Why you do this to TOR?

Standard

I’m not going to explain what TOR is, what it does or how it works, it’s great. But as any great idea, the stupid sub-humans will try to ruin it.

Let me explain. In the last couple of days this (my) website is being attacked (what are you looking for? there’s nothing to steal, and I’m not some all-mighty Internet persona) by some idiot using TOR network and trying to brute force the not-in user “test” so:

  • I’m not stupid to use basic and generic user names for administering my website, or my server.
  • You’re ruining it for other TOR users out there that might want to enter my website.

Why? Each time you fail to brute force (number of login attempts are limited) you block the exit node for 5 days. So if anyone else will try to log on using that exit node (In this case, The Calyx Institute exit node) they won’t be able too until the block is lifted. And I’m not going to manually lift it.

Also, it’s not really hacking, you’re just trying combination of password which I’ll probably won’t ever use, nor should anyone ever use (iddqd!) Here’s a tip, find a why to dump the database (I’m sure WordPress or my server are not 100% safe, nothing is) and try to decrypt the passwords using a good wordlist (or create one on your own), you won’t block anyone from using my website, or any other, using TOR network. But you might have to get a good computer, something with GTX 1060 should do the job for most passwords pretty fast. My password will take about 9 years with fast GPU (According to OnlineDomainTools)

So please, stop using TOR network and ruin its goodness with your filthy sub-human, non-capable-to-think, little brain.

For everyone else, please use strong passwords. iidqd isn’t strong.

Website is back! QNAP, you suck!

Standard

After five long days, my server and website are back and here’s what happened:

Saturday morning I’ve received an upgrade message from my machine which also runs the website among other things, the upgrade failed due to bad firmware and after an extremely long boot time (3 hours!) the device finally got online but with nothing on it. I’ve opened a ticket with QNAP asking for support and asking in their community forums for some tips.

Only after FOUR days, QNAP decided to answer me and I’ve spent about two and a half hours with one of their guys via TeamViewer, and we tried to install the firmware again, which failed with the same results of extremely long boot time and failure to get my RAID array, data and services.

Today was the last day before I had to restart everything, restore what I can from my backups, but that meant not everything would be available and go back to work. But then I got a different guy which clearly received better information about the bad firmware and he suggested to try an older firmware and see what happens. Lucky for me, it worked. After 5 minutes the device was back online with my raid and data. I had to reinstall some services and manually start others, but it work.

All that, because of a bad firmware, probably released without proper testing, but that’s not my issue with QNAP. It took them four days to even respond to my ticket, four, when they claim they’ll respond in 24 hours, even if we take Saturday and Sunday out, it still more then they claim.

This was my first and last QNAP device and I’m already moving everything to a new server and the QNAP will be thrown away to the garbage, where it should have been in the first place. Yes, A company can make mistakes and release some bad upgrades from time to time, but you can’t ignore costumer support and not even offer some “we’re checking the issue” answer to the support request, it’s unacceptable for any high tech company to take more then 12 hours to respond, and I can even understand the 24 hours. But 96 for the first response, that’s way too much.

I’ve learned some tricks from this experience, mostly on how to use ssh better and run very specific commands which can help me in the new server which is going to run CentOS. I knew how to work with ssh before, but not at this level.

I want to thanks everyone who followed my streams and being patient with me in the past few days. Thank you very much and keep the support running.

Follow me on

Twitch: http://twitch.tv/Lumisaur 

Twitter: komer83

Website: http://omerkatzir.com

And please support me via PayPal: 

thesilenttroubadour@icloud.com