Welcome, Guest. [ Log In ]
Question   v0.1 November 1998
Search KBase

Top 2 in this Area:
1. v0.1 November 1998
2. v0.2 December 1998

v0.1 November 1998
Table of Contents
0. Introduction.
1. Explanation of downtime and apology.
2. Steps taken to prevent further compromises.
3. Resumption of customer support at support@dreamhost.com
4. Counters being reset fixed.
5. New features of web panel. Request for suggestions@dreamhost.com. 
*6. IMPORTANT new methods of accessing ftp, telnet, and mail accounts.
7. We're number one! We're number one! 
8. Historic 1,000 customer reached!
9. Thank you thank you thank you.

0. Introduction

Hello All, 
	And welcome back to Dreamhost's monthly newsletter. What's that
you say? You don't remember receiving this before? Well there's a simple
explanation. This is the first one! We were going to start with the
December issue (1.0) but there was a lot of pressing explanations
necessary and announcements so we pre-empted that issue with a November
Beta-Issue. Please send any bug reports regarding this email to
suggestions@dreamhost.com.. thanks! Nyuk nyuk.

1. Explanation of Downtime and Apology

	As we're sure many of you noticed, jezebel, one of our dreamhost
servers, experienced what turned out to be approximately 6 hours of
downtime yesterday evening starting at around 5pm PST. Contrary to the
original report posted at the web admin panel
(https://secure.newdream.net/admin/ in case any of you have forgotten)
there was no breach of system security. What happened was that jezebel was
attacked with a DoS (Denial of Service) attack from an unknown
origination. Actually, since last Saturday, jezebel has been under a
constant "smurf" attack (see http://www.quadrunner.com/~c-huegen/smurf.cgi)
which we have reason to believe is retaliation for some act a user on
jezebel committed. Basically, somebody got the wrong person mad.
	We've been contacting the networks that the smurf attack was being
reflected off of, and have had some success in getting them to reconfigure
their routers to prevent being used as an intermediary for the attack.
However even as I write this two networks are still "smurfing" jezebel.
Jezebel was able to handle the attack effectively since Saturday, since we
already have security measures in place to defend against this sort of
strike (ICMP disabled etc..) However, Wednesday night the attacker user a
variation which began to overload our main router, bringing it almost to
the point of crashing. We had no choice but to disconnect jezebel as it
was the target of the attacks, or else possibly lose the entire network.
	Finally the attack subsided, we installed a ping firewall (sans
logging) and brought jezebel back up at around 11PM PST. The smurf attack
continues however, and any information anyone can provide leading to the
conviction of the perpetrator will be well-rewarded!

2. Steps taken to prevent further compromises.

	Apart from contacting the exploited networks being used as
intermediaries in the smurf attack, there is little we can do on our end
to stop the attack. Fortunately our bandwidth is enough and our machines
robust enough that they can handle to continous attack without much
degredation in performace.
	Really the best way to stop thse attacks is to not provoke them.
As mentioned before, we have good reason to believe that the attacks are
due to retaliation for some sort of IRC act originating from our servers.
We have been very lenient in the past towards allowing IRC bots on our
server. We are one of the few professional hosting companies that allow
them at all in fact. Unfortunately, we have decided to temporarily
disallow all irc bots from running on our server (eggdrop, bitchX, etc..)
effective immediately. This will have to stand until we have time to
review the current situation. You may still use irc from our server, just
no bots. We believe this will only affect at most 10 or so clients, and of
course it will have no consequence at all towards web serving.

3. Resumption of customer support at support@dreamhost.com

	Due to the huge volume of email received at support regarding the
downtime, we have been unable to respond to all requests. Hopefully most
questions will be answered by this message, including questions about
counters being reset and domains not showing up on the web panel. After
you receive this message all email sent to support@dreamhost.com will
again be responded to. So if you sent a message requiring an answer not
addressed here, we humbly ask that you resend it. 
	One other thing! We do try to post informational messages about
any network or server troubles we may be experiencing at the Announcements
area of the web panel, so it may be a good idea to check there before
sending email to support@dreamhost.com sometimes.

4. Counters fixed.

	Some of you have pointed out that your counters on your web page
were reset to 0. We keep daily backups of that data for just such an event
and have restored all counters to yesterday's value (so you only lose a
day's worth of hits). Note this only affects the graphical hit counters.
No data was lost for the detailed access stats (which are incidentally
available at http://www.yourdomai.com/stats).

5. New features of web panel. Request for suggestions@dreamhost.com. 

	We've added some new features to the web panel in case you haven't
been there recently. The Add New Services link is much better now, with a
simple wizard interface for adding, downgrading, and upgrading features on
your account. 
	Also, any login you have may now access the web panel, not just
your "main" account. They can all log in with the same username and
password they use for ftp/checking their mail. This includes even pop3 
accounts and extra ftp logins. Note that these users will only have access
to info they should have access to, and not necessarily be able to, say,
add email aliases for every domain you have under your account (only the
one they should have access to).
	You may notice now that some of your domains don't show up in the
"Detailed Stats" area. If this is the case, please email
support@dreamhost.com right away and let us know.. it means that the
domain isn't correctly associated with that user login in our database.
	Also, we're always looking for suggestions on how to improve our
web panel, hosting services, sense of humor.. whatever! We've set up
suggestions@dreamhost.com for you to email them to. Let us know what
we're doing right and what we're doing wrong too! Also, every month a
random user who submits a useful critique to us will be given a $50
account credit! (Submissions like "You guys rock!" will be appreciated but
not elligible for the prize.. please give insightful commentary!).

6. IMPORTANT new methods of accessing ftp, telnet, and mail accounts.

	Here's the really important news. Maybe we shouldn't have saved it
for last. I hope everyone reads this! We'll post in on the announcements
too. Starting in a week, dreamhost will stop supporting access at
dreamhost.com itself. You will have to start accessing your
ftp/telnet/pop3 accounts by contacting yourdomain.com instead. Many of
your were probably already doing this, but just in case some of you have
just been using "dreamhost.com" as your incoming mail server, you must
change it to your domain. Same username, password, just make sure it's
your domain.
	If you have a dreamhost.com subdomain (blah.dreamhost.com),
connect to that, not dreamhost.com. For new users who's domain is not up
yet, they will be able to temporarily ftp to their account and check their
pop3 email by connecting to theirmachinename.dreamhost.com (jezebel,
ellipsis, etc..) until their domain is up. The welcome email will tell you
what machine to use, and you can also see in the "Domain and Login
Management" area what machine your logins are on.
	If you have been using username@dreamhost.com as an email address,
now is the time to tell everyone to start using username@yourdomain.com or
username@yoursubdomain.dreamhost.com instead as we do not guarantee the
availability of that address after Thanksgiving. This INCLUDES possible
use in your email aliases.. if you have something forwarding to
username@dreamhost.com, just change it to be forwarding to username. If
you forget to do that, it's okay, we'll update it before any changes are
made. Most people shouldn't be using this address anyway.

7. We're number one! We're number one! 

	Hey, just want to say thank you to everyone who's voted for us at
webhostdir.com (through our web panel or not)! Why? Because we've been
voted top all-around Web Host for November! Let's see if we can keep it
going! (see http://www.webhostdir.com/webhostawards/)

8. Historic 1,000 customer reached!

	On Nov. 11th, 1998 the 1,000th Happy Dreamhost Customer signed up
making us very Happy Dreamhost Employees! We've been graphing our growth
and it has been exponential ever since our foundation a little over a year
ago. Our business continues to grow thanks to the referrals from people
like you.. the only people more important to us than potential customers
are our current ones!

9. Thank you thank you thank you.

	Thank you for taking the time to read all this, and we just want
to let you know we really appreciate your business, understanding, and

10. Surprise.. Dreamhosted site of the month!

	The first recipient of this soon-to-be-coveted award goes to
http://www.icepick.com/ "Cool and to the point" this site is a shining
example of the sort of useful innovation brought about by the web,
innovation impossible only a short five years ago.

	Submit your site hosted by dreamhost to be "Dreamhosted Site of
the Month" by emailing your url and why your site should be dreamhosted
site of the month to dhsotm@dreamhost.com by November 26th and maybe
you'll be featured on this newsletter next time.. in issue 1.0 (now with a
readership of over 1000!)

Last updated: Jan 27, 2001.