My VPS was migrated to new servers several weeks ago and my IP addresses changed. I have had a series of down times over the last several weeks, most of which have been related to finding yet another spot where I did not change the IP addresses to the new ones and caused some sort of instability. Having thought I had gotten them all, I found yesterday that I had not properly updated my records at Incapsula, a filtering and caching service I use for this blog and a few others. Now that is fixed. Hopefully, that is the end of it.
Posts tagged ‘IP’
I found out more about why the WordPress Bad Behavior plugin was blocking updating of my Feedburner RSS feed -- apprently, Google got a bunch of its IP addresses blacklisted in project Honeypot, which Bad Behavior uses as one source of spam data. Here is more:
This is caused by an architectural problem at Google, and will require Google to resolve the issue for the problem to go away permanently. The issue is that, in the case of FeedBurner, Google uses IP addresses which are shared by third parties using Google App Engine, some of which are spammers. The spammers quickly get Google’s IP address blacklisted all over the Internet, and suddenly FeedBurner stops working.
If you are impacted by this issue, you can whitelist the affected IP addresses or the FeedBurner user agent string, or disable Project Honey Pot. Be aware that doing any of these will increase the amount of spam you receive. You should also complain to Google, since this isn’t the first time this has happened, and they seem to have done absolutely nothing about it.
I have been using Amazon AWS servers for years to host large videos and to store backup files in their S3 service. But apparently their servers have also become the home of a lot of spammers and bots. I have been in the process of locking down the security of my climate blog, testing changes that I will then migrate here (Incapsula front end, Disqus comments, a package of improved wordpress security changes, and ZB Block to catch what still makes it through. I am not naive enough to think that I am safe from hackers, but I can at least be safe from stupid, lazy, or automated ones.
Anyway, I probably don't see a lot of the bots any more because they hit either Disqus or Incapsula. But a great number still get through, and if they are persistent they get banned. What amazed me was that of the first 22 IP's banned, 9 were on the Amazon AWS servers.
My sense is that this is one of those classic tragedy of the commons issues, which happens when valuable resources are essentially free. I had an idea years ago, that I still like, that charging a tenth of a cent to pass each sent email would shut spam down. You and I might spend five cents a day, but spammers would be hit with a $10,000 charge to email their 10 million name lists, which would kill their margins. Don't know if there is a similar approach one could take for bots.
This rental house has AT&T DSL. Never had DSL before, always use cable for broadband, but I am amazed at the problems it has caused. After a lot of investigations, it seems to shift my IP address frequently and near randomly, which tends to cause a frequent need to reboot the browser and drives services that try to increase security by tying one to an IP address absolutely bonkers.
What do corn farmers and Hollywood studios have in common? They both have an uncanny ability to force self-serving legislation through Congress. This week's bit of sucking up to Hollywood is the PROTECT IP act, currently under consideration in Congress:
An ideologically diverse group of 90 law professors has signed a letter opposing the PROTECT IP Act, the Hollywood-backed copyright enforcement/Internet blacklist legislation now working its way through Congress. The letter argues that its domain-blocking provisions amount to Internet censorship that is barred by the First Amendment.
Jointly authored by Mark Lemley, David Levine, and David Post, the letter is signed not only by prominent liberals like Larry Lessig and Yochai Benkler, but also by libertarians like Post and Glenn "Instapundit"Reynolds.
"The Act would allow courts to order any Internet service to stop recognizing [a] site even on a temporary restraining order... issued the same day the complaint is filed," they write. Such a restraining order, which they describe as "the equivalent of an Internet death penalty," raises serious constitutional questions.
The Supreme Court has held that it's unconstitutional to suppress speech without an "adversary proceeding." That is, a speaker must, at a minimum, be given the opportunity to tell his side of the story to a judge before his speech can be suppressed.
Yet under PIPA, a judge decides whether to block a domain after hearing only from the government. Overseas domain owners (and the speakers who might make use of their websites) aren't offered the opportunity to either participate in the legal process or appeal the decision after the fact. (Affected domain owners may file a separate lawsuit after the fact.) This, the professors say, "falls far short of what the Constitution requires before speech can be eliminated from public circulation."
Human ingenuity keeps finding more oil and gas but we are close to running out of IP addresses, at least in the old IPv4 system, which all of your are probably using right now. This does not mean the world will shut down - already, for example, all the computers in your home probably share a single IP address to the outside world, and for many of you that IP address is dynamically assigned by your Internet provider to further save addresses. Many web sites on the same server will share an IP address (which is actually a good reason not to used shared hosting, because if one of the other accounts on your server is a bad actor, your IP address can effectively get banned from sites and networks trying to ban that other person on your server).
However, a new system is in place, but as with many standards transitions the details are tricky. It will be interesting to see how this mostly free-market transition goes in comparison to government enforced transitions (e.g. television broadcast standards).
The following will probably just demonstrate my total ignorance of networking protocols, but I am not sure why IPv6 couldn't be written in a way that the extra bytes would just be ignored by IPv4 systems. It could be assumed that all IPv4 addresses of the form www.xxx.yyy.zzz map to www.xxx.yyy.zzz.000.000 in IPv6, but this may be wildly simplifying what is going on.
The reason I bring this us is because I have always thought the way black and white TV was transitioned to color was particularly clever. They could have broadcast color with three signals of Red, Green, and Blue levels, and then black and white TVs would have to be thrown out - they wouldn't show anything meaningful with that signal. Instead, though, they mapped color with a three part system of an absolute brightness signal for each pixel, plus two color signals. If you are familiar with Photoshop, when you choose a color, you can enter the color as three numbers R-G-B for the intensity of each color or as Hue-Saturation-Brightness. While not the same as the TV system, it is similar in that it has a pixel brightness component, plus to color components. (my memory is that in the TV system, it is brightness plus two colors and the third color -- blue, I think -- is arrived at by subtraction from the total brightness minus the two other colors.)
Here is the trick - the signal which was just the pixel brightness component is essentially identical to the old black and white TV signal -- after all, a black and white signal is just the relative brightness of each pixel. So they took a black and white signal and then added bandwidth so that there was more information if one had a color set. Both technologies, old and new, worked from the same signal.
I suppose the problem with this is that I am thinking of routers like telephones. Most folks know that if we dial more than 10 digits, the extras are just ignored. My guess is that routers are more finicky and precise than this, and they can't just ignore the fact the IP address they are getting are too long. But I still would imagine there could be a simple hardware hack to cheaply strip off the last part of a longer IP address so that older IPv4 infrastructure could still work in an IPv6 world. Or is this hopelessly misinformed and naive?
In a case that raises questions about online journalism and privacy rights, the U.S. Department of Justice sent a formal request to an independent news site ordering it to provide details of all reader visits on a certain day.
The grand jury subpoena also required the Philadelphia-based Indymedia.us Web site "not to disclose the existence of this request" unless authorized by the Justice Department, a gag order that presents an unusual quandary for any news organization...
The subpoena (PDF) from U.S. Attorney Tim Morrison in Indianapolis demanded "all IP traffic to and from www.indymedia.us" on June 25, 2008. It instructed Clair to "include IP addresses, times, and any other identifying information," including e-mail addresses, physical addresses, registered accounts, and Indymedia readers' Social Security Numbers, bank account numbers, credit card numbers, and so on.
Small Business Trends publishes weekly reviews of business-oriented web sites called "Power Blog Reviews". This week, they have a very nice review of Coyote Blog:
The Power of the Coyote Blog
is the straight-shooting way its author comes right out and says what
he means, without dancing around subjects. And the real-life business
experiences he conveys are eminently helpful, providing information it
is hard to get elsewhere.
Thats really generous, thanks!
Update: I deeply resent the suggestion of several of my "friends" that some other blogger must have been spoofing my IP address the week I got reviewed.
Good roundup over at the Knowlege Problem on regulation of Voice over IP (VOIP - basically telephone calls over broadband Internet).
The Federal Communications Commission declared today that a type of Internet telephony service offered by Vonage Holdings Corp. called DigitalVoice is not subject to traditional state public utility regulation.
The Commission also stated that other types of IP-enabled services, such as those offered by cable companies, that have basic characteristics similar to DigitalVoice would also not be subject to traditional state public utility regulation.
This may be good news. If it keeps regulation low and lets this new technology continue to innovate and find its way in the market, great. If it is just two bullies snarling over who gets to take my lunch money, then its not-so-good news.