Guide (3)

Dagrin RIP .Terry G take am easy o !
Terry G just announced on twitter that he is ok after the accident, He just needs some rest.


hitmanTerryG

I dey o. Thanks for all the love, God pass them, I wan go rest small!! Ginjah no go die. God guide us and One love my people! I appreciate
25 minutes ago


Previously:


Was He Drunk or high on weed ? With the latest takeaway of our Top indigenous Rap Artist Dagrin by Car Accidents .Terry G almost joined the crew of posthumous talents.See Dagrin here
http://bit.ly/c2R9Xx




Word reaching us, is that Gabriel Amanyi, aka Terry G has been involved in a terrible auto accident and is critical condition.

The accident occured at about 3am saturday morning, when the singer/producer was on his way home from an outing with friends in Ikeja, Lagos. Apparently he ran into a road demarcation somewhere in Ogba.

According to eye witnesses, Terry G was the driver of the vehicle, and had other passengers with him who are also members of the House of Ginja. It is unclear the condition of other passengers, but Terry is currently undergoing treatment at an undisclosed hospital.

No word yet on where he’s being treated. His mobile phone is off, his BlackBerry inactive. And although his manager assures us ‘everything is under control’;

The car- A Toyota Camry – is now lying at the office of the Lagos State Traffic Management Authority (LASTMA).

Please say a prayer for Terry G and other members of the House Of Ginja involved in the accident.


Read more…

In this post we (UNIXY) are going to share our experience fending off a large Distributed Denial of Service (DDoS) attack for a client. Generally, Website owners deal with DDoSattacks on their own. There are equipment and solutions vendors cater tothese owners and guarantee protection against these kind of attacks upto a certain threshold. The cost of hiring these vendors can range fromthousands to hundreds of thousand or millions of dollars depending onthe severity of the attack.

Our goal was to build a solution with the least amount of funds possible. This solution is scalable and can handle the worst attacks.The client’s dedicated server is not a special server but a simple quadcore Xeon managed server running the LAMP stack.The DDoS riposte described in this article can scale to stop a 10Gbpsattack or more. The good news is this solution does not require changinganything on the dedicated serveritself of the constellation. The server could be running just about anysoftware stack. This configuration will work just fine with almost allcases effortlessly..

  • Distributed Denial of Service – The Social

Before we delve into the glorious technical details, there is an important aspect of DDoS attacks that one should know about; that is thesocial dynamics that lead to the attack. The more one understands aboutthe the social aspect of a DDoS attack the easier it becomes to preventor stop it. Because once a DDoS has started, priorities shift quitedramatically and rational for making wise decisions becomes flawed.

DDoS comic

DDoS comic

DDoS attacks do not occur randomly. They are targeted and come with a motive. The motive could be revenge but most of the time the motive isfinancial. The individual or groups that conduct the DDoS attacks aremost of the time hired to complete the job. They have the resources andknow-how to orchestrate the attack while hoping to avoid getting caughtby the authorities. They have no emotional attachment to the DDoS attackitself; they have no hard feelings towards the victim. They just getpaid for what they do and nonchalantly, but meticulously, execute.

As explained, DDoS attacks are preceded by an email, post, or phone call, from the individual or group with interest, to the victim. It isalways recommended to treat strangers you meet online or offlineprofessionally and politely. The smallest altercation can lead to anegative reaction, which can escalate actions. In the face of anonymousthreats against your business or organization, remain calm and composed.

DDoS Offer in Forum

DDoS Offer in Forum

There are public markets online (please don’t ask for links) where wannabe DDoS perpetrators get to hire the attackers. Pricing varies from$5/hr to $10 for a simple non-distributed DoS attack. A DDoS, however,tends to be more expensive depending on the sheer amount of data orpackets that needs to be delivered at the target. It can range from$20/hr to $100/hr. The word used to in the circles in lieu of DDoS is to“drop;” meaning to drop a certain Web site or network off the Internet.It really means to either overwhelm the target with enough traffic thatthe equipment fails or to force upstream providers to “null route” thedestination IP at the network level. The end result is that the IP getsdropped from the routing tables and the server to stop responding to allrequests.

The fact that DDoS is not cheap has got to be comforting to an extent. It means that it is only a matter of time before the DDoS“client” runs out of cash. This in itself is encouraging. Keep that inmind should you begin to lose patience. Perseverance is omnipotent.Denial of service attacks are considered a crime and are punishable byFederal law in the US and by the police in the UK. As we will explain inthe technical part of this article, DDoS attacks are almost impossibleto trace to back to the individual or group that are orchestrating theattack. Because of the distributed nature, it requires cooperation fromseveral network engineers that work for upstream providers.

Distributed Denial of Service – The Technicals

First things first, What is a DoS? what is the difference between a DoS and DDoS? A Denial of Service (DoS) is an attack originating fromone source or one system that results in the service in question beingunavailable to its legitimate users. It denies its very users accesseither because the service runs out of available resources or has beentricked to deny access to legitimate users. For example, a DoS attack ona Web server can cause it to run out of resources and stop respondingto requests. A DDoS, on the other hand, is a more sophisticated attacksince the attack originates from hundreds or thousands or nodes.

A DDoS attack is almost impossible to trace back to the source due to its distributed nature. DDoS orchestrators call the nodes andcontroller system a “bot.” With a few commands, the bot owner caninstruct infected nodes from around the world to attack a target. Thebot systems are hosted and controlled via the Internet Relay Chat(IRC) system or via a direct connection port connection. The nodes usedto attack the target are made of compromised Windows and Linux nodesfrom around the world.

Before we present our solution, we need to discuss the two types of DDoS attacks that exist. On one hand you have attacks arebandwidth-based and seek to saturate the connectivity link. On the otherhand, you have attacks that are packet-based and seek to saturate theprocessing capability of the equipment. In other words, they seek tooverwhelm the processing power of the CPU and memory or fabricof the routers or switches. All equipment has hard limits when it comesto their ability to handle a certain number of packets per second.Routers and switches are no exception.

Capacity of networking equipment - Mbps vs pps

Capacity of networking equipment - Mbps vs pps

For example, take the above specification for a Cisco 6500 firewall. Each module is able to handle 5Gbps or 2.8 million pps. This firewall sure looks like it can handle a 5Gbpsattack. Great! However, should there be a packet-based DDoS attack, onewould only need a 1.5Gbps payload to saturate it. That’s 2.8 million pps* 64 Bytes = 1.5Gbps. So bandwidth capacity means nothing by itself andsmall packets can cause havoc.

Our client was facing a 2Gbps DDoS attack that is packet based. It sought to force routing equipment along the way to start droppinglegitimate packets. This caused the upstream to null route the IP toalleviate the burden on other customers that are behind the link. Thisis the typical reaction from all upstreams as they seek to protect theirmany other customers from feeling the pinch of the attack. We weregiven one last chance to “fix” things before the IP could be routed backin. Here is how we were able to fend off the attack and keep the serverrunning.

We have deployed what we call a “constellation” of reverse proxy VM or VPS nodes running the high performance Web server Nginx. The VM nodes werepurchased from several providers given they are located at separatefacilities. Essentially, we are off-loading and “splitting” both packetprocessing and bandwidth consumption across several data centerfacilities (physical routers & carriers).

Nginx constellation

Nginx constellation

The configuration of the Nginx nodes is a typical reverse proxy configuration with the usual extra kernel security configuration. So fora 2Gbps attack and with 20 VM nodes, the bandwidth consumption per nodeis a maximum of 2GBps / 20 = 100Mbps. That’s a 100Mbps load per VMnode, which is reasonable enough and is below the threshold for gettingone’s IP null routed by the provider. One could add more and more Nginxnodes to the constellation without issues.

So how is 20 VM nodes going to be affordable? VM prices have dropped dramatically over the last year. For the above configuration, a VM cancost between $5/mo and $10/mo. That’s an average of $8*20 = $160/Mo.Knowing that most DDoS attackers have the attention span of a gold fish,the $160 is all you need to send your attacker and his accomplicepacking.

Total cost for averting a 2Gbps attack

Let’s talk more about the Nginx constellation configuration. The Nginx front-end nodes will run in proxymode caching static files and requests. The more aggressive the DDoSthe higher the time-to-live for cache objects should be. This preventsthe Nginx nodes from proxy-passing requests to the quad core node.Although, if the main node has idle CPU and plenty of memory it wouldn’thurt to put it to good use to alleviate the burden on the Nginx frontnodes. Your domain’s A records is going to be the IP of the Nginx frontnodes configured in round robin fashion. DNS round robin has itsshortcomings in terms of not having control over how long (bad) recordsget cached by resolvers around the world. But in this case, it does notmatter much. Just be sure to set high TTL for the records so your DNSserver does not collapse under the enormous volume.

Nginx DDoS Constellation

Nginx DDoS Constellation

There are tons of online tutorials that go over the installation of Nginx as a reverse proxy so be sure to read up on it. But we will listsome of the peculiar settings that are needed to handle a large scaleDDoS. Of importance is the number of Nginx worker processes and workerconnections. Those values will need to adjusted gradually and higher tohandle different kind of attacks depending the VM resource allocation.But you should set them at least as high as the following:

worker_processes 8;
events {
.
.
worker_connections 4096; # Be sure to set ulimit -n 4096 or more
.
.
}

Keep in mind that one still needs to gear up for the event by setting kernel and system variables on the Nginx nodes. Simple things likeper-IP rate limiting, flooding rate limits, and syn cookies should beenabled without a question. Here are some measures you can implement:

net.ipv4.tcp_syncookies = 1
# source validation / reversed path
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
kernel.pid_max = 65536
net.ipv4.ip_local_port_range = 9000 65000

Recap.

In brief, here are the elements that constitute our solution:

  • Nginx reverse proxy constellation
  • DNS round robin records
  • Security at the Nginx front end level
  • Know the social and technical dynamics behind DDoS attacks


Read more…
how to make money a simple indepth approach or should I say the mugus guide to for mugus book on how to make money ! This is a string of articles looking at the different ways to make money ! I have broken them into 5 different categories 1.Luck 2.Talent 3.Services 4.Goods 5.Criminal Money money must be funny in the rich mans world ! Money makes the world go round ! It drives business or should I say IT drives money ! or Fifty Cent Get rich or die trying ! LUCK Lets start with Luck or using some popular phrases like Favor (o boy na favor o ), chance (give me a chance) ,circumstances (beyond your control ),destiny (This was his destiny ),fate , fortune, hazard, portion ("that is not my portion" used by a lot of Pentecostal Christians) Basic Wikipedia definition Luck refers to that which happens to a person beyond that person's control. This view incorporates phenomena that are chance happenings, a person's place of birth for example, but where there is no uncertainty involved, or where the uncertainty is irrelevant. Within this framework one can differentiate between three different types of luck: Constitutional luck, that is, luck with factors that cannot be changed. Place of birth and genetic constitution are typical examples. Circumstantial luck - with factors that are haphazardly brought on. Accidents and epidemics are typical examples. Ignorance luck, that is, luck with factors one does not know about. Luck as a fallacy Another view holds that "luck is probability taken personally." A rationalist approach to luck includes the application of the rules of probability, and an avoidance of unscientific beliefs. The rationalist feels the belief in luck is a result of poor reasoning or wishful thinking. To a rationalist, a believer in luck commits the "post hoc, ergo propter hoc" logical fallacy, which argues that because two events are connected sequentially, they are connected causally as well: This is the most critical money making concept as all the others actually depend on it at one time or the other You can classify luck into one million things but fact is it is just still ends up as PLAIN LUCK ! just like the Christian Bible puts it unmerited Credit or Debit as the case may be ! Now the good news first or the Bad news ? BAD LUCK ! Now lets start with Bad Luck ! or Hex or Evil eye or cursed or Remote control or Dem swear for am ! This is the one we are mostly scared of . This one is the no go area and people actually make money from preventing it .It is big busines ! From pastors and imams in our churches(many Nigerian churches I no go name names ! ) (we pay tithes to avoid it ok for those that pay ) ,mosques to astrologers to Shamans (shams) to Olumba Olumbas, Scientology(mr tom cruise)Nation of islam (Malcom X,Micheal /JermaineJackson) , Mormons, Jehovah Witnesses, Even Oprah Winfrey and all the other so called talk show hosts ! The FBI,CIA ,Red Cross, Doctors,Lawyers,insurance people ! Plumbers too ! The government ! etc All of them are in business because they try to assure us that they can prevent Bad Luck from happening to us ! This article itself is also supposed to teach you how to avoid bad Luck . So in essence bad luck is not such a bad thing as it actually puts food on the table for most people . A lot of People have actually made millions from selling their bad luck stories ! So dont be scared of it as like the old Hymn says “Give me that old time Bad luck Give me that old time bad luck Because it is good enough for me !” ok I know it was old time religion but heh try to understand na. Ok how do I avoid this type of luck ? 1. First embrace bad luck make it your friend .look for loopholes in bad luck .A friend of mine said ok I know I am not lucky but I am going to be so good at not being lucky that I will make people to pay me on learning about bad luck ! imagine that ! 2. Bad luck in itself is not Bad it just gets bad press that is it .Ok imagine 50 thousand lawyers killed in tsunami , o yes ! Bad luck for them but Good luck for the remaining lawyers ! So Bad Luck gets bad press lets try to give it good press ! 3 .Every decision you make might bring bad luck so always look at your decisions and be ready to accept them as bad luck .Risk managers call it the risk factor .If it is high or low always realize that it can always turn out real sour . Relationships are about the riskiest things on earth and cost billions of dollars to repair but most people jump in and out of them at will ! 4.The fear of yahooze is the beginning of wisdom ! 419ers actually create bad luck .If it is too good to be true then it is too good to be true ! Nobody is perfect so that means no business deal can be perfect too ! 5.Learn to do a risk analysis at every chance you get .Even those that say they have the keys ot wisdom and can foresee bad luck a million miles away .If it is all about the benjamins and the other dead presidents or the nnamdi azikiwes and the very alive presidents .In short Bad luck always walks around with money It is the saying money is the root of all evil in reverse .Bad luck is the root of all evil . 6. It took all the kings men plus horses and maybe dogs to put humpty dumpty together again .Why ? Because the bloody fool knowing fully well he had a big head still went and sat on the WALL ! Ok you know your BLQ (Bad luck quotient) is not good yet you play the lottery every day ! And lose every day ! who to blame ? We go like to know ! O I fell in love ! Runggbish jo wich kain talk be dat ! Your history of girlfriends shows you date hotties ! and you want to get married ! hotties are hot bcos guys follow them ! so you are still unmarried at 50 and you dey complain.Like wise hotties ! hot girls like hot boys but hot boys like other hotties ! Hott chic no bobo at age 45 shuo ! na wa o ! you dey work for Fallujah and Taliban blow you up and you dey complain say you get one leg ! whos sand you go Fallujah ? Only fools dare where angels tread ! 7.Na soso bad head people you dey hang out with ! Oya Follow d money na where carcass dey naim Vultures dey maintain ! Finally to round up bad luck the only way to avoid Bad luck is to get GOOD LUCK ! Next week we talk about Good luck Your comments are welcome !
Read more…

Blog Topics by Tags

  • in (506)
  • to (479)
  • of (339)
  • ! (213)
  • as (166)
  • is (157)
  • a (156)

Monthly Archives