An OpenBSD legend falls

Contributed by dhartmei on 2004-11-23 from the stupidity-wins-again dept.

Carlos Andrade writes: www.metawire.org, as broken to the world here on undeadly has shut down to a large scale DoS attack on the servers. The message is posted on the site. Man this sucks, as some one who was really enjoying the concept of a free OpenBSD host for learning, I am really mad at what happend and at the stupidity of others.

Mike Baehr posted more details on misc@. I'm sorry to hear this.

(Comments are closed)

Comments

By James (151.203.210.126) on 2004-11-23 09:48

To whomever orchestrated the DoS: Weak, dude.
Comments
1. By James Carter (66.218.244.40) somedude@somenet.NET on 2004-11-23 19:35 http://www.opentorrent.org
  
  It's unforunate that someone decided to target a host that provided such a service to the public. However if you want to put a good spin on it, I myself did not know of this service. Perhaps others will now learn of the service due to this abuse.
  
  Just looking at the glass as half-full for a change. ;-)
  Comments
  1. By Siju Oommen George (61.11.47.244) on 2004-11-25 04:55
    
    Yes , very true! I also came to know about metawire now only! Should get an openBSD account there when it comes up :) My Homepage is presently on another OS and I wanted to change it to an OpenBSD one! All the best Metawire! Good Luck to you all great people :) !!
By Nikademus (217.136.40.125) on 2004-11-23 11:47

I hope metawire will get up better an thougher than before :) To whoever did the dos: you probably think you are the best, but you are just a plague rat.
By Anonymous Coward (64.229.141.127) on 2004-11-23 14:17

What losers, with no life! If they're going to DoS some site, why not be a little more constructive with those efforts and well, you get the idea... Metawire of all places, how freaking pathetic!
Comments
1. By Sean Brown (68.147.170.205) on 2004-11-23 15:04
  
  Exactly when is a DOS constructive?
  Comments
  1. By baldusi (24.232.81.8) on 2004-11-23 15:23
    
    I guess if you a backbone provider to yahoo or cnn and you offer some DDOS solution to them, then DOS attacks are kind of great.
  2. By Anonymous Coward (24.201.62.155) on 2004-11-25 19:42
    
    I think he meant, constructive as in using those efforts constructivly not doing another DDoS, which is simply destructive and immature most of the times.
By kris (66.236.9.30) on 2004-11-23 17:12

Metawire was a good idea, but what do you expect when you setup a server allowing people to do WHATEVER they want, and expect them to behave based on morals? I honestly saw this coming a long time ago. I had pointed out vulnerabilities to the server, but they gave me crap and called me names. Too bad we, as a whole, can not truly give to the people without having some sort of drawback.
Comments
1. By Mike Baehr (17.232.35.181) on 2004-11-23 17:21 http://metawire.org
  
  We set it up that way because people on the internet deserve to have a service around that gives them the freedom to do what they want. OpenBSD gave us the tools necessary to offer those freedoms while still remaining secure and operational.
  
  We didn't get burned by someone compromising our machine; we got burned by a raw flood of packets from some disgruntled teenager (we'll probably never know for sure who, or more importantly, why).
  
  In any case, we'll be back. I'm already engaged in negotiations with certain folks to have our server operational in a new location. It could happen today, it could happen in a few weeks, a few months. Who knows.
  
  We're strapped for cash, but that's always the case.
  
  We don't give up. We love what we do and we're going to keep on doing it, Cthulhu willing.
  Cheers,
  -- Mike (tehdely)
  Comments
  1. By Anonymous Coward (67.34.129.203) on 2004-11-23 17:55
    
    i'm new @ obsd and so i'm not very familiar with all its capabilities yet. but anyway this immediately made me wonder if pf gives the admin some ability to control/shape traffic by uid or gid? i think that would be incredibly useful to avoid crapflood situations like in this case.
    
    Comments
    
    By James (129.10.206.74) on 2004-11-23 18:15
    
    PF won't stop a full pipe.
    
    By Anonymous Coward (62.65.145.30) on 2004-11-23 18:15
    
    Yes, you can ratelimit outgoing packets, hence prevent your users from flooding external targets. But that's not what happened in this case. The DoS flood was incoming towards the shell server, not outgoing from it. When incoming packets hit your packet filter, your downstream bandwidth has already been wasted, nothing you can do to the packets will get that bandwidth back...
    
    Comments
    
    By Jona/BSD (80.58.34.107) none on 2004-11-23 21:38 none
    
    Correct... OpenBSD 3.6 introduced an interesting command tcpdrop(8) Greetings,
    
    Comments
    
    By Anonymous Coward (69.75.90.222) on 2004-11-24 11:40
    
    That doesn't do you a whole lot of good if they are using UDP or ICMP packets (which they should be using because TCP floods are just not going to be nearly as effective due to larger header size overhead and connection handshaking)
    
    Comments
    
    By jona/BSD (217.148.68.113) none on 2004-11-24 12:16 none
    
    Surely... UDP, ICMP, etc,etc... quote Markus Friedl about tcpdrop: "It allows you to terminate any TCP CONNECTION that connects to or originates from the local machine. You specify the connection, and tcpdrop tells the kernel to send out a TCP reset segment and remove the local state associated with this connection" http://www.onlamp.com/pub/a/bsd/2004/10/28/openbsd_3_6.html
    
    Comments
    
    By nomel (156.153.255.195) on 2004-11-24 21:23
    
    As shown in your link, trpdrop drops a connection...meaning the connection was made, using the bandwidth. Also, from the link, "The attack mentioned before can even lead to situations where closing the socket does not help (e.g., when the connection is in the FIN_WAIT2 state)." So, it is not a cure all.
    
    By Anonymous Coward (203.10.110.131) on 2004-11-24 12:37
    
    OpenBSD 3.6 introduced an interesting command tcpdrop(8)
    Right and what are you supposed to do about the more effective and favorite for this type of thing, UDP?
    You have control upstream? Great. And at what point upstream do you no longer have any control? ; )
    
    By Anonymous Coward (193.63.217.208) on 2004-11-24 15:25
    
    This is precisely why I would like to see it made compulsory for ISP's to perform egress filtering on their networks. If you can't spoof the source IP then this sort of DDoS becomes much more difficult without giving away exactly where you are and can thus have your connection terminated.
  2. By Anonymous Coward (69.197.92.181) on 2004-11-23 19:48
    
    You are missing the point. Giving unrestricted shells out is asking to be DoS attacked. You end up with tons of immature little IRC rats doing stupid shit to piss of other IRC rats, and eventually they piss off someone who controls alot of hacked windows machines, and decides to remove you from the internet.
    
    If you are operating a service like this, you should be clear with your host upfront that this could be an issue, and find a host willing to help block the attacks for you, instead of just cancelling your service.
    
    Comments
    
    By Anonymous Coward (17.232.35.153) on 2004-11-23 20:30
    
    Packeting someone off of IRC does not take a multiple terabyte flood. Whoever did this probably had a very good idea what they were doing.
    
    Comments
    
    By Anonymous Coward (69.197.92.181) on 2004-11-23 21:30
    
    Mulit-TB doesn't mean anything. I see a claim of 1 TB in an hour, which is over 2 Gb/sec. I don't believe this at all, as if your host can take 2 Gb/sec, they can deal with blocking a DoS attack upstream.
    
    Comments
    
    By kris (66.236.9.30) on 2004-11-23 23:18
    
    Its nice that they are (were) providing free shell access, but think about the greater cost here. Possibly lost job? Downtime? Possible investigations? This seems like more trouble than it is worth. Is this being done because you TRULY want people to have freedom, or is it for the respect and fame you can obtain.
    
    By Anonymous Coward (64.122.103.201) on 2004-11-23 23:47
    
    Yeah, this "Terabyte attack" sounds too fake to be true. I bet they are poor admins and one simply did "rm -rf /" oops.
    
    Comments
    
    By zerash (24.73.230.118) zerash@metawire.org on 2004-11-24 01:44 http://www.metawire.org/~zerash/
    
    You are an absolute genius. Congratulations.
    
    By RC (4.11.46.189) on 2004-11-24 08:03
    
    Of course it CAN be blocked upstream, but how much work do you think an ISP is willing to go through to support a non-paying customer, that is using up a large chunk of their bandwidth?
    
    No doubt it's a cheaper and easier solution to disconnect the non-paying customer.
    
    Comments
    
    By Anonymous Coward (69.197.92.181) on 2004-11-25 03:19
    
    Who says disconnecting them will stop the attack? Odds are pretty good the ISP has to filter it anyhow. And again, and ISP that can handle 2 Gbps deals with more DoS attacks than you think, and already has plans in place to deal with it when it occurs.
  3. By kris (66.236.9.30) on 2004-11-23 23:14
    
    Correct, but, what if your users are provoking others by evading irc bans, DoS'ing servers without you knowing, etc. I would keep a closer eye on your users.
    
    Comments
    
    By Enachioaie Alexandru (82.77.29.61) alexandru.e@gmail.com on 2004-11-24 18:28
    
    The IRC discussion is pointless. You can't possibly watch IRC activity for that many users. hell it would be retarded in the first place. plus irc wars are a fact of IRC to begin with, sometimes provoked, sometime unprovoked. either way, we had an IRC complaint form on our website, so if someone has issues they could have used that, not DoS us. Problem is stupidity and kiddiots, not our approach of the matter. We will be having a talk about IRC access though, this meaning not that we're going to disallow it, but that we may consider restrictions. Like I said details will be issued when available.
    
    Comments
    
    By Enachioaie Alexandru (82.77.29.61) alexandru.e@gmail.com on 2004-11-24 18:33
    
    Oh, and as for the "DoS was fake bit", I know it was a troll, but for anyone who think 227MB/s is not possible, you haven't been around very long or very uptodate with things on the internet lately. if it helps, have a look at the loss of bandwidth that root-servers.net and major global backbone lines sustained during codered and several other worm-like attacks. Sadly, we'reslowly getting to the point where there's more bad packets flying arount an occupying bandwith than legitimate surfing. And quoteing bash on that stab gadget, I wish someone invented the anti-kiddie bomb. long from that hapenning tho.
    
    Comments
    
    By Anonymous Coward (69.197.92.181) on 2004-11-25 03:22
    
    Nobody said its not possible, I said that any ISP that can handle that kind of traffic already deals with DoS attacks on a semi-regular basis, and would have no problems filtering it upstream from you.
    
    Comments
    
    By Enachioaie Alexandru (193.231.30.200) alexandru.e@gmail.com on 2004-11-25 06:05
    
    Problem stands in WHAT this upstream is, and of course how much actual bandwidth the ISP has access to.If you have a 200MB/s on an ISP line that can carry aroun 125MB/s packet filtering and DoS mitigation won't do you any good. You have to be able to have the bandwidth AND know what to do with it in order to be able to handle a large scale DDoS like this was. Otherwise you're just pissing in the wind my friend.
    
    Comments
    
    By Anonymous Coward (69.197.92.181) on 2004-11-25 18:14
    
    Your inability to read is astounding. ANYONE WHO CAN HANDLE 2Gbps CAN FILTER A DoS. How hard is this to understand? Even much smaller ISPs I've dealt with that couldn't handle that much traffic can quickly and easily block DoS attacks when they happen. For your figures to be correct, somewhere along the line there has to be an ISP that can handle that much traffic, there is no such thing as pushing 200MB/sec through a 125MB/sec pipe.
    
    Comments
    
    By knitti (217.232.117.227) on 2004-11-25 21:48
    
    You do realize there's no such thing as _the_ DOS attack. So it's all about type of traffic and source. The closer the DOS traffic (we're speaking of DDOS, don't we?) to legitimate traffic is, the harder the filtering. If you talk anything different than your standard pf ruleset, you're talking about big CPU and big mem requirement with 220MB/s, after all you want your legitimate traffic get through, don't you.
    
    Comments
    
    By Anonymous Coward (69.197.92.181) on 2004-11-26 18:03
    
    You have no idea what you are talking about. Go work for an ISP sometime, blocking a DoS is very simple, even a DDoS. A quick ACL change is all it takes. Legitimate traffic is very rarely caught up in this since legitimate traffic is almost all TCP, which is worthless for a DoS. 99% of the time you will see either ICMP or a single UDP port being used, its not hard to block at all.
    
    Comments
    
    By knitti (217.232.88.141) on 2004-11-28 19:42
    
    OK, point taken for most of (D)DoS traffic. However (my lame excuse ;) if I wanted to DDoS someone, I would make sure it resembles their traffic as good as it gets. (Easy for e.g. web traffic, think about slashdot effect. Although most slashdotted servers crash because of config issues)
    
    By Daniel Martini (212.184.120.194) on 2004-11-26 08:05
    
    Problem is:
    
    when you get the chance to filter it at your Network boundary, it has _already_ gone through the wires to you, and it _already_ has consumed your bandwidth. So you call your upstream provider to block this or that type of traffic. Then it will not reach you, but the traffic will _already_ have gone through the wires to your upstream provider, and it _already_ has consumed his bandwidth. So your upstream provider calls his upstream provider....
    
    hope you get the point.
    
    Comments
    
    By Anonymous Coward (69.197.92.181) on 2004-11-26 18:00
    
    Learn to read, please. I specifically said they ISP had to filter it. If this ISP can handle 2Gbps for him to know there's a "multi TB attack", then clearly they can block it. If they couldn't handle 2Gbps, then he wouldn't know how much traffic it is. This is the point I am making, he is making up bullshit to sound special.
By Anonymous Coward (64.122.103.201) on 2004-11-23 23:46

That proves that OpenBSD is no good for hosting, I believe that's what you get when you make poor decisions. Things like this doesn't happen with Windows Server 2003, it has protections against this, also, you should have spend more money on your router and network infrastructure.
Comments
1. By Anonymous Coward (17.232.35.180) on 2004-11-24 00:16
  
  What a shitty troll. He didn't even try. For shame :(
2. By Anonymous Coward (69.197.92.181) on 2004-11-24 00:42
  
  Damn man, that blew. Go read slashdot at -1 for a while and then try again.
3. By Anonymous Coward (67.34.129.203) on 2004-11-24 02:12
  
  r u 4 real? damn. maybe ur right. i gotta think about this. u wanna chat on irc? whats ur ip?
  Comments
  1. By Anonymous Coward (67.51.163.232) on 2004-11-24 05:20
    
    I know both of your IPs. Phear!
4. By brian (69.164.205.56) on 2004-11-24 05:20
  
  I didn't post the parent comment, however, can't you see that this is sarcasm. A joke. You take yourselves too seriously. However it was inciteful.
  Comments
  1. By Anonymous Coward (66.92.130.57) on 2004-11-24 07:07
    
    Yes, we know.
  2. By Anonymous Coward (68.50.4.145) on 2004-11-24 14:38
    
    "inciteful" - not a word "incite" - v. - to provoke and urge on "insightful" - adv. - showing or having insight Now, which of these were you trying to use while mangling the English language?
    
    Comments
    
    By Bdoserror (216.123.201.253) openbsdjournal@alienwaresucks.com on 2004-11-25 02:38
    
    I think it's pretty clear he was going for "inciteful" -- it did a good job of inciting people to respond, to flame, etc.
5. By aanriot (194.199.224.48) aanriot@atlantilde.com on 2004-11-24 08:29
  
  That's why Microsoft is using Akamai, isn't it ?
6. By Anonymous Coward (24.201.62.155) on 2004-11-25 02:40
  
  That's the most, inexperienced, unknowledgable reply I've ever read LOL, poor guy - I just hope you don't have a job making any type of decisions.
By Enachioaie Alexandru (193.231.30.200) alexandru.e@gmail.com on 2004-11-24 07:55 http://www.rs256.net

First of all I'd like to thank everyone who has supported us so far, and also the large ammount of people that have emailed us and put forward donations. It has really given me, zerash and the entire admin crew a feeling that we have indeed acomplished something.

Again, as the temp page says, the world if filled with morons and worse over ignorant people. That has been a fact long before since DARPA ever came into existence and this whole new world appeared.
However sad this event may have been to us, we have been aware that providing unrestricted IRC access might eventually bring upon us the wrath of IRC wars. Now, I am _not_ saying that's where it came from, because we will issue a small "press release" if you will when the incident has been dealt with. Rest assured this will not go without consequences and investigation.

Also, fear not, for the legend has not fallen. This is only one little impediment. We have had hard times before and we have gotten through, and the main reason for that is that we are an united team, we support eachother's actions and above all we show respect to all our users as well as dedication to the project. We are currently dealing on a new co-lo, which will be setup in a week and a half max, so we will be back kicking more than ever. There will be an administrative meeting this week in order to discuss any changes in policy and/or measures that need to be taken.

Again, everyone will be informed at the proper time.

Once more, thank you for supporting us, and we hope we will be as appreciated in the future to come.

Alex, aka riddler, Metawire.org Sr Administrator
Comments
1. By Anonymous Coward (213.118.35.44) on 2004-11-24 13:14
  
  How much bandwidth would you require?
  Comments
  1. By Enachioaie Alexandru (82.77.29.61) alexandru.e@gmail.com on 2004-11-24 18:22
    
    I'm not sure how I should answer that. Right now we are looking to get co-lo'ed with someone that can guarantee some decent bandwidth along with some form of DoS mitigation. It would not do much with large scale DDoS probably but it would surely help with smaller attacks we might encounter again. We can't really repeat the Hostdime story and jump from place to place continuously whenever a kiddie decides it's Packet Day Hysteria. I'm not sure if and on what terms anyone could offer this, but it is what we would ideally need. However if you have an offer to make, contact zerash@gmail.com as he is the on-site main administrator and he can further detaliate this for you.
By Not a coward! (66.110.114.5) on 2004-11-24 08:41

$ telnet metawire.org 22
Trying 66.194.41.10...
Connected to metawire.org.
Escape character is '^]'.
SSH-1.99-OpenSSH_3.5p1

Maybe Linux? FreeBSD?
Comments
1. By aanriot (194.199.224.49) aanriot@atlantilde.com on 2004-11-24 08:45
  
  May be a wrong banner ? :-)
2. By Enachioaie Alexandru (193.231.30.200) alexandru.e@gmail.com on 2004-11-24 09:36
  
  The temporary site resides on a dedicated server from a company I used to work. Server is running Redhat, and is in no way related to the project itself, simply a place that hosts the temporary site.
By Anonymous Coward (62.177.197.3) on 2004-11-24 08:49

what happend and at the stupidity of others
That's hilarious! Someone set us up the bomb!
Good thing the poster isn't one of those stupidity people, those are others.
By Anonymous Coward (144.136.82.153) on 2004-11-25 05:11

That S.O.B. who did the DDOS crossed the line. The F**ker has to pay.
By Ivo Jongejan (83.160.164.91) admin@jungleman.info on 2004-11-25 08:40 http://www.jungleman.info

I'm very sorry to hear this. I used my Metawire account a lot, and learned much. I'm owner (and admin) of another free shell account provider, running FreeBSD. My services are similar to Metawire.Org's and run in the same spirit: free information sharing. It has to be said I'm seriously doubting my server will remain free of this cowardly crap.

This f..... is just ruining it for everyone, probably being proud of himself in the process. If the f..... is ever found... Good luck Metawire, in remaining a free and outstanding service!

-Jungleman
By XianN (212.160.20.160) xiann[at]o2.pl on 2004-11-25 11:25

OK, i can understand people who wont do attack server in the mining take a root privilages or something like that. I dont say thats good, but it is understandly for me, because then kid cat say 'Oh, look at me! I was hacked [hacked_server.com/org...]'. But not DoS and most of all DDoS. Though that kind of attact monkey can turn on and this attack will be the same like that from human !! Everything what a can say to that loosers is: You are nothing at the time. Maybe when you will be more mature.

Greets for metawires admins and users. You are greet guys. And metawire is greet server too. Ok, i must go to school so i dont say anything else. But what can i say more? ;-)

PS: Sorry for my english. You know... This is not my national language - Im from Poland. But i hope you can understand what i writed and that is all what is importand for me:)))
Comments
1. By Anonymous Coward (81.196.96.197) on 2004-11-27 13:34
  
  OMFG, dude, not even my 9 year old bro's English is that bad... and I ain't from England, USA or whatever either...
By wd0 (200.247.170.4) wd0@openvms.com on 2004-11-25 16:31 www.openvms.com

HAHAHAHAHAHAHAHAHAHAHAHAAA Die Metawire they will erase my archives my account and they had not given to explanation none then die zerash sux =P
By blister (68.47.101.237) blister@gmail.com on 2004-11-28 17:18

Why did we create Metawire? Was it to gain fame and fortune for myself and Zerash? Hrrm, I wish. I'd certainly like some fame and fortune.

When zerash and I created metawire, it had been some time since I'd talked to him, our last project (brained) long since faded away. I was going to school in Florida, and just happened by chance to come across one of his websites. I posted a comment, and one thing led to another, and for the next month, him and I raced against the clock to release a secure shell provider the likes of which had never been seen. We didn't think we could ever be perfect, and we didn't think we would ever be 100% safe against every attack that ever came against us, but we hoped that through education and OpenBSD advocacy, we could prevent a large portion of the problems that could be coming our way.

We did this entirely as a labor of love for our community and for people who don't have access to a completely open BSD shell. And, for the most part, it has been a totally excellent success. It's a shame that we've been DoS'ed, but those are the breaks. We'll recover and move on.

And even if we get knocked down again, and don't recover, someone, somewhere will be inspired by our tale, and create a system to withstand all the problems we've been unable to avoid. The dream will live on.

It's not about me, it's not about zerash. It's certainly not about any one person. It's about an ideal. The belief that a computer isn't just a tool. The idea that the internet can host communities that don't have a huge signal to noise ratio as is evidenced in other communities *cough*kuro5hin*cough*. The idea that not everything needs to cost money to be quality.

I've read a lot of the comments here and have actually been offended personally by quite a few of them. For me, zerash, and a few of the other admins (riddler, tehdely, jordan, optix) who have spent countless hours dealing with issues that affect our users, to then be *trolled*, so to speak, by users that we've either had to ignore, or remove, for trying to abuse whatever good graces we've given them, is quite sad.

Stuff that you don't see behind the scenes include the crapflood of duplicate signups, the abuse of storage limits by users trying to create hundreds of accounts, people trying to use our system to evade IRC bans, using our systems to send SPAM. Things that we deal with, so that our other users don't have to. It's the old motto of, "Don't shit where you eat."

To my other admins, thanks for sticking around and dealing with the crap. I know, and understand, why we do this.

To everyone else, if you like our service, use it. If not, go elsewhere?

To my mom: HI IM TEH FAMOUS! LOLOMG!~
(just kidding)
Comments
1. By optix (81.242.201.153) awptickes@mac.com on 2004-11-28 17:38 metawire.org
  
  I second what my honerable friend blister stated.
  
  In addition i'd like to state that countless people have used, and enjoyed our service, but also there is always that handfull of individuals who sincerly beleive that they can do no wrong, and their actions are not in any way tracable to them. They get caught.
  
  But nothing makes me feel better than making a genuine difference in the why someone goes about their life, metawire makes this difference. This is why we are here, we are here for the users.
  
  We spread the spirit.
  
  Mad love to all.
  Comments
  1. By Alantai Firestar (212.248.245.241) Postmaster@firestar.tk on 2004-12-02 10:41
    
    It's horrifying to see such a rilliant service being put down like that, but IMO, a lot of us metawire users fail to appreciate or recognise the trials and tribulations of running the service. So for all the work of the admins, I say thankyou...
2. By orcinus (4.239.18.208) on 2004-12-14 15:03
  
  Thanx.... My first time reading about your service. A relative has been using it for quite sometime, and I just went to the site after it was down... but you, zerash and the other admins have to be admired. Don't lose sight, nor hope.
3. By sbr (66.11.172.61) sbr@gnook.org on 2005-04-01 00:25 http://gnook.org/~sbr/
  
  Not at all to take any steam out of the wonderful world of metawire which i used for over a year before i was able to get my own setup, i really enjoyed. But i recently set up a free OpenBSD shell provider. Nothing like metawire yet, currently only has a 100 users but im always trying to improve. I thought perhaps people interested in having OpenBSD access might want to check it out. I'm not really sure how this could be considered a plug as im not selling anything, most people try and keep free things a secret ;) I was wondering if people would be interested in an OpenBSD shell provider collaboration in order to share ideas, software etc. I am aware of the existence of www.shellsnet.org though this is primarily a linux based network, perhaps if more BSD providers were to join shellsnet.org the tides could be turned a little. There is of course http://metawire.org and My own site http://jiyu.gnook.org Currently that seems to be all that are operational, over the years there have been other OpenBSD providers but they all seem to have disappeared, we all remember the good days of hobbiton.org
4. By asid (104.219.21.94) ia2k@msn.com on 2016-11-13 09:15
  
  I remember this server. I spent many of days in the irc room as a kid. crenix and the rest of you guys use to help me when I was trying to learn to program a little having that free shell service was usefull...
  > Why did we create Metawire? Was it to gain fame and fortune for myself and Zerash? Hrrm, I wish. I'd certainly like some fame and fortune.
  >
  > When zerash and I created metawire, it had been some time since I'd talked to him, our last project (brained) long since faded away. I was going to school in Florida, and just happened by chance to come across one of his websites. I posted a comment, and one thing led to another, and for the next month, him and I raced against the clock to release a secure shell provider the likes of which had never been seen. We didn't think we could ever be perfect, and we didn't think we would ever be 100% safe against every attack that ever came against us, but we hoped that through education and OpenBSD advocacy, we could prevent a large portion of the problems that could be coming our way.
  >
  > We did this entirely as a labor of love for our community and for people who don't have access to a completely open BSD shell. And, for the most part, it has been a totally excellent success. It's a shame that we've been DoS'ed, but those are the breaks. We'll recover and move on.
  >
  > And even if we get knocked down again, and don't recover, someone, somewhere will be inspired by our tale, and create a system to withstand all the problems we've been unable to avoid. The dream will live on.
  >
  > It's not about me, it's not about zerash. It's certainly not about any one person. It's about an ideal. The belief that a computer isn't just a tool. The idea that the internet can host communities that don't have a huge signal to noise ratio as is evidenced in other communities *cough*kuro5hin*cough*. The idea that not everything needs to cost money to be quality.
  >
  > I've read a lot of the comments here and have actually been offended personally by quite a few of them. For me, zerash, and a few of the other admins (riddler, tehdely, jordan, optix) who have spent countless hours dealing with issues that affect our users, to then be *trolled*, so to speak, by users that we've either had to ignore, or remove, for trying to abuse whatever good graces we've given them, is quite sad.
  >
  > Stuff that you don't see behind the scenes include the crapflood of duplicate signups, the abuse of storage limits by users trying to create hundreds of accounts, people trying to use our system to evade IRC bans, using our systems to send SPAM. Things that we deal with, so that our other users don't have to. It's the old motto of, "Don't shit where you eat."
  >
  > To my other admins, thanks for sticking around and dealing with the crap. I know, and understand, why we do this.
  >
  > To everyone else, if you like our service, use it. If not, go elsewhere?
  >
  > To my mom: HI IM TEH FAMOUS! LOLOMG!~
  > (just kidding)

Latest Articles

Thu, Apr 18
- 05:05 Coming soon to a -current system near you: parallel raw IP input (0)
Wed, Apr 17
- 05:33 In -current, default write format for tar(1) changed to "pax" (7)
Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (13)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (2)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)
Sun, Mar 10
- 09:06 LibreSSL versions 3.8.3 and 3.9.0 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]