DDOS Suspension

I’m going to take a break from Disney posts to make note of something that happened early last week.  On Monday night, April 30th, I opened up Windows Live Writer to quickly post from Disney.  As I hit Publish, Live Writer told me that there was a problem publishing my post.  At first, I figured I did something wrong.  I loaded up my website and saw a terrifying message: Account Suspended.

My mind began to race.  My sites were down.  All of them.  TechyDad.com, TheAngelForever.com, FollowerHQ.com.  All down.  And not just down, but proclaiming to the world that we were suspended.  A quick call to my host later and our accounts were restored to full access with the explanation that a page on our sites had caused undue strain on the server.

Let’s put aside for a moment the suspension reaction… I’m dealing with them on how better to react.  In fact, a similar problem a couple of days ago resulted in my sites being taken down with an error message for a few minutes – a much better solution.

Back to the strain, though.  When I got back home, I loaded up the log files.  Now, a typical log file, for a single view of one page, will contain multiple entries.  After all, as you’re reading this, you’re likely seeing images, there are colors and text styling via CSS files, JavaScript files and more.  This is part of what I saw in B’s log file: - - [30/Apr/2012:13:21:03 -0400] "GET /2012/04/a-floral-splash-of-color/ HTTP/1.1" - - [30/Apr/2012:13:21:03 -0400] "GET /2012/04/dole-whip-cravings/ HTTP/1.1" - - [30/Apr/2012:13:21:03 -0400] "GET /2012/04/the-cupcake-club-book-giveaway/ HTTP/1.1" - - [30/Apr/2012:13:21:05 -0400] "GET /2012/02/falling-in-love-with-disney/ HTTP/1.1" - - [30/Apr/2012:13:21:03 -0400] "GET /2012/04/selecting-phone-sounds/ HTTP/1.1" - - [30/Apr/2012:13:21:04 -0400] "GET /2012/04/views-from-a-friends-birthday-party/ HTTP/1.1" - - [30/Apr/2012:13:21:06 -0400] "GET /2012/04/time-for-ubp-2012/ HTTP/1.1" - - [30/Apr/2012:13:21:06 -0400] "GET /2012/04/photo-gifts-for-mothers-day/ HTTP/1.1" - - [30/Apr/2012:13:21:05 -0400] "GET /2012/04/disney-natures-chimpanzee/ HTTP/1.1"

As you can see, these were requests for only the HTML code of the pages. No CSS, images, or JavaScript downloaded. Just repeated calls to pages on TheAngelForever.com.  Different IP addresses were used, but they all seemed to originate from Amazon Web Services in Dublin, Ireland.

So what happened?  I have two theories.  The first is that a content scraper was trying to pull all of B’s content via an Amazon Web Services hosted script.  Something went wrong and it made so many requests so quickly that it bombed the site out.  The second is that the person behind the script didn’t care about content and the rapid requests/site bombing was by design.  In this scenario, our mystery script runner isn’t a scraper, but instead launched a DDOS attack on TheAngelForever.com.

(Quick explanation for those who don’t know what a DDOS attack is.  A DDOS, or Distributed Denial of Service, attack is when a group of computers request so many services from a server that valid visitors can’t get through.  To use an analogy, imagine a restaurant that thrives on delivery orders.  Now suppose a group of people (thus "distributed") repeatedly call the restaurant’s phone and hang up.  If they do this often enough, valid would-be customers can’t get through (i.e. "denial of service").

Stopping a DDOS attack is tricky.  We can’t block the attacker because they are coming from so many IP addresses.  You can block a group of IP addresses (e.g. 46.137.*), but then you might be blocking a lot of valid users.

So how can we keep this from happening again?  There are some network tools that our hosting provider can employ, but not much B and I can do.  It might happen again tomorrow or it might never happen again at all.  So if you ever see that message again, just be patient (and perhaps tweet me) because the site will be back soon.

Touching Without Ever Meeting

Heart_WorldYou may or may not have heard, but Susan N (aka WhyMommy) passed away yesterday.  She had been battling inflammatory breast cancer.  This aggressive form of cancer doesn’t show up with the lump that other forms of breast cancer have.  She batted this cancer for years, but unfortunately lost her battle.  She left behind her husband and two young boys (4 and 6).

Thanks to the Internet, though, she has touched the hearts of people all over the world.  People who never met her, who only knew her through blog posts and Twitter updates, felt the pain of her passing.  When I got home yesterday, I saw a tweet about her passing and hugged B as she cried.

In a way, it’s weird to feel such sorrow over the death of someone we’ve never met.  Yet, this is the power of the Internet in general and social media in particular.  People can find other people with similar interests and/or situations no matter where those people may be.  Once those people find each other, they can converse, aid each other, or perhaps just be sounding boards.  In many different ways, they can touch people’s lives way beyond their physical reach.

Where we live, we don’t have too many close, face-to-face friends to talk to in person.  I can’t really head out to see "the guys" and discuss marriage, parenting, life, the Universe, and everything.  However, by simply opening up my favorite Twitter application, I can reach hundreds of dads and moms with questions ranging from the mundane to the vitally important.  I can share sorrows and joys and form friendships.  These friendships aren’t any less real because I’ve never greeted the person face to face.  In many ways, they are stronger since you know that, where ever you are, your friends are a smartphone or computer away.

So, while we mourn Susan/WhyMommy’s passing, let’s celebrate our friends and family online.  Consider this a great, big virtual hug to you, dear readers.  Now go pass it on to another online friend.

Disclaimer: The "Heart-World" image above is derived from two images on OpenClipArt.org: Heart Gloss 3 and Glossy Globe.

Stop SOPA, Prevent PIPA

StopSOPA_PostPerhaps you’ve heard that there’s a threat looming on the horizon.  A pair of dark clouds hanging over our favorite websites.  The dark clouds are called SOPA and PIPA.

If you haven’t heard about them, allow me to bring you up to speed.  You see, content providers are scared that their content is being copied online.  There are laws in place to deal with this, but they want more laws.  Tougher laws.

Under SOPA and PIPA, not only would copying copyrighted content be a crime, but linking to it would be a crime too.  It doesn’t even have to be you posting a link.  If you own a blog and a commenter leaves a link to a site that contains a copyrighted image, your blog can be shut down.  Not only that, but any ad network or Paypal accounts can be shut down too.

You might think that your site would be immune to this shut down because you would defend yourself in court or take down the offending link and/or content when you are notified about it.  However, the shut down provisions can take place BEFORE any court hearing.  Yes, you are guilty before being proven innocent.  After your site is taken down, then you can defend yourself against the charges and *maybe* get your site brought back online.  (Think of the “fun” that a malicious individual could have faking copyright infringement claims to take down blogs he/she doesn’t like.)

To imagine the effect of this, picture every blog having to police every link that they and their commenters post lest one lead to a site with a single infringing image.  Now, picture Twitter or Facebook having to do this.  Imagine Google needing to not only filter out Google+ but their normal search results as well.  After all, one of the links they index might have an image that someone else claims was wrongly posted.  Google and dozens of other Internet companies will need to make these decisions on the fly.  If they make one wrong move, you could say goodbye to services such as Twitter, Facebook, Pinterest, and YouTube.

Speaking of which, YouTube is always a source of entertainment: Animals acting cute, people acting out strange stunts, and kids singing pop songs.  Well, strike that last one.  If you post a video of your kid singing a copyrighted song, you could end up behind bars for 5 years.  You read that right.  Five years of jail-time for a YouTube posting.

Now, you may have heard that SOPA was killed.  When people heard the news, they began to celebrate.  This celebration was, sadly, premature.  SOPA hasn’t been killed or even shelved.  Instead, House Judiciary Committee Chairman Lamar Smith plans on continuing work on SOPA next month.  The claim is that this break is due to “Republican and Democratic retreats taking place over the next two weeks.”  Personally, though, I think this was a delay tactic to try to get the outcry to die down.  Even if it is killed, though, we will need to remain vigilant.  Legislators love taking controversial bills, breaking them apart into different pieces, and sneaking them in attached to other pieces of legislation (the more “must pass”, the better).

Lest you think that all of this will, at least, somehow stop piracy, it won’t.  The site takedown only keeps the domain name from pointing to the site.  If you know the IP Address, you can still get to the site.  This will hurt you and me as normal users won’t remember your site’s IP address.  Pirates, however, will still be able to connect to their destinations just fine.

Maybe you are wondering how the tech companies allowed these bills to get this far.  Simple: They were not only not consulted, but actively excluded from the discussions.  Only pro-SOPA companies were allowed in.  Meanwhile, during hearings, Congressfolk seemed to reveal in their ignorance of how the Internet worked.  They said that they aren’t “nerds” and that discussions of Internet security were a “waste of time.”  They ignored experts saying that this would break the Internet.  Apparently, not knowing how something works isn’t a barrier to passing a giant legislation package regulating it into oblivion.  Is it any wonder that the bill wound up so one-sided?

So what can you do?  Contact your state Senators and Representatives and tell them to vote NO on SOPA/PIPA.  Make your voice heard now or you might not be able to make your voice heard online later.  (This site is a useful tool to see where your Senators/Representatives stand on SOPA/PIPA.)

How To Find A Business Registration In Under A Minute

buildings_searchAs part of my stand against a serial cyber-harasser, I’ve been warning individuals and companies that she targets.  Her pattern, when it comes to companies, is to claim that her searches for business registrations came up blank.  She claims that this is proof that these companies are not licensed and, therefore, frauds.  These aren’t tiny companies, either, but some pretty big, even international, companies.

Her method appeared, to me, to be fatally flawed.  She was relying on the Better Business Bureau’s search tool.  The problem here is two-fold.  First of all, businesses don’t need to register with the BBB.  It’s voluntary.  Secondly, it isn’t a business license search.  It’s a business *review* search tool.  You can use this to find out if a business had complaints filed against it to the BBB, but you can’t use it to find every licensed business in the US.

As she claimed to be unable to find these registrations, I began to wonder.  Could I?  I pride myself on my Google-Fu and wondered just how long it would take me to find an organization’s business registration.  Once I was consistently able to find them, I figured I’d blog about my method.

For our examples, let’s take a few of the supposedly unregistered businesses: MomSelect, Bendon Publishing, and PictureIt Creations.  (I picked these at semi-random.  She’s targeted many more businesses than this.)

First, we need to visit the sites and find out in which state they are located.  Bendon’s Contact Us page mentions Ohio, PictureIt Creations’ contact number is in a 734 area code which is in Michigan.  MomSelect is a bit more complex as their web page mentions that they are part of BSM Media Inc.  Therefore, we should really look up BSM and not MomSelect.  BSM’s contact page lists Florida as their state.

Now that we have our states, we need to find each state’s business registration search website.  Luckily, I found a website called SecStates.com that listed all of the appropriate pages.  Some of them were outdated, though, so I tracked down the updated links and tested all of them.  Here’s the list:

Alabama Alaska Arizona Arkansas California
Colorado Connecticut Delaware District of Columbia Florida
Georgia Hawaii Idaho Illinois Indiana
Iowa Kansas Kentucky Louisiana Maine
Maryland Massachusetts Michigan Minnesota Mississippi
Missouri Montana Nebraska Nevada New Hampshire
New Jersey New Mexico New York North Carolina North Dakota
Ohio Oklahoma Oregon Pennsylvania Puerto Rico
Rhode Island South Carolina South Dakota Tennessee Texas
Utah Vermont Virginia Virgin Islands Washington
West Virginia Wisconsin Wyoming


NOTE: I couldn’t find a license search site for the District of Columbia or Virgin Islands. (EDIT: Thanks to usvirginislands and Sandra Foyt for finding the link for the US Virgin Islands.)

Now that we have the list, we just need to go to each state’s website to search for the businesses.  Let’s start with Bendon Publishing.  Searching gives two results: one (filed in 2001) that was canceled and a second (filed in 2003) that is active.  By the way, Bendon is listed as a “Foreign Corporation”.  At first, I thought this meant that they were based outside of the US.  However, all this means is that they are registered outside of Ohio.  (In this case, Delaware.)

Easy, right?  Let’s try PictureIt Creations now.  Searching Michigan’s database gives us this registration.  Ok, so we’re two for two now.  What about MomSelect / BSM Media?  Searching for “BSM Media” gives this result.  Three for three.

You can use this to find nearly any registered business in the United States.  Go ahead and give it a try.

Graphic derived from building and binocular clipart from OpenClipArt.org.

1 6 7 8 9 10 17