Saabscene Saab Forum - Saab Technical Information Resource banner
Status
Not open for further replies.
1 - 20 of 28 Posts

·
Registered
Joined
·
413 Posts
Discussion Starter · #1 ·
After all the recent troubles I am pleased to see Saabscene back, however it is so slow as to be unusable. It takes 40 seconds for a page to open.

Although I was already logged on today I could not post new messages or reply to messages. I logged off then on; took about 5 minutes to do that.

I hope you can get it sorted ........
Bets regards,

Harvey L
 

·
Registered
Joined
·
413 Posts
Discussion Starter · #3 ·
Cache is cleared.
I am one of those who was affected by the apparent blocking of AOL & NTL users prior to the upgrade.

Whether that has any relevance to the current situation I don't know but I would be pleased for any of the Saabscene admin to pick this up and resolve it.

I have no problems with anything other than Saabscene. It ain't me.

Thanks in advance,

Harvey
 

·
Registered
Joined
·
413 Posts
Discussion Starter · #6 ·
[ QUOTE ]
Harvey - can you let me know if things have improved, please.

[/ QUOTE ]

Not arf: thanks; well, it's a bit too fast now .........

What caused it if that's not a secret?

Harvey
 

·
Premium Member
Joined
·
854 Posts
[ QUOTE ]
[ QUOTE ]
Harvey - can you let me know if things have improved, please.

[/ QUOTE ]

Not arf: thanks; well, it's a bit too fast now .........

What caused it if that's not a secret?

[/ QUOTE ]

No secret, but it needs some explanation so as to dispel the nonsense that some have said on this issue.

It was still an IP address issue.

A security precaution of the server is to automatically block any IP address that tries to get past security on the server. This is an automatic process which is there to safeguard the server. As a result of people on NTL and AOL services attempting to breach security, the server locked out those IP addresses. Unfortunately, NTL and AOL use proxy servers meaning that many users are listed as coming from one address. If someone on your ISP attempts (and fails!) to breach the security, then they spoil it for innocent people such as yourself.
 

·
Registered
Joined
·
8,216 Posts
Admin, if this automatic process is built into the forum, there are ways to get the IP address of the client rather than its gateway in PHP. I can't remember the details offhand but I have implemented this on my own web site and can give you the details if you wish. If it is not built into the forum, then given the above, it is obviously possible to determine the client IP address even if the communication is via a gateway so you or the server administrator should be able to incorporate this into whatever security measure is in place to ensure that only the perpetrators are kept out, not everyone who shares the same ISP.

AOL in particular encompasses a significant proportion of Internet users. A few of my good friends and fellow Saab enthusiasts are AOL customers. It is bad enough that they would now have problems registering with Saabscene if they weren't already members (in fact one had to give a relative's e-mail address while registering) but to have ongoing problems in accessing the site just because of their choice of ISP would leave me wondering why they would bother at all, given that there are other Saab sites that they are free to register on and access.

Given my other post about the software upgrade, I should point out that this is just constructive criticism. If you wish to deal effectively with abuse of the forum by users of certain ISPs without adversely affecting innocent users of those ISPs then there are ways to do it. If not, then again it's your forum, provided free of charge, and you are free to run it however you wish.
 

·
Registered
Joined
·
14,305 Posts
Bill, I'm sure we're all sorry that genuine users are having a problem, but it seems somewhat unbalanced to criticise the measures taken to try to solve the abuse problem and not criticise those few who are spoiling it for the many...
 

·
Registered
Joined
·
413 Posts
Discussion Starter · #10 ·
As I started this thread, I have to come back and comment, although I don't want to make a 'saga' of it.
I have been a Saabscene member for five years. I have been using AOL for nearly as long. I have never had any problems worth squeeking about, with either. I joined Saabscene after seeing it mentioned on the Saabec-list all those years ago and have gained a lot from it, and hopefully given a bit back when I have been able.

I hope this recent problem is a 'one off'and thank 'Administrator' for the quick response once alerted to it.

I can't see that Bill's comments were critical in any way other than being constructive and if what he suggests would prevent this ever happening again ( I have no idea; it's all way over my head ) I can't see a problem with mentioning it ..
That's all ........

Harvey
 

·
Registered
Joined
·
8,216 Posts
Mark, I take it as read that any Internet resource is likely to be subject to abuse and needs to be secured against that abuse. I didn't feel it necessary in this case to make a special point about abusers as it would have been stating the obvious - some people abuse Internet resources and I think that is bad.

My point was that there are ways of narrowing the effects of a security system to keep out the guilty while minimising any adverse effects on the innocent. The IP address of a client connecting through a gateway will always be known to the server, otherwise they cannot receive any data from the server. On top of that, for AOL in particular, I believe their dynamic IP allocation is such that any customer connecting often enough, even if they are using dial-up, will usually be allocated the same IP address repeatedly over quite a long period.

I'm not a security expert but do know enough to know that such broad measures are rarely necessary. I only spoke up about this because as I say, I have friends using AOL who have had problems with Saabscene, one of whom has asked for advice to resolve the issue but has received no reply, and others who, I believe, have just gone to other Saab boards instead to avoid any hassle.

Abuse of a system one is administering can be infuriating - believe me, I know, having run online systems myself since the early '90s - but sometimes the measures taken to stop the abuse can themselves cause the sort of disruption the abusers may be seeking to cause.
 

·
Registered
Joined
·
1,411 Posts
[ QUOTE ]
. The IP address of a client connecting through a gateway will always be known to the server, otherwise they cannot receive any data from the server.


[/ QUOTE ]

I'm afraid not. For instance, I'm behind a gateway (my DSL modem) and I know you can't use my address for sending data to me because it's in one of the private ranges (192.168.0.x, in my case).

You can find my gateway address, but there are several machines behind that. The gateway knows where to send any reply from the server because of the port used for the traffic.


[ QUOTE ]

On top of that, for AOL in particular, I believe their dynamic IP allocation is such that any customer connecting often enough, even if they are using dial-up, will usually be allocated the same IP address repeatedly over quite a long period.


[/ QUOTE ]

So you may well not know the AOL user's machine's IP address. For AOL (and some other companies using mega proxies), it's worse than that - sequential communications from the same user can be routed via different proxies with different addresses....
 

·
Registered
Joined
·
8,216 Posts
[ QUOTE ]
You can find my gateway address, but there are several machines behind that.

[/ QUOTE ]
But your DSL modem's IP address identifies you at that moment, assuming the modem is exclusively yours and all the machines behind it (using NAT) are yours? Unless your DSL modem itself is assigned a NAT address by your ISP's network, which is something I've not heard of any ISP doing. In this case, what I was referring to as your "machine" is your DSL modem, however you choose to configure the equipment behind it.

I did say I'm not an expert so I bow to your greater knowledge of AOL. How do other systems deal with problem AOL users than, without barring them all?

I do know for a fact that using PHP I can identify both the ISP's gateway address and the user's IP address of a visitor to my web site, certainly for NTL customers. I must admit no AOL customers have come to my attention in this way so I can't say for sure that it works for AOL.

It seems a common error in PHP programming to extract the gateway's IP address when it was intended to extract the end-user's IP address. I've seen it happen in many places when I was myself an NTL customer.
 

·
Registered
Joined
·
4,427 Posts
Is it possible to identify the MAC address of the client device separate from the Proxy? If so, and if this could be blocked, there's no issues with DHCP - you're targetting a unique ethernet adaptor. Assuming the user's not on a dial-up modem...??

Or given this is well techie IT stuff I could be talking through my chuff again
 

·
Registered
Joined
·
1,411 Posts
[ QUOTE ]
[ QUOTE ]
You can find my gateway address, but there are several machines behind that.

[/ QUOTE ]
In this case, what I was referring to as your "machine" is your DSL modem, however you choose to configure the equipment behind it.


[/ QUOTE ]

I was just using it as an example of a NAT'ing device (like a proxy). My point being that all you can tell is the address of whatever's doing the NAT'ing, and there may be many, many users behind that.

[ QUOTE ]

I did say I'm not an expert so I bow to your greater knowledge of AOL. How do other systems deal with problem AOL users than, without barring them all?


[/ QUOTE ]

They don't. Or you use cookies to recognise a particular user - and reject people with cookies turned off.

It's a right pain when load balancing, too, since one common method is to partition users between machines based on their IP address, and AOL users can change address from request to request

[ QUOTE ]

I do know for a fact that using PHP I can identify both the ISP's gateway address and the user's IP address of a visitor to my web site, certainly for NTL customers. I must admit no AOL customers have come to my attention in this way so I can't say for sure that it works for AOL.


[/ QUOTE ]

I suspect it's getting it from the headers sent by the browser - whether they're handed on depends on how the proxy is configured. Certainly in my home case (or if I were using a work machine, when I had a job ) you would have got only an internal (private range) address, which you couldn't have used to send me traffic, and which is not unique to me (another user in another company could have quite legitimately been using it).

[ QUOTE ]

It seems a common error in PHP programming to extract the gateway's IP address when it was intended to extract the end-user's IP address.


[/ QUOTE ]

I'm not sure it's an error. The machine sending the request to the server is the proxy. It depends what you want to do with the address.
 

·
Registered
Joined
·
8,216 Posts
[ QUOTE ]
I'm not sure it's an error. The machine sending the request to the server is the proxy. It depends what you want to do with the address.

[/ QUOTE ]
It is an error in cases where it the intention to extract the address of the user's machine rather than the gateway.
 

·
Registered
Joined
·
14,305 Posts
[ QUOTE ]
[BillJ] such broad measures are rarely necessary.

[/ QUOTE ]

Indeed, but without going in to details, broad measures were necessary in this case owing to the type of abuse.

There has been an enormous amount of work put in over the last couple of weeks in to trying to upgrade the board- for the benefit of the greater community. There will inevitably be problems that cannot be instantly answered.

We are of course all genuinely sorry that legitimate users have been disenfranchised- it's not something we wanted at all.

Whilst you say you did not want to state the obvious, you post was nonetheless unbalanced in it's criticism, and your last sentence was unnecessary.
 

·
Registered
Joined
·
1,411 Posts
[ QUOTE ]
Is it possible to identify the MAC address of the client device separate from the Proxy?

[/ QUOTE ]

Unfortunately, no. The only MAC address you're likely to discover is that of your nearest router
 

·
Registered
Joined
·
258 Posts
Bubbles

There are some valid points raised here, and I am clearly not an administrator, but it is out of order to publicly criticise someone in this way. Do it through a moderator or a private message back to Bill. Not in this way as it is inappropriate.

In the meantime his points - whatever your personal opinion on the phraseology employed - are nonetheless valid.
 

·
Registered
Joined
·
14,305 Posts
Mark,

I disagree. Bill has publicly criticised actions that have been taken and, as I said, not provided a balanced view in my opinion; I addressed the balance in my first post but Bill pursued the point when in my opinion hew should not have done so.

We should all be wary of making statements and assumptions or entering into discussions when we are not aware of all the facts.

I am one of the administrators for the forum, so do have a knowledge advantage.
 
1 - 20 of 28 Posts
Status
Not open for further replies.
Top