Why people run
Remove the last 5 seconds of this movie and you'll know why people run:
http://www.stashmedia.tv/feed/Asylum_Propel.mov
http://www.stashmedia.tv/feed/Asylum_Propel.mov
Monday, March 26, 2007
Sunday, March 25, 2007
Attack details and new mirror
A couple of days ago a spammer posted a message into myspace.com, something like "Hey, I got a free Macbook today... Check out this site and you can win too..." and as source image he used a MacBook image I posted some months ago in my Blog.
In few hours this post spread into a lot of myspace.com accounts and I received more than a million of requests for my MacBook image (please note that I don't have a myspace account).
My hosting company was forced to shut down SQLabs.net web site for some hours (on Mar 22, 2007) while we tried to find out a solution to this huge issue.
To give you an idea of the traffic generated by this image, these are a portion of my statistics:
Date / Hits / Bytes Transferred
Mar 21, 2007 / 1094475 / 88.39 GB
Mar 22, 2007 / 883184 / 24.58 GB
Mar 23, 2007 / 1117560 / 222.21 MB
Mar 24, 2007 / 1654770 / 257.51 MB
We contacted the abuse department inside myspace.com and I think that they removed all the posts yesterday, in the meantime we tried several different kind of solutions, but the truth is that there isn't a definitive solution for this kind of attacks.
I found that for some strange reason the images I posted on my blog are always on top of Google Images (someone know a good reason?) so the first thing I did was to disallow google images to index my site, this involves editing the robots.txt file and adding something like this:
This helps reduce the traffic from about 90Gb to about 220MB.
Maybe when the requests for this image will decrease I'll activate the ModRewrite script so I'll be more protected from the "Image Theft" problem.
Like mail spam, this is a problem without a definitive solution so maybe in the future I could have the same exact issue or something worse. With that in mind, I decided to set up a mirror site for my main web site (I own also the sqlabs.com domain) using rsync and some tips from this article.
My hosting company is Pair Network and I use their services since 1999, I am quite sure that no one can beat their professionally and their reliability.
As a mirror hosting I choose Dreamhost because they offer Terabytes of bandwidth for an incredible low price.
I am really satisfy with my new mirror site and sometimes bad things force you to take the right decision.
My new mirror site is http://www.sqlabs.com and it is automatically synced every 10 minutes.
In few hours this post spread into a lot of myspace.com accounts and I received more than a million of requests for my MacBook image (please note that I don't have a myspace account).
My hosting company was forced to shut down SQLabs.net web site for some hours (on Mar 22, 2007) while we tried to find out a solution to this huge issue.
To give you an idea of the traffic generated by this image, these are a portion of my statistics:
Date / Hits / Bytes Transferred
Mar 21, 2007 / 1094475 / 88.39 GB
Mar 22, 2007 / 883184 / 24.58 GB
Mar 23, 2007 / 1117560 / 222.21 MB
Mar 24, 2007 / 1654770 / 257.51 MB
We contacted the abuse department inside myspace.com and I think that they removed all the posts yesterday, in the meantime we tried several different kind of solutions, but the truth is that there isn't a definitive solution for this kind of attacks.
I found that for some strange reason the images I posted on my blog are always on top of Google Images (someone know a good reason?) so the first thing I did was to disallow google images to index my site, this involves editing the robots.txt file and adding something like this:
User-agent: Googlebot-ImageThe second step I tried was to disallow serving my images outside my domain, this can be done using the .htaccess file:
Disallow: /
SetEnvIfNoCase Referer "^http://www\.sqlabs\.net/" local=1but this wasn't a good option because the overhead for each request was too high (and you have to count also the overhead due to the ModRewrite engine), so I found that the easiest and best temporary patch was simply to set the size of the requested image to just 1 byte.
SetEnvIfNoCase Referer "^http://www\.sqlabs\.net$" local=1
SetEnvIfNoCase Referer "^$" local=1
<Directory ".(gif|png|jpg)$">
Order Allow,Deny
Allow from env=local
</Directory>
This helps reduce the traffic from about 90Gb to about 220MB.
Maybe when the requests for this image will decrease I'll activate the ModRewrite script so I'll be more protected from the "Image Theft" problem.
Like mail spam, this is a problem without a definitive solution so maybe in the future I could have the same exact issue or something worse. With that in mind, I decided to set up a mirror site for my main web site (I own also the sqlabs.com domain) using rsync and some tips from this article.
My hosting company is Pair Network and I use their services since 1999, I am quite sure that no one can beat their professionally and their reliability.
As a mirror hosting I choose Dreamhost because they offer Terabytes of bandwidth for an incredible low price.
I am really satisfy with my new mirror site and sometimes bad things force you to take the right decision.
My new mirror site is http://www.sqlabs.com and it is automatically synced every 10 minutes.
Friday, March 23, 2007
Under attack
We are under a Dos attack, from a script created by a spammer that is spreading across myspace.com.
Myspace.com doesn't seems to be interested in solving the issue.
We are trying (with the precious help of my hosting company Pair Network) to solve the issue.
The bad news is that no one can be immune by this kind of attacks. I'll post more details in the future.
Maybe I should just sue myspace.com as a last option.
I hope that there will be no more downtime for this server.
Myspace.com doesn't seems to be interested in solving the issue.
We are trying (with the precious help of my hosting company Pair Network) to solve the issue.
The bad news is that no one can be immune by this kind of attacks. I'll post more details in the future.
Maybe I should just sue myspace.com as a last option.
I hope that there will be no more downtime for this server.
Tuesday, March 20, 2007
Special offer for SQLiteManager
SQLiteManager will be available for a special price at mupromo starting from March, 21. MuPromo is a special promotional site run by MacUpdate.
Don't miss this big offer!
Don't miss this big offer!
Thursday, March 15, 2007
Wednesday, March 07, 2007
REAL World
It is now official: REALWorld Speakers
I'll present a session about the REAL SQL Server: "This session will cover all the secrets behind REAL SQL Server: how it really works, the right way to use it and how to take advantage of its advanced features."
If you are interested in the server, don't miss it! But please, be patient with my not so perfect English ;-)
I'll present a session about the REAL SQL Server: "This session will cover all the secrets behind REAL SQL Server: how it really works, the right way to use it and how to take advantage of its advanced features."
If you are interested in the server, don't miss it! But please, be patient with my not so perfect English ;-)
Tuesday, March 06, 2007
SQLiteManager 2.6
I have just released SQLiteManager 2.6, this update is highly recommended because it fixes some important bugs.
This is a complete list of changes for the new release:
If I'll found some serious bug than I'll probably release a minor upgrade, otherwise the next version will be a major upgrade, a 3.0 version. I have some ideas about what to do for the new release, but I'd like to receive your advices and suggestions.
This is a complete list of changes for the new release:
- Added a check to catch RegEx exceptions
- Fixed a bug that prevents deletion of multiple rows from the Manage panel
- The popup list of recent databases is now sorted so that top items are the most recent
- Fields are now correctly cleared in the AlterTable window
- Fixed a problem that occurs when trying to attach databases with a different encoding
- Fixed a bug in the SQL panel
- Fixed a bug in the CREATE VIEW window
- Fixed a bug that occurs when multiple windows with different databases are opened
- A shortcut has been added in order to be able to add tables, views, triggers and so on
- Fixed a display issue with Windows
- Updated DoD ListBox
- Updated SQLite3ProfessionalPlugin
- Updated SQLite2ProfessionalPlugin
If I'll found some serious bug than I'll probably release a minor upgrade, otherwise the next version will be a major upgrade, a 3.0 version. I have some ideas about what to do for the new release, but I'd like to receive your advices and suggestions.
Thursday, March 01, 2007
It is 2.15AM...
It is 2.15 AM and I am not able to sleep... I am on my bed with my MacBook and in the morning I have to wake up at 7.45 AM.
I would like to run in the afternoon or just after noon. I wasn't unable to run while I was in Austin, maybe in May during the REAL World I'll not forget my running shoes :-) and I'll find out some attenders that will enjoy run with me...
I think that for about two more weeks for me 2.15 AM will continue to be 7.15 PM ... but no problem, I really like living at night... what I do not like is wake up early in the morning ;-)
I would like to run in the afternoon or just after noon. I wasn't unable to run while I was in Austin, maybe in May during the REAL World I'll not forget my running shoes :-) and I'll find out some attenders that will enjoy run with me...
I think that for about two more weeks for me 2.15 AM will continue to be 7.15 PM ... but no problem, I really like living at night... what I do not like is wake up early in the morning ;-)
