DDOS Attacks & Server Updates

Today, at or around 15:30 GMT, NeoSmart Technologies was victim of a distributed denial of service attack that lasted over two and a half hours. Unfortunately, as a result of the DDOS attack, our server had to be hard-restarted and we encountered some data corruption. All files were recovered with the exception of our MySQL tables for the forum which were completely unusable in the aftermath of the attack; these were restored from the latest backup we had (0200 GMT of June 5th, 2007).

The attack lasted around 3 hours, the recovery process another hour or so. We’re sorry for this downtime and are implementing failsafes that will hopefully protect against data corruption in the future. Luckily, our other data is stored on PostgreSQL (with the exception of this blog, which miraculously survived the ordeal unscathed) which is less prone to data corruption in our experience.

We urge anyone with any information about this attack to come forth, and remind the perpetrators that this is a felony punishable under law.

But at NeoSmart Technologies, we always do try to make the best out of whatever situation we’re in, so we took advantage of the downtime to do some server upgrades we’d been planning for a while:

  • Apache Tomcat (for the Wiki and Bug Tracker) was upgraded to version 6
  • MySQL was upgraded from version 5.1 to version 6.0
  • We upgraded PHP from 5.2.1 to 5.2.3
  • The IIS rewrite module was re-compiled and upgraded
  • Installed an XMPP/Jabber Server
  • Several other script changes

At any rate, hopefully this is like lightning and doesn’t strike the same place twice! We’re still here, and we will be for a very long time to come, God willing of course.

Once more, sorry for the downtime, and to those people who unfortunately had their posts vanished in the forums: our deepest apologies.

How To: Open Source + Windows + IIS… with Stability

As we mentioned back in March, we switched NeoSmart Technologies over from PHP‘s ISAPI extension for Windows/IIS to Microsoft’s “FastCGI for IIS” implementation instead in hopes of achieving better reliability and uptime during times of heavy load.

Whether you like Windows or not, at some point or the other, you may find yourself using IIS 6 or even 7, and then you’ll be wondering why the open source technologies you’re using aren’t as stable as ASP or MSSQL on Windows. However, ever since the release of IIS 6, Microsoft has truly remade Internet Information Services as a real contender in the server market, providing a highly secure, stable, fast, and flexible web server for the masses. IIS 7 (due to ship with Longhorn Server sometime in 2007) is currently showing all the signs of being even better, with complete modularization of all components and a highly extensible, XML-based framework.

We’re really happy to be able to finally say with all conviction that it really works! This week, NeoSmart Technologies was featured on the homepages of many link aggregation sites (including Slashdot) for our Desktop vs. Web RIAs article. And we’re glad to say that even with the extreme load, for the entire past week we’ve had 100.00% uptime with respect to network, IIS, MySQL, and everything else!

Continue reading