SEO

Hello,

Ever since the post about the filing on Apr 21, my systems have been under
attack. It is coming from over 3000 ip addresses and has made it almost
impossible for people to download files from my ftp site. My site
averages 700MB-1GB daily. Since this mess started the downloads are now
about 20 MB. I limit the number of connections from an IP address. I am
seeing over 400 connection attempts per IP per 10 minutes. That combined
with various other attacks.

It is really annoying. The attacks on http are coming from various linux
browser/machines. Why are some linux zealots so... Some of us try to
provide support for all Linux/UNIX OS's. To attack us because we
support/assist others with SCO is really bad.

Why can't these imature people allow us to co-exist? I have had a few
emails asking me to lift the IP address ban because they need files from
my machines. Sadly, I may have to prevent ftp access from any dynamic IP
address because of these zealots.

It would be a lot easier to block and then allow IP addresses if SCO had
iptables for the OpenServer OS's. I use LKP for UnixWare 7.1.4. Sadly, I
maybe forced to stop access to my machines for the few people that still
keep their Open Source Packages on SCO OS's up to date, because, they can
not connect from the same IP addresses and these attacks are effecting
them as well. I guess the Linux Zealots are winning because they are
achiving what they want. Stopping people from accessing anything SCO. It
has been extremely difficult to work over the internet because all my
bandwidth is being exhausted by these attacks.

I understand why people post but that one post has caused me a ton of
greef. It some of the bad apples from the Linux Community would realize
they are doing more harm than good. What they are doing is showing how a
small minority really need to grow up and get a life.

I know this probably will not stop, the attacks but I really needed to
vent. I have support Linux since it's very first internet/usenet release.
So what these idiots are doing is showing the people that get things from
my sites for linux as well are being hindered. When I explain to the
people emailing me that it is coming from their own communitity, they are
really assamed. I am too. I really dislike any group that does not have
tolerence for others and their choices.

Thanks for listening,

--
Boyd Gerber <gerberb@zenez.com>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047

Boyd Lynn Gerber wrote:
> Hello,
>
> Ever since the post about the filing on Apr 21, my systems have been under
> attack. It is coming from over 3000 ip addresses and has made it almost
> impossible for people to download files from my ftp site. My site
> averages 700MB-1GB daily. Since this mess started the downloads are now
> about 20 MB. I limit the number of connections from an IP address. I am
> seeing over 400 connection attempts per IP per 10 minutes. That combined
> with various other attacks.
>
> It is really annoying. The attacks on http are coming from various linux
> browser/machines. Why are some linux zealots so... Some of us try to
> provide support for all Linux/UNIX OS's. To attack us because we
> support/assist others with SCO is really bad.
>
> Why can't these imature people allow us to co-exist? I have had a few
> emails asking me to lift the IP address ban because they need files from
> my machines. Sadly, I may have to prevent ftp access from any dynamic IP
> address because of these zealots.
>
> It would be a lot easier to block and then allow IP addresses if SCO had
> iptables for the OpenServer OS's. I use LKP for UnixWare 7.1.4. Sadly, I
> maybe forced to stop access to my machines for the few people that still
> keep their Open Source Packages on SCO OS's up to date, because, they can
> not connect from the same IP addresses and these attacks are effecting
> them as well. I guess the Linux Zealots are winning because they are
> achiving what they want. Stopping people from accessing anything SCO. It
> has been extremely difficult to work over the internet because all my
> bandwidth is being exhausted by these attacks.

Can you put up a Squid proxy in front of your website, on a Linux box or other
contemporary OS? I'd be happy to provide assistance in setting up such an
instance. I've also been successfully using VMware to run OpenServer, and you
could run the SCO OS in virtualization on a CentOS or RHEL host very easily.

And this is NOT, NOT, NOT! typical of Linux zealots.

> I understand why people post but that one post has caused me a ton of
> greef. It some of the bad apples from the Linux Community would realize
> they are doing more harm than good. What they are doing is showing how a
> small minority really need to grow up and get a life.
>
> I know this probably will not stop, the attacks but I really needed to
> vent. I have support Linux since it's very first internet/usenet release.
> So what these idiots are doing is showing the people that get things from
> my sites for linux as well are being hindered. When I explain to the
> people emailing me that it is coming from their own communitity, they are
> really assamed. I am too. I really dislike any group that does not have
> tolerence for others and their choices.
>
> Thanks for listening,

No problem. From the attack, it sounds like script kiddies. Can we be of
further assistance in tracking the weasels? Do you have useful logs we can
peruse for IP addresses near us, to help track the attacks back?

On Sat, 26 Apr 2008, Nico Kadel-Garcia wrote:
> Boyd Lynn Gerber wrote:
> > It is really annoying. The attacks on http are coming from various
> > linux browser/machines. Why are some linux zealots so... Some of us
> > try to provide support for all Linux/UNIX OS's. To attack us because
> > we support/assist others with SCO is really bad.

It is was coming from some of the same IP's that broke into my systems a
few years ago. I do not know if it is the same ones or not, because they
trashed 3 systems. They over wrote 650-750 GB with "DIE SCO DIE SCO DIE
SCO..."

> > It would be a lot easier to block and then allow IP addresses if SCO
> > had iptables for the OpenServer OS's. I use LKP for UnixWare 7.1.4.
> > Sadly, I maybe forced to stop access to my machines for the few people
> > that still keep their Open Source Packages on SCO OS's up to date,
> > because, they can not connect from the same IP addresses and these
> > attacks are effecting them as well. I guess the Linux Zealots are
> > winning because they are achiving what they want. Stopping people
> > from accessing anything SCO. It has been extremely difficult to work
> > over the internet because all my bandwidth is being exhausted by these
> > attacks.
>
> Can you put up a Squid proxy in front of your website, on a Linux box or
> other contemporary OS? I'd be happy to provide assistance in setting up
> such an instance. I've also been successfully using VMware to run
> OpenServer, and you could run the SCO OS in virtualization on a CentOS
> or RHEL host very easily.

I do have proxies for some things. My OS is openSUSE 10.3 for
virtualization. I also have a private Build Service. I am just upgrading
it to 0.9.1 released today.

> And this is NOT, NOT, NOT! typical of Linux zealots.

It is from what I have seen. I just finished moving my 900 GB ftp archive
to my OpenSUSE 10.3 box. My setup is as follows. 6 systems with various
Linux Distro's one each for development. 8 virtual Systems (OpenSUSE
factory, OpenServer 5.0.7, OpenServer 6, UnixWare 7.1.3, UnixWare 7.1.4,
FreeDBD, NetBSD, Test Linux Distro). 3 machines one for each SCO OS.
SlackWare, Fedora, CentOS, one of each of the Ubuntu, and 4 other linux
distro's. So yes I am already running things virtual-lized. I have my
own OpenSUSE BS. The are looing at changing the name. I do maintain a
few Open Source Software packages for Linux. I am a very active member of
the OpenSUSE community. So yes, I do know a bit about linux. I have been
using it since Linus first released it.

> > I understand why people post but that one post has caused me a ton of
> > greef. It some of the bad apples from the Linux Community would realize
> > they are doing more harm than good. What they are doing is showing how a
> > small minority really need to grow up and get a life.
> >
> > I know this probably will not stop, the attacks but I really needed to
> > vent. I have support Linux since it's very first internet/usenet release.
> > So what these idiots are doing is showing the people that get things from
> > my sites for linux as well are being hindered. When I explain to the
> > people emailing me that it is coming from their own communitity, they are
> > really assamed. I am too. I really dislike any group that does not have
> > tolerence for others and their choices.
>
> No problem. From the attack, it sounds like script kiddies. Can we be of
> further assistance in tracking the weasels? Do you have useful logs we can
> peruse for IP addresses near us, to help track the attacks back?

It is much more. They are using all bandwidth. It is crafted in such a
way allow just enough to flood and keep my bandwith tied up. Saddly, I
have had to suspend service to somethings at the momment. I have a lot of
it automated. Moving most things to where I have iptables has allowed
this, but the few people that use my machines for various Open Source
Software are getting really upset. My bandwidth is really being taken.
I have been forced to only allow 3 connections attempts per IP address per
minute for ftp. SSH access to my machines is only via ssh keys. I do not
allow any password logins. On the OS's that have IP tables, I use the
following where ethX is the externel interface.

iptables -A INPUT -p tcp --syn --dport 22 -i ethX -m recent --name
sshattack --set
iptables -A INPUT -m recent --name sshattack --rcheck --seconds 60
--hitcount 3 -j LOG --log-prefix 'SSH attack: '
iptables -A INPUT -m recent --name sshattack --rcheck --seconds 60
--hitcount 3 -j DROP

The above seems to get the script kiddies. It is interesting how they are
adapting their attack on my systems, based on my defenses and changing of
them.

If you look at my DNS records you can get an idea of what OS's are on what
IP address. Some machines are not available to the internet although I do
own the entire class C 198.60.105.0. I did have 2 other class C networks
but I allowed Xmission to take over them. I had at one time 3 class C
networks with OS's on each IP available to be used over the internet for
free. I now limit who has access for free.

I have 250 HD's with various OS's and versions that I switch in to support
the many UNIX and Linux OS's. I have online for use by request and
meeting certain standards.

So for final listing of what I have available. is as follows

2 BSDs (Virtualized)
6 Linux Distro's latest a machine each.
6 SCO machines with 2 each of OpenServer 6, OpenServer 5.0.7, UnixWare
7.1.4 (3 are virtualized)
4 other UNIXs

Virtualized OS's based on my customer needs. Saddly 3 MS machines with
no direct internet access from the outside all Natted. I keep 8-20
machine running daily for various development needs. Some machines
varry based on what people/customer needs/request for usuage.

You may say I am a big proponent of Open Source Software and it's usage.
I do have some of the users of the various OS's monitoring things. That
is why our current Black list is 8000 IP addresses, with dynamic IP's
being added/removed per Iptables where possible. I wish I had IP tables
for OpenServer 5.0.7 and OpenServer 6. I have not been able to get LKP to
work on OpenServer 6. I just do not have all the peices. I do host lxrun
ftp download. I just have not been able to get it to work with ipf to try
and simulate iptables. I really wish SCO would release LKP for OpenServer
6. Then this really would not be as big as an issue.

I just had to let off steam from the last 3 days of round the clock moving
tunning things.

Thanks,


--
Boyd Gerber <gerberb@zenez.com>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047

I would like to make it clear that, I hold nothing against linux and our
community. I do have a bone againest closed minded zealots of any kind.
I know that who ever is doing this is in the minority and is imature. I
want to appologize if I come across as anti linux or any other OS. I
believe all OS's have their place and use. Even MS although I personally
dislike a lot of the MS tatics. I know every group has it's bad apples.

I was really upset because of emails, with personal attacks and threats,
and what was happening to all my machines. All 12-20 machines have been
under attack. It is being done by someone/s that is/are extremely
experienced. They are changing based my defenses. The main purpose seems
to be to limit access to things and use my bandwidth. It has been against
all services. My ISP shows that traffice to/from the internet is pegged
at the limits both ways. All though today has been a bit lighter.

I know I should probably not ranted in public and I appologize. I wanted
to some how get the word out to be careful what you post as there are
people that use that information to do harm or distrube...

Since the post, I have been getting calls and hang-ups at all hours of the
day and night. I finally had to turn off my ringer. They are not so bad
during the day. It just is at night. I really did not have my phone
number any where, till it was posted in the documents.

I do not believe in coincedence. The attacks from many different methods
all started after the public records in the SCO case on 21 Apr 08 were
made publiclly availaable. The calls started wed. They are about every
10-20 minutes from 11:30 PM till 6:00 AM. I really do not believe this
just some random act.

So if I have in any way offended any one I apologize. I just really hate
people that do tolerate others. I am very pregajusted against
intolerence. I support any Linux/UNIX. I dislike MS, but I feel even
their OS has a place. Thanks to everyone that has given me support and
assistance. I want to thank all that have replied, both positive and
negative. I have learned a few things as well.

Thank you all.

--
Boyd Gerber <gerberb@zenez.com>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047

On Sun, 27 Apr 2008, Boyd Lynn Gerber wrote:
> So if I have in any way offended any one I apologize. I just really hate
> people that do tolerate others. I am very pregajusted against

should have been do not tolerate others.

> intolerence. I support any Linux/UNIX. I dislike MS, but I feel even
> their OS has a place. Thanks to everyone that has given me support and
> assistance. I want to thank all that have replied, both positive and
> negative. I have learned a few things as well.



--
Boyd Gerber <gerberb@zenez.com>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047

On Sun, 27 Apr 2008, Boyd Lynn Gerber wrote:

> I would like to make it clear that, I hold nothing against linux and our
> community. I do have a bone againest closed minded zealots of any kind.
> I know that who ever is doing this is in the minority and is imature. I
> want to appologize if I come across as anti linux or any other OS. I
> believe all OS's have their place and use. Even MS although I personally
> dislike a lot of the MS tatics. I know every group has it's bad apples.
>
> I was really upset because of emails, with personal attacks and threats,
> and what was happening to all my machines.
......

I think that you are right to be upset and I am appalled that someone
would target you for such abuse.