[sf-lug] Website itself and others hosted on BALUG.org's VM?

Al awsflug at sunnyside.com
Tue Dec 14 19:56:20 PST 2021 

I am not having that problem.
The one I have problems with is svlug.{com,org} which seems to have 
fallen off a cliff.  I think Rick has already given a postmortem on this.

{sf[-]?lug.{org,com,net},balug.org} however is the subject of automated 
testing from here (pings every 60 seconds, complicated analysis of NS 
etc. every 10 minutes), and although I see reboots occasionally, I 
haven't seen any access problems.

Here's a manual query over the AT&T Enterprise Network which is typical 
of the response I get (I threw linuxmafia in for comparison):

time wget sf-lug.org -O - |& wc
      89     607    5326

real    0m0.078s
user    0m0.004s
sys     0m0.004s

time wget balug.org -O - |& wc
     363    2063   19213

real    0m0.121s
user    0m0.008s
sys     0m0.000s

time wget linuxmafia.com -O - |& wc
     496    1836   41174

real    0m0.734s
user    0m0.008s
sys     0m0.000s

---------------------------------------------------------------------------------------------------------------------
Here is Comcast Business:

time wget sf-lug.org -O - |& wc
      89     606    5321

real    0m0.092s
user    0m0.000s
sys     0m0.004s

time wget balug.org -O - |& wc
     363    2064   19204

real    0m0.149s
user    0m0.000s
sys     0m0.004s

time wget linuxmafia.com -O - |& wc
     496    1835   41174

real    0m0.717s
user    0m0.000s
sys     0m0.004s

I saw the Java problem in Log4j but don't have any information on it 
except that it is reputedly serious.
I did get this posting since I'm on the Krebs mailing list:
https://krebsonsecurity.com/2021/12/microsoft-patch-tuesday-december-2021-edition/

It strikes me that one would have to expose this system to the outside 
world (which apparently many do) or already have a problem inside one's 
network, but I haven't looked into it.

On 12/14/2021 17:26, aaronco36 wrote:
> Anyone know what's happening with the unresponsiveness of 
> www.sf-lug.{com}{org} itself?
>
> Over the last day or so, have unsuccessfully attempted to reach both 
> the SF-LUG website, the BALUG website, and the BALUG 
> offered_wanted_hardware_etc webpage that Michael posted in the lower 
> half of [1] regarding the "Aruba Wi-Fi access points still being 
> available as free giveaways - while they last".
>
> And on a (hopefully) completely-unrelated subject, are the recent 
> announcements of this CVE-2021-44228 security flaw [2][3] in Apache's 
> Log4j (a.k.a. "Log4Shell"[4][5]) yet more dubious alerts -- as was 
> possibly/likely the reporting on the recent 'Malware on PyPI 
> repository' thread here[6] ??
>
> -A
>
> =========================================
> REFERENCES/EXCERPTS
> =========================================
> [1]http://linuxmafia.com/pipermail/sf-lug/2021q4/015476.html
> [2]https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
> [3]https://nvd.nist.gov/vuln/detail/CVE-2021-44228
> [4]https://techcrunch.com/2021/12/13/the-race-is-on-to-patch-log4shell-as-attacks-begin-to-rise/ 
>
> [5]https://www.zdnet.com/article/log4j-update-experts-say-log4shell-exploits-will-persist-for-months-if-not-years/ 
>
> [6]http://linuxmafia.com/pipermail/sf-lug/2021q4/015468.html
> =========================================
>
> aaronco36 at sdf.org
> ---
>
> _______________________________________________
> sf-lug mailing list
> sf-lug at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/sf-lug
> SF-LUG is at http://www.sf-lug.org/

More information about the sf-lug mailing list