Aug 09, 2004

Nightmare Weekend

By Timothy R Butler | Posted at 1:30 AM

It wasn't the worst weekend possible, but let's just say it wasn't the best either. It all started Friday when I found out my mother's Windows ME based PC was no longer able to boot (“Windows Protection Fault” yada yada yada). It appeared that a virus had exploited the IE security holes and attacked her system. Considering that this was the second Windows ME reinstall the computer appeared to need in as many months, I suggested that we switch her system over to GNU/Linux.

So, I set about working on the system, first trying to repair Windows and then installing Fedora. I got done about 2:00 a.m. Yesterday morning, I was tired, but mostly refreshed.

Here's the catch: she likes to use MSN Groups and enjoys the Internet Explorer-only features that MSN makes available. She also likes JASC Paint Shop Pro. So, I do the logical thing: I get Win4Lin 5.1 for the system. Only problem is, Win4Lin doesn't support the distribution I had picked out for her system, Fedora Core 2. So I start playing around with generic kernel patches from NeTraverse (Win4Lin's developer) to see if I can get it to work. Finally I do, by switching to an entirely generic kernel without any of Red Hat's optimizations, but unfortunately that made it so that I couldn't get the nVidia drivers to install.

While I wanted her to have GNOME 2.6, I decided it wasn't worth fighting that. So I pulled out Mandrakelinux PowerPack+, which has Win4Lin enabled kernels and automatically installs support for the latest nVidia and ATI graphics cards. It goes in smoothly and I set about updating the system, migrating data and so forth. I worked until about midnight and decided to call it a night. I had hoped to give Mom's system back to her today (Sunday), but I was was a bit pooped from the late night the night before.

12:00 a.m.Before jumping into bed, I flipped on my laptop to check my e-mail. Only I couldn't connect to my e-mail. Asisaid and all of my other sites were crawling. I jumped over to serverforest.com only to see the server's load averages being reported at about 80 for each. That isn't good, if you're wondering. It is actually really, really bad unless there is some specific reason it should be that high. I tried logging into my administrative web interface or SSH but both were unavailable thanks to the high processor load.

12:15 a.m. I had no choice but to e-mail my data center and ask them to reboot the system. I can't do anything until the system is in a state other than a deadly resource tailspin. I start to panic, I'm suppose to be up within about seven hours to go on a short trip and a solution is nowhere in sight.

12:30 a.m. The data center technician starts trying different was of coaxing the system to reboot. Nothing works for a very long time and he eventually gives up on logging into the system. I begin to wonder if cPanel blasted apart my mail server again during a nightly update.

12:50 a.m. The server comes back on after being forced to reboot. The resource usage starts to climb again. Local bandwidth and load monitoring shows 100x increase over a two hour period — something is really wrong. It looks like it is going to be a long night. The amount of time I will have to sleep is shrinking.

1:15 a.m. I realize that SAFARI Count+Stat Remote, my referrer tracking tool is being hit hundreds of times a minute by one site, forcing dozens of copies of MySQL and Apache to load. I disable the script and place a message about it being temporarily out of order in its place.

1:40 a.m. Everything finally returns to normal. I go to bed. I can't sleep wondering if the onslaught might be a DoS rather than just CSR being used by a busy site. I get up a few hours later.

Today I'm pooped — two late nights and then getting up early this morning have really taken their toll. But, I did get my mother's computer almost ready to go back to her. I'm hoping to give it back to her tomorrow. The trip to see the Cahokia Mounds in Illinois that I went on with some family turned out very enjoyable, even despite lack of sleep.

Concerning CSR, I re-enabled it today and all seemed well, but it was starting to act up again, so its down for the moment. It is being used on a financial scam site in Australia that is, I think, spamming people and thus causing a massive amount of traffic every night (U.S. time, daytime down under). CSR doesn't presently have a way to block sites from using it, so I'm developing one to block this site that has caused so much trouble. sigh

So that is what I've been up to, how about all of you?

Tags: Life
Article Path: Home: Life: Nightmare Weekend

Join the Conversation

10 comments posted so far.

RE: Nightmare Weekend

Wow! When I read that about CSR I was worried it was WIT. Glad it is not.

I hope you can find a fix.

Posted by Christopher - Aug 09, 2004 | 1:45 AM- Location: MO

RE: Nightmare Weekend

Just an FYI. Brother runs windows only sw for his business. Simply put he can’t be moved. Thankfully he now only uses Mozilla to surf and read emails and such. When I first got his system “perfect” (I.e. all drivers load etc etc) I took a ghost of his HD and put that image on a second drive. He can crash the system all he wants. All I have to do is boot from the disk, erase the primary drive and re-image. I also have him save all his “important” documents to the secondary drive so he never loses anything. Its not a full proof system but it has cut my service calls in half. ;-)

Posted by Mark - Aug 09, 2004 | 7:52 AM- Location: MA

RE: Nightmare Weekend

Well, mine was much easier than your weekend, Tim. About all I did was download the latest OO.o — about 10 hours. Had it pulling overnight, and I appreciate anew ncftp and its auto-resume function. How it is the Mozilla has gone all these years without once putting a ‘resume’ function into the FTP module is beyond me. People have been begging for it for years, but no one at Mozilla listens. Otherwise, Mozilla is near perfect.

Posted by Ed Hurst - Aug 09, 2004 | 8:27 AM- Location: Rural SE Texas

RE: Nightmare Weekend

Yeak! Nice to have that sort of thing behind. :-)

Posted by Josiah Ritchie - Aug 09, 2004 | 3:53 PM- Location: Lanham, MD

RE: Nightmare Weekend

Ouch. And all I did was preach on gossip.
I just started getting into Linux and I’m fascinated. It was last october I discovered the world of Open Source software. The main difficulty is that if I didn’t have the T1 at work to do my downloads from, I’d never have gotten into it. Always interested in advice from people who’ve been at it.

Posted by Jason - Aug 10, 2004 | 12:03 AM- Location:

RE: Nightmare Weekend

Christopher: Nope, WIT isn’t causing any trouble at all.

Mark: Yeah, I tell everyone else to do that (image the drive), but I got lazy and didn’t do it last time. My mother had her system run for two years without needing a reinstall, and I guess I was hoping to repeat that feat.

Ed: Have you tried Firefox? It seems the heir to the Mozilla “throne” does have a resume function. :-) I like Firefox a lot better than Moz 1.x.

Josiah: That’s for sure!

Jason: Preaching doesn’t sound like an “all I did” kinda thing. :-) Linux is great — I really recommend Mandrakelinux if you are just getting started. I need to post more on it here. You might find some of the stuff on www.ofb.biz of interest/use. We will be doing a series on the best Open Source has to offer in the coming weeks.

Posted by Timothy R. Butler - Aug 10, 2004 | 1:50 AM- Location: Missouri

RE: Nightmare Weekend

It sounds like a nightmare, alright… :-o Poor you! We, on the other hand, had a nice and relaxing weekend away in the sun :) Hope this week will be better on you! :)

Posted by Flip - Aug 10, 2004 | 2:38 AM- Location: Sweden

RE: Nightmare Weekend

Tried Firefox. One main complaint: I have serious display issues with Gtk2+Xft, and Firefox is no longer available without them. Mozilla still gets released with Gtk1. The issue is the one I mentioned privately with you about sites using WP blogware. Even then, something can be tweaked to fix it because not all such sites have this issue. I just have no idea what that tweak could be, or I’d do it myself. Meanwhile, I use either Opera for FTP or just send the link to ncftpget.

Posted by Ed Hurst - Aug 10, 2004 | 9:46 AM- Location: Rural SE Texas

RE: Nightmare Weekend

Flip: Thanks! :-) Glad you had a good weekend…

Ed: I keep trying to think of a way to solve your problem, Ed, but I can’t figure out what it is. Did it happen in FreeBSD as well as SuSE?

Posted by Timothy R. Butler - Aug 10, 2004 | 7:28 PM- Location: MO

RE: Nightmare Weekend

I believe it did, and on two machines. This thing turns up from time to time as I update and upgrade this-n-that. At one point it showed up on Opera, so I’m inclined to think it’s actually an Xft issue. It never shows up in my Gtk1 Mozilla, even though I am filtering through freetype2 — you can do that without using Xft. I’m almost certain it has something to do with scaling and sizes, because in FreeBSD the thing went away when I reduced font-size preferences from 14 to 12 points in the browser. That doesn’t help in my current setup.

Posted by Ed Hurst - Aug 11, 2004 | 9:04 AM- Location: Rural SE Texas

Create or Sign In to Your Account

Post as a Visitor

:mrgreen: :neutral: :twisted: :arrow: :shock: :smile: :???: :cool: :evil: :grin: :idea: :oops: :razz: :roll: :wink: :cry: :eek: :lol: :mad: :sad: :!: :?:
Remember my information