzilay.org/   Maze is
 Life!
  _
Racket Developers list:
http://lists.racket-lang.org/dev



 --
 Jay McCarthy j...@cs.byu.edu
 Assistant Professor / Brigham Young University
 http://faculty.cs.byu.edu/~jay

 The glory of God is Intelligence - DC 93
 _
   Racket Developers list:
   http://lists.racket-lang.org/dev




_
  Racket Developers list:
  http://lists.racket-lang.org/dev