@abucci@anthony.buc.ci / @abucci@anthony.buc.ci Any interesting errors pop up in the server logs since the the flaw got fixed (unbounded receieveFile())? π€
@prologic@twtxt.net Have you been seeing any of my replies?
@prologic@twtxt.net I donβt know if this is new, but Iβm seeing:
Jul 25 16:01:17 buc yarnd[1921547]: time="2024-07-25T16:01:17Z" level=error msg="https://yarn.stigatle.no/user/stigatle/twtxt.txt: client.Do fail: Get \"https://yarn.stigatle.no/user/stigatle/twtxt.txt\": dial tcp 185.97.32.18:443: i/o timeout (Client.Timeout exceeded while awaiting headers)" error="Get \"https://yarn.stigatle.no/user/stigatle/twtxt.txt\": dial tcp 185.97.32.18:443: i/o timeout (Client.Timeout exceeded while awaiting headers)"
I no longer see twts from @stigatle@yarn.stigatle.no at all.
@stigatle@yarn.stigatle.no @prologic@twtxt.net testing 1 2 3 can either of you see this?
@abucci@anthony.buc.ci yeah I can see it :)
@stigatle@yarn.stigatle.no Sweet, thank you! Iβve been shooting myself in the foot over here and want to make sure the situation is getting fixed!
@abucci@anthony.buc.ci Seems to be okay now hmmm
@abucci@anthony.buc.ci Oh π€£ Well my IP is a known subnet and static, so if you need to know what it is, Email me π
Out of interest, are you able to block whole ASN(s)? I blocked the entirely of teh AWS and Facebook ASN(s) recently.
@prologic@twtxt.net @abucci@anthony.buc.ci my /tmp is fine now, no avatars there. I have to drive my daughter to a birthday party now, but I keep things running and Iβll check when I get back.
@stigatle@yarn.stigatle.no @prologic@twtxt.net my /tmp is also fine now! Thanks for your help @prologic@twtxt.net!
@stigatle@yarn.stigatle.no no problems π one problem solved at least π€£
Hey so.. i just got an email from my ISP saying they will terminate my service. Did i break something @abucci@anthony.buc.ci ?
@xuu For what reason?
he emailed my ISP about causing logging abuse. This is the only real ISP in my area, its gonna basically send me back to dialup.
@xuu wow, not cool.
We received the abuse report below regarding network abuse from the IP address indicated.
On researching I see that HTTPS (tcp 443) traffic is continuing and originating from you NAT IP address 100.64.x.x
This was further found to be originating from your firewall/router at 192.168.x.x (MAC D8:58:D7:x:x:x).
This abuse is continuing and constitues a violation of [ISP] Acceptable Use Policy and Terms of Service.
Please take action to identify the source of the abuse and prevent it from continuing.
Failure to stop the abuse may result in suspension or cancellation of service.Thank you,
Xuu has shutdown his pod now, probably to avoid losing connectivity.
FWIW Iβm still trying to find the the cause of the mult-GB avatars that both @stigatle@yarn.stigatle.no and @abucci@anthony.buc.ci βs pods were both teying yo download. The flaw has since been fixed in the code but Iβm still trying to investigate the source π€
Also FWIW this is all my fault for writing shitty vulnerable code π€£ So blame me! Iβm sorry π