Good morning! Today is November 7. Tomorrow appears to be Crunchy's last day, November 8.
Today, I woke up to find Crunchy's first abuse report in my email. I logged in to the Crunchbits panel to check. Here is what I found:
The alleged source IP is Crunchy's IP.
The alleged Destination IPs all seem to be within a range related to an ISP in the Phillippines.
A definitive way to resolve the abuse issue might be to shut Crunchy down a day early. Everyone already knows about the end date tomorrow and probably everyone who needs Crunchy data already has migrated their data to a safe place. Of course, everyone also has backups. If I shut Crunchy down, then the responsibility is mine, and Crunchbits doesn't need to take any heat which might accrue if Crunchbits went ahead and suspended Crunchy service because of the abuse.
Notably the abuse also gives Crunchbits an excellent reason not to provide the Ryzen replacement for Crunchy.
For the above reasons, sadly, I am going to go ahead and shut Crunchy down.
If anyone needs some extra help, please let me know.
Thanks to @crunchbits for beautiful Crunchy! Thanks to all the guys who have been using Crunchy! Thanks to @babywhale for BashVM!
My apologies since I believe I am the (innocent) culprit noted in the abuse report. I had been running a Tor relay. a middle non-exit relay on my instance. The Tor network within the last few days has been hit by someone spoofing IP addresses attempting to make TCP connections to port 22 to various addresses, documented in recent posts here and a blog post here. I had recently received two separate complaints regarding alleged port scanning originating from my server at another hosting provider where I run a Tor relay.
Again, my apologies to everyone involved with crunchy. Thanks to @crunchbits for the use of crunchy and thank you @Not_Oles for the work you've done here and with MetalVPS to help others learn and have fun.
@Lantern1368 said:
My apologies since I believe I am the (innocent) culprit noted in the abuse report. I had been running a Tor relay. a middle non-exit relay on my instance. The Tor network within the last few days has been hit by someone spoofing IP addresses attempting to make TCP connections to port 22 to various addresses, documented in recent posts here and a blog post here. I had recently received two separate complaints regarding alleged port scanning originating from my server at another hosting provider where I run a Tor relay.
Again, my apologies to everyone involved with crunchy. Thanks to @crunchbits for the use of crunchy and thank you @Not_Oles for the work you've done here and with MetalVPS to help others learn and have fun.
Kudos for owning the incident even though this is not exactly your responsibility.
Now that we seem, thanks to @Lantern1368, to have resolved the abuse, I turned Crunchy back on. It seems that all the VMs are running. Please let me know about any issues.
We might as well go out with all flags flying!
Who knows? Maybe Crunchy's Ryzen replacement still might happen? Maybe someone still might step forward to replace me as administrator?
Thanks to Crunchbits for beautiful Crunchy! Thanks to @babywhale for BashVM! Thanks too all the guys who are using Crunchy! Thanks again to @Lantern1368 for his report!
root@crunchy:~# date
Fri Nov 8 03:52:07 AM UTC 2024
root@crunchy:~# uptime
03:52:10 up 5 min, 1 user, load average: 0.51, 0.69, 0.39
root@crunchy:~# CD bashvm
root@crunchy:~/bashvm# bash bashvm.sh
========================== Main Menu ==========================
1. Virtual Machines 2. Storage Pools 3. Networks
4. Snapshots 5. Edit Properties 6. Firewall Settings
7. Port Forwarding 8. VNC / Console Access 9. System Monitor
q. Exit
Enter your choice: 1
==================== Manage Virtual Machine ====================
s. Show all virtual machines 1. Show more details of a VM
2. Start a VM 3. Reboot a VM
4. Shutdown a VM (graceful) 5. Shutdown a VM (force)
6. Enable autostart of a VM 7. Disable autostart of a VM
8. Create a new / existing VM 9. Undefine a VM
10. Create a new VM (Automated) 11. Console into a VM
12. Change resources of a VM 13. Delete a VM
q. Back to main menu
Enter your choice: s
Id Name State
--------------------------------
1 vm105-crunchy running
2 vm103-crunchy running
3 vm101-crunchy running
4 vm104-crunchy running
5 vm100-crunchy running
6 vm107-crunchy running
7 vm106-crunchy running
8 vm102-crunchy running
- vm1-crunchy shut off
- vm2-crunchy shut off
13:14 on Crunchy's last day as I write this -- almost the leet time, 13:37.
Crunchbits has closed the abuse report.
As of now, no additional news as yet on the upgrade of Crunchy to Ryzen.
As mentioned at https://lowendspirit.com/discussion/comment/186138/#Comment_186138 there is an outstanding cancellation request pending for Crunchy because I wanted to make sure not to violate Crunchbits Terms of Service by failing to cancel early enough -- and thus possibly getting auto-billed for the annual renewal fee.
Here's the status page, as of today, a few moments ago:
I continue really grateful to Crunchbits for sponsoring Crunchy for a whole year! Thanks to Crunchbits for beautiful Crunchy!
Haha, now it's 13:34. If I wait three minutes, I can post this at 13:37 MST (UTC−07:00)!
But what's the conclusion here? Has anything been done to avoid a repeat of this situation? Will @crunchbits act on such a report in the future again? Has the reporter been warned not to blindly send abuse reports where the source IP address could easily have been spoofed (as there was only a single SYN packet, but not a three-way handshake)?
@cmeerw You kindly asked four questions. Thank you! I wish I knew the four answers. Maybe @crunchbits will kindly respond to your questions. Best wishes!
Comments
Hello November! Final week begins today! Thanks to @crunchbits for beautiful Crunchy!
I hope everyone gets the servers they want!
It is also the final few days before we know if this planet is doomed.
The all seeing eye sees everything...
Thank goodness you mentioned " Final Week " and not " Finals Week ".. was almost tempted to hit the books. Now I can hit the bar to celebrate.
blog | exploring visually |
Good morning! Today is November 7. Tomorrow appears to be Crunchy's last day, November 8.
Today, I woke up to find Crunchy's first abuse report in my email. I logged in to the Crunchbits panel to check. Here is what I found:
The alleged source IP is Crunchy's IP.
The alleged Destination IPs all seem to be within a range related to an ISP in the Phillippines.
A definitive way to resolve the abuse issue might be to shut Crunchy down a day early. Everyone already knows about the end date tomorrow and probably everyone who needs Crunchy data already has migrated their data to a safe place. Of course, everyone also has backups. If I shut Crunchy down, then the responsibility is mine, and Crunchbits doesn't need to take any heat which might accrue if Crunchbits went ahead and suspended Crunchy service because of the abuse.
Notably the abuse also gives Crunchbits an excellent reason not to provide the Ryzen replacement for Crunchy.
For the above reasons, sadly, I am going to go ahead and shut Crunchy down.
If anyone needs some extra help, please let me know.
Thanks to @crunchbits for beautiful Crunchy! Thanks to all the guys who have been using Crunchy! Thanks to @babywhale for BashVM!
I hope everyone gets the servers they want!
It takes one... but glad it happened on the penultimate day. thanks for the crunches !
blog | exploring visually |
My apologies since I believe I am the (innocent) culprit noted in the abuse report. I had been running a Tor relay. a middle non-exit relay on my instance. The Tor network within the last few days has been hit by someone spoofing IP addresses attempting to make TCP connections to port 22 to various addresses, documented in recent posts here and a blog post here. I had recently received two separate complaints regarding alleged port scanning originating from my server at another hosting provider where I run a Tor relay.
The latest news is that the origin of the spoofed packets has been
identified and successfully shut down today.
Again, my apologies to everyone involved with crunchy. Thanks to @crunchbits for the use of crunchy and thank you @Not_Oles for the work you've done here and with MetalVPS to help others learn and have fun.
Privacy is a human right.
Kudos for owning the incident even though this is not exactly your responsibility.
The all seeing eye sees everything...
@Lantern1368 @crunchbits
Now that we seem, thanks to @Lantern1368, to have resolved the abuse, I turned Crunchy back on. It seems that all the VMs are running. Please let me know about any issues.
We might as well go out with all flags flying!
Who knows? Maybe Crunchy's Ryzen replacement still might happen? Maybe someone still might step forward to replace me as administrator?
Thanks to Crunchbits for beautiful Crunchy! Thanks to @babywhale for BashVM! Thanks too all the guys who are using Crunchy! Thanks again to @Lantern1368 for his report!
I hope everyone gets the servers they want!
Buenas tardes!
13:14 on Crunchy's last day as I write this -- almost the leet time, 13:37.
Crunchbits has closed the abuse report.
As of now, no additional news as yet on the upgrade of Crunchy to Ryzen.
As mentioned at https://lowendspirit.com/discussion/comment/186138/#Comment_186138 there is an outstanding cancellation request pending for Crunchy because I wanted to make sure not to violate Crunchbits Terms of Service by failing to cancel early enough -- and thus possibly getting auto-billed for the annual renewal fee.
Here's the status page, as of today, a few moments ago:
I continue really grateful to Crunchbits for sponsoring Crunchy for a whole year! Thanks to Crunchbits for beautiful Crunchy!
Haha, now it's 13:34. If I wait three minutes, I can post this at 13:37 MST (UTC−07:00)!
I hope everyone gets the servers they want!
But what's the conclusion here? Has anything been done to avoid a repeat of this situation? Will @crunchbits act on such a report in the future again? Has the reporter been warned not to blindly send abuse reports where the source IP address could easily have been spoofed (as there was only a single SYN packet, but not a three-way handshake)?
@cmeerw You kindly asked four questions. Thank you! I wish I knew the four answers. Maybe @crunchbits will kindly respond to your questions. Best wishes!
I hope everyone gets the servers they want!
I just noticed that @crunchbits doesn't seem to have been active here since October 12. I hope he is okay!
I hope everyone gets the servers they want!
Crunchy is gone!
No response to ping. Traceroute stops at
edge1.spknwa.crunchbits.net
. Crunchbits panel shows "Cancelled."Thanks to Crunchbits and to the Crunchbits staff for a year of beautiful Crunchy! Thanks to @babywhale for BashVM! Thanks to all the Crunchy users!
Best wishes and kindest regards!
Tom
I hope everyone gets the servers they want!
Bye bye Crunchy
blog | exploring visually |
Thanks @vyas! What a nice guy you are!
I hope everyone gets the servers they want!
@Not_Oles @crunchbits Here's an update from the Tor Project in regards to the abuse report you received. https://blog.torproject.org/defending-tor-mitigating-IP-spoofing/
Bye crunchy! I miss you already!
Privacy is a human right.
Just peeking in don't mind the moonwalking Yeti!!!
Free Hosting at YetiNode | Cryptid Security | URL Shortener | LaunchVPS | ExtraVM | Host-C | In the Node, or Out of the Loop?
On the other hand, I wonder if @crunchbits is okay, we're about to reach the 30-day inactive mark
datalix's aff #1 fan