Jump to content

SpaceDock.info (Mod Hosting Site)

VITAS

By VITAS
in KSP1 Mods Discussions

 Share

Recommended Posts

Stone Blue

Stone Blue

Posted
Posted

Has there been thought of excluding New Mods from the Recently Updated Mods? At least for the thumbnails on the (KSP) frontpage... Seems kind of redundant to have them in both... Plus this way, it would give recently updated mods more time near the top of the list...

Link to comment
Share on other sites
Torih

Torih

Posted
Posted

Hi, seem to be having a few difficulties download some mods via ckan which grab them from spacedock. The downloads are dying giving a 404 error. This has been happening on and off on a couple of mods for the last week or so, they started to work a few hours later though. However now its been over a day and still getting the 404 on several mods:

Currently Interstellar Extended, Near Future Construction, Near Future Electrical (both versions), Kerbal Konstructs are giving the 404

Link to comment
Share on other sites
tajampi

tajampi

Posted
Posted (edited)

Hey, could a Spacedock admin get a mod reuploaded without posting a new update? 

 

Uploaded EngineLighting to spacedock yesterday, It worked nicely for a while (I downloaded it from CKAN into a non-modding install), but it seems it got deleted. The changelog shows the update perfectly, but the file is not there!

Can confirm Torih issue, It's happening to other mods too, check Real Scale Boosters for example. 

Edited by tajampi
Link to comment
Share on other sites
jamesb6626

jamesb6626

Posted
Posted

It seems to be recent updates from almost all mods, for example if you try to download Interstellar Extended version 1.8.20 or below (from the Changelog tab) it downloads correctly, but any version after that gives an "Oops! This link appears to be broken" message (on Internet Explorer). KSP Mod Admin program can't download these from spacedock either (checked for Connected Living Space, Engine Lighting, Engineering Tech Tree, EVA Fuel and obviously Interstellar Extended). Perhaps all new updates are failing past a certain date.

Link to comment
Share on other sites
VITAS

VITAS

Posted
  • Author
Posted

i had problems with space running low on the london node. i cleared some space. it might be what cuased the hick ups.

when someone uploads a file its saved on the main server and then distrubuted to all nodes. If a node runs low on hd space it could cause issues within a specific geographical area.

Link to comment
Share on other sites
Mine_Turtle

Mine_Turtle

Posted
Posted
2 hours ago, VITAS said:

i had problems with space running low on the london node. i cleared some space. it might be what cuased the hick ups.

when someone uploads a file its saved on the main server and then distrubuted to all nodes. If a node runs low on hd space it could cause issues within a specific geographical area.

Looks like London node still has some problems. I get error 404 when I try to update some mods.

Link to comment
Share on other sites
VITAS

VITAS

Posted
  • Author
Posted

youre in fact using the london node and its disk was full again.

i again cleared some space dont know how long that will last (most nodes are computing nodes and come with only 64gb of hd)

ive to talk to darklight about only storing the newest versions on the small disk nodes.

 

Link to comment
Share on other sites
Mine_Turtle

Mine_Turtle

Posted
Posted
3 minutes ago, VITAS said:

youre in fact using the london node and its disk was full again.

i again cleared some space dont know how long that will last (most nodes are computing nodes and come with only 64gb of hd)

ive to talk to darklight about only storing the newest versions on the small disk nodes.

 

Updating is working now. Is it possible to use something like a cron script to remove old mod copies?

Link to comment
Share on other sites
VITAS

VITAS

Posted
  • Author
Posted

we have hooks that trigger if someone uploads a new file. i asked darklight to only keep the newest ver of a mod on the cdn and the rest on the larger machines. i also asked for an increase in diskspace but as far as i know were allready having the largest node types.

Link to comment
Share on other sites
DoctorDavinci

DoctorDavinci

Posted
Posted
On 2016-04-25 at 1:26 PM, VITAS said:

watching "Where to invade next" by Michael Moore while waiting for disk scan to finish and saw this:

germany.png

 

As a german i must say: pretty fun facts :D

 

p.s. youre allowed to like that but remember: dont mention the war! :P

 

This ^^^^^^^

Link to comment
Share on other sites
VITAS

VITAS

Posted
  • Author
Posted (edited)

I see it as important to inform you about the following:

Yesterday i was informed that our dev server was utilized to run a DOS attack against some chinese target.

@GenPage took the node down in time.

We dont know the level of access the attacker had so we bined everything that was on it (we have backups).

I take this incident very seriously since its the first time a server i admin got hacked.

Most Importantly:

The dev server didnt contain any userdata.

Edited by VITAS
Link to comment
Share on other sites
linuxgurugamer

linuxgurugamer

Posted
Posted
1 hour ago, VITAS said:

I see it as important to inform you about the following:

Yesterday i was informed that our dev server was utilized to run a DOS attack against some chinese target.

@GenPage took the node down in time.

We dont know the level of access the attacker had so we bined everything that was on it (we have backups).

I take this incident very seriously since its the first time a server i admin got hacked.

Most Importantly:

The dev server didnt contain any userdata.

Thank you for the notice.  I've PM'd you  about it

Link to comment
Share on other sites
Nils277

Nils277

Posted
Posted
3 hours ago, VITAS said:

I see it as important to inform you about the following:

Yesterday i was informed that our dev server was utilized to run a DOS attack against some chinese target.

@GenPage took the node down in time.

We dont know the level of access the attacker had so we bined everything that was on it (we have backups).

I take this incident very seriously since its the first time a server i admin got hacked.

Most Importantly:

The dev server didnt contain any userdata.

Thanks for the information!

Do you have a clue how the attacker was able to hijack the dev server? Are the other servers 'save'? Meaning, the vulnerability that allowed the attacker to access the dev server does not exist on them?

Link to comment
Share on other sites
TiktaalikDreaming

TiktaalikDreaming

Posted
Posted
6 hours ago, VITAS said:

I see it as important to inform you about the following:

Yesterday i was informed that our dev server was utilized to run a DOS attack against some chinese target.

@GenPage took the node down in time.

We dont know the level of access the attacker had so we bined everything that was on it (we have backups).

I take this incident very seriously since its the first time a server i admin got hacked.

Most Importantly:

The dev server didnt contain any userdata.

Thanks for the notification.

For my 2 cents pile-on for useless advice that I see starting up;

I hope you didn't totally bin the suspect system.  Normal best practice is isolate, stop, contain, but keep everything so you can analyze what went on.  That assumes a few capabilities though, like being able to keep the old hacked system isolated while building a replacement.

And, as usual, off-box logging is your friend.  :-)

 

Link to comment
Share on other sites
VITAS

VITAS

Posted
  • Author
Posted
  • The normal Server runs in production mode so it takes away most of the attack vectors on the sitecode itself.
  • I use a central Monitoring system for all servers.
  • All servers do sys updates and are firewalled.
  • Passwords in the db are hashed and salted
  • db backups are only stored on a backup server in a datacenter that isnt accesible from the internet and on a backup system at my home
  • communication between servers goes trough a vpn (in addition to the encryption services like rsync and db clustering use)
  • Not all nodes contain user data (only if they have to)
  • No user data is stored on dev machines (we use made up test data for that)
  • as few people as possible have root access and they all have to report the changes they make to me (and we discuss them in advance)
  • no animales are harmed during the hosting of this website :P

 

Link to comment
Share on other sites
TiktaalikDreaming

TiktaalikDreaming

Posted
Posted
21 minutes ago, VITAS said:
  • The normal Server runs in production mode so it takes away most of the attack vectors on the sitecode itself.
  • I use a central Monitoring system for all servers.
  • All servers do sys updates and are firewalled.
  • Passwords in the db are hashed and salted
  • db backups are only stored on a backup server in a datacenter that isnt accesible from the internet and on a backup system at my home
  • communication between servers goes trough a vpn (in addition to the encryption services like rsync and db clustering use)
  • Not all nodes contain user data (only if they have to)
  • No user data is stored on dev machines (we use made up test data for that)
  • as few people as possible have root access and they all have to report the changes they make to me (and we discuss them in advance)
  • no animales are harmed during the hosting of this website :P

 

I just want to take a moment to say that while a lot of this is solidly in the "should be doing, and we've all known it for decades" that many big websites don't follow these basic principles, and that Spacedock does.  In particular, the number of Government departments that don't, and financial software packages the don't, are simply amazing.  The number of unsalted or even unhashed password databases out there is staggering. 

And, also for the record, thinking you'll never get hacked, or that having been hacked means you're slack is plain wrong.  Everyone gets hacked, because you can't win all the time.  How you deal with it is what matters.  And Spacedock, aka @VITAS, @GenPage and co have responded really well.  Top notch work guys.  Especially with the animales.  :-)

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...