Our web server is presently undergoing what is known as a “Slow and Low” denial of service attack.  In this type of attack someone initiates a large number of connections from sources which are very slow.  This limits our servers ability to finish a connection and so it eats up all available connections.  To counter this we’ve increased greatly the number of connections available but it still eats up a lot of memory forcing cached data out so the system must go to disk for most requests which slows things down.  Unfortunately our router decided to pick this time for a firmware upgrade and so traffic analyses is not available until the upgrade completes so we can’t readily identify and lock-out the source.

     If you wish to play the flash games in the Games section of our website, Ybbored.com, Defender-games.net, or any other flash site, now that Adobe has discontinued flash, you can do so with Firefox and an add-on plugin called “Flash Player 2022”.  This works pretty much with any OS that Firefox works with, including Linux.

      It took me nearly two hours to get everything back up after booting into the new kernels tonight.

     The issue revolves around some recently added ufw rules to improve security.  Even though I have explicit rules permitting machines that need to see each others portmapper (rpcbind) to do so, they aren’t working and when ufw is enabled, none of the machines can see each others portmap, this breaks nfs and nis.

     So I’ll have to do some further investigation as to why this is the case, but that was the cause of the long downtime.

     This affected all eskimo.com services including our Fediverse services.

     The existing web based terminal and console access is broken because the Guacamole installed requires some features not present in OpenSSL 3.1, so I will have to compile and install a newer version.  I hope to get this corrected later this evening.

     Tonight’s outage was not the result of a hardware or software error, rather the result of an operator error.  I had built a new kernel and had intended to try it on my workstation before deployment but I also had a window open on the main file server because that is where I store and distribute kernels from and also where I have the configuration files.  I went to reboot my workstation but was in the wrong terminal and rebooted the server instead.  And because I hadn’t shut the virtual machines on it down properly, it did not come up cleanly, in particular the kernel NFS server was snarled and restarting it did not correct, so a second reboot was necessary.

     We will be performing a kernel upgrade to 6.1.9 this Friday, not because there are any obvious issues for 6.1.7, operator errors aside, it has been very stable, but because I made an error and misconfigured it.  I’ve corrected this on the web server which is most sensitive to this but really need to fix it on all machines.  And since 6.1.9 does have some minor fixes might as well get that in place.

    I am most looking forward to the release of 6.2, because it has some fixes that largely recover the performance lost to the various security work-arounds for the Intel Skylake chips and two of our physical servers are based upon this architecture.

     I made an error when I configured the last kernel.  While 6.1.7 does appear to be stable AND it appears to have fixed the long standing NFS bug for which I enabled the extra debugging, I accidentally compiled it with premption which I do not want on a server as it adds additional context switching overhead and decreases overall efficiency.  Thus I am going to be making a new kernel at least for the web server tonight (which is most affected) and will be doing a kernel upgrade just to fix this on the rest of the servers next Friday.  In the meantime, things may at times get a little slow.

Fedora is messed beyond repair, going to have to re-install.  It will work kind of for non-graphical sessions, but I can’t get any display manager to work properly.

     We have changed the default PHP from version 7.4 to version 8.0 now.

     Everything from 5.6 to 8.2 is available, anything older than 8.0 is no longer receiving security updates so should be avoided IF POSSIBLE but some older applications may not work with 8.0.

     It is best to update those applications if possible, but if not you can use an .htaccess file to override the default PHP version.  See:

     https://www.eskimo.com/support/override-php-version/

     The Yacy search engine “https://yacy.eskimo.com/” is down at present.  Something is causing it to eat up all available memory and then die.  I have opened a trouble ticket after doing some preliminary troubleshooting and am waiting upon a response.

     I am going to have to reboot virtual private servers later this evening because iptables on the physical host is messed up, ufw reset isn’t working, and now I’ve locked myself out of the machine altogether.