 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
As you know, I've been running MythTV on my server for many years. I also had quite the backlog of stuff recorded to watch, to the point that even with SD resolution (2GB/hr) my 1.5TB was often in danger of filling up. I was away in Germany on a consulting gig for a while, and when I came back I found that over 800 recordings had disappeared! I know there's an AutoExpire feature that deletes stuff when disk space runs low, but I think it got a little overzealous. It's not feasible for me to back up the video files, so I don't even try. They're gone for good. Yesterday I went to watch something and ALL my recordings were going. Not only that, but all of my schedules were gone, too, so it wasn't recording anything new. Long story short, the MythTV mailing list folks pointed out that AutoExpire could not have done this, and it was more likely my MythWeb interface was left unprotected, and some script kiddie had some fun deleting it all. And they were right. After some update my .htaccess file disappeared, and I never noticed I didn't need a password anymore. I found two IP addresses owned by Deutsche Telekom that were hitting my MythWeb interface, I found an Abuse page on their WHOIS, but I dont expect any satisfaction. Damnit. I do pretty well as a SysAdmin, given the amazing amount of stuff running on my server, and that I'm really a Software Engineer and not IT, but every now and then I get bit by a screwup. To be fair, this is the third time in about 15 years that I got attacked, and the last two were very limited attacks. Only the first time did my server get truly pwned, and that was 15 years ago. So I guess my track record is better than the White House's. The upsides: - My backups worked perfectly. I have daily snapshots of my databases, file listings, etc. that I used to restore my schedules (but not my recordings). I was also able to find and restore the htdigest file. - I learned a lot, and very quickly, about the MythTV database schema - I now have many hours of disk space. - I know there's extremely low possibility of other damage or traps I haven't found yet. This wasn't a security flaw in the software I need to get someone to fix, this was PEBCAK.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
