Topic: punres.org died ?
When I try http://www.punres.org I see the error:
Unable to fetch guest information. The table 'users' must contain an entry with id = 1 that represents anonymous users.? 
[no signature]
Re: punres.org died ?
Seems to be fixed now
Re: punres.org died ?
No, it isn't fixed. It's still giving that same error. What's going on?
Re: punres.org died ?
Mmm, because I was logged in!
Re: punres.org died ?
it's not working..true
Re: punres.org died ?
oh crap, now i wish i didnt sign out
Re: punres.org died ?
punres is victim of new user spam. It is surely done to prevent the anonymous user register to clean the database.
Re: punres.org died ?
punres wrote:
Since we had ~5500 "fake" users with 0 posts, I've now removed all users with 0 posts. Your account may therefor have been removed.
I apologize for the inconvenience
You could have been on of the ones that were deleted. Delete your cookies set by punres and try it. I can get in just fine.
Re: punres.org died ?
shinko_metsuo wrote:
punres wrote:Since we had ~5500 "fake" users with 0 posts, I've now removed all users with 0 posts. Your account may therefor have been removed.
I apologize for the inconvenience
You could have been on of the ones that were deleted. Delete your cookies set by punres and try it. I can get in just fine.
He accidentally deleted the Guest user as well 
Re: punres.org died ?
It's fixed now
Re: punres.org died ?
Any suggestions on how to prevent such DOS attacks? There's captcha of course and there's IP logging, but I just don't like any of them.
"Programming is like sex: one mistake and you have to support it for the rest of your life."
Re: punres.org died ?
If you want to have something that can be integrated in punBB (which means it has to be compatible with any system) then I guess there is no way around IP logging.
This still doesn't help much against DDOS attacks but then again - nothing helps against those.
To shut up your average script kiddie I guess it is OK to block requests that exceed a certain frequency.
Why don't you like IP logging?
The German PunBB Site:
PunBB-forum.de
PunBB-forum.de
14 2005-08-09 16:32 (edited by Frank H 2005-08-09 16:33)
Re: punres.org died ?
I suppose it's because IP's aren't foolproof in any way to rely on for security, and several legit users can have the same ip if they're using the same proxy...
The only thing I can think of is image verifier, or a textual one (but those are easier to get around through scripting) ...
Re: punres.org died ?
Frank H wrote:
I suppose it's because IP's aren't foolproof in any way to rely on for security,.
Yeah, sure.
I didn't say it would be 100% secure, but what else can you do?
Frank H wrote:
and several legit users can have the same ip if they're using the same proxy....
OK, but would they fire 200 requests a minute? All together?
Frank H wrote:
The only thing I can think of is image verifier, or a textual one (but those are easier to get around through scripting) ...
I thought this attack was caused by simple http requests, nothing with registration. In that cases images don't help...
After all, I think if you block requests from the same IP with more than X requests a minute (which means you can flush your IP collection quite often:) ) then it doesn't hurt and gives some extra security.
Of course there is always a way to hack a system. Always. The question is just how much effort one would take to attack a target...
I don't want to hurt anybody here but none of us runs cia.gov or whatever so I guess most of us will have to deal with those stupid little scriptkiddies, and their means are normally quite limited.
The German PunBB Site:
PunBB-forum.de
PunBB-forum.de
Re: punres.org died ?
I don't like any type of logging because it will require the addition of another database table. It might be possible to incorporate it into the online table. I'll have to have a look at it.
If we're talking about general HTTP DDoS, that has nothing to do with PunBB. Such attacks are dealt with on a much lower level.
"Programming is like sex: one mistake and you have to support it for the rest of your life."
- Connorhd
- Former PunBB Developer
- Offline
Re: punres.org died ?
i think limited registrations to 1 per IP per day or something would be very useful (there have been hundreds of thousands of fake users registered on mypunbb all with the same IP)
Re: punres.org died ?
It's on the list
"Programming is like sex: one mistake and you have to support it for the rest of your life."
20 2006-02-28 16:45 (edited by elbekko 2006-02-28 16:46)
- elbekko
- Senior Member
- Offline
Re: punres.org died ?
An error was encountered
File: /home/httpd/vhosts/punres.org/httpdocs/include/dblayer/mysql.php
Line: 58
PunBB reported: Unable to connect to MySQL server. MySQL reported: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (11)AND
An error was encountered
File: /home/httpd/vhosts/punres.org/httpdocs/include/dblayer/mysql.php
Line: 58
PunBB reported: Unable to connect to MySQL server. MySQL reported: Too many connectionsRe: punres.org died ?
Yeah it says i dont have permission to access this sever... lol...Are you trying to fix? Or just gonna shut the site down!
My PunRes Wiki Mods:
1.) Remove Post Icon in View Topic And in Index
2.) Bold Links In Header
[img]http://www.the-artbreak.com/forum/img/smilies/socom.png[/img]
1.) Remove Post Icon in View Topic And in Index
2.) Bold Links In Header
[img]http://www.the-artbreak.com/forum/img/smilies/socom.png[/img]
Re: punres.org died ?
wow.. I haven't noticed. I'll have to investigate.
Re: punres.org died ?
But I have got the next error:
Forbidden
You don't have permission to access / on this server.
Apache/2.0.51 (Fedora) Server at www.punres.org Port 80One cookie I had deleted: punres.
May be my account or IP is wrong?
What should I do?
Re: punres.org died ?
The cookie problem is old, it doesn't apply anymore 
The issue is with the forbidden thing, which has to be dealt with by the host
Re: punres.org died ?
And now it's back