Page 2 of 7

Re: E-sangha news

Posted: Thu Nov 05, 2009 7:34 am
by Dan74
Jechbi wrote:Interestingly, it looks like some people who have had issues with E-sangha might be in a position to help, if some reconciliation could occur. From here:
Jundo Cohen wrote:We have also downloaded substantially all of the archives of E-Sangha ...
Time to try to bury the hatchet?
Sounds like you have exactly what they need, Jundo!

I would just pass the archives to them (Leo and Namdrol) without a word. Would be a fairy-tale ending to the sorry saga, IMO.

_/|\_

Re: E-sangha news

Posted: Thu Nov 05, 2009 8:38 am
by Annapurna
Jechbi wrote:Interestingly, it looks like some people who have had issues with E-sangha might be in a position to help, if some reconciliation could occur. From here:
Jundo Cohen wrote:We have also downloaded substantially all of the archives of E-Sangha ...
Time to try to bury the hatchet?
Yep. Would be a fairytale ending. ....actually, does he have a choice now...?

Jundo is also an attorney and reacted positively, but said he was not skilled enough with internet laws.

PS:

It's good to search for the hidden gift in seemingly bad situations..

This one holds the gift of cooperation and reconciliation via a detour...

Re: E-sangha news

Posted: Thu Nov 05, 2009 8:58 am
by poto
Paññāsikhara wrote: My understanding is that there was one, but then the host over wrote it with a corrupted copy.
It's curious that the Way Back Machine archive also can't pull out older archives of it, either.
Thanks for that bit of info. That pretty much confirms they didn't have staggered backups.

I'll try to break it down for peeps that aren't familiar with how this works. Some hosting companies provide daily backups as part of their service. What that means is the server your website is hosted on (in this case E-Sangha) is backed up once a day. Now, every day at the same time the previous day's backup is overwritten with the current day's backup. The problem here is that once your website is corrupted (or hacked) for more than 24 hours the old backup gets automatically overwritten with the fresh corrupted backup.

I've seen this happen before. People think that because they are doing daily backups they are protected, but by not having staggered backups (daily, weekly and monthly), it leaves them vulnerable to these kinds of unfortunate things.

FYI, the Way Back Machine is not a complete archive. It's basically a spider that attempts to index and record the publicity available portions of most websites. On large and fast moving sites like forums, it's nearly impossible to index all of the threads. Also, the most important thing on a forum second to the posts is the user data. The Way Back Machine does not capture user logins, passwords, private messages, or any of the other important parts of the database. Just attempting to scrape threads from an archive of past posts wouldn't fix the problem of all that missing user data. Really without a working database, a fresh install is the only feasible option.
David N. Snyder wrote: And then if the hackers are in one country, such as Russia and Leo is in another, Singapore and the server and hosting is in the U.S., it would be difficult if not impossible to sue since there would be no venue or jurisdiction for the court.

I think part of the reason for the delay may be that it is just so heart-breaking for Leo and the administrators to start all over from scratch. It was the largest English language Buddhist forum (that I know of) that ever existed. It had something like 1.4 million posts and about 60,000 members. Can you imagine how long it will take to build that base up again? So they are probably still searching for ways to restore it to the level it was at.
I run a number of websites as part of my business. I've been hacked several times, the most recent of which was only a few months ago. Going after the hackers is close to impossible. It sucks, and I can definitely empathize on a very personal level with what Leo and the E-Sangha crew must be going though.

I would suggest Leo hire an expert. It might be possible to repair his database, although it's probably going to expensive if it is at all possible. Based on my own experiences with corrupted databases, I'm doubtful that it can be repaired. I'm not an expert on restoring databases or security. I just know what I do from running my business and dealing with similar issues.

Re: E-sangha news

Posted: Thu Nov 05, 2009 9:17 am
by christopher:::
David N. Snyder wrote:
I think part of the reason for the delay may be that it is just so heart-breaking for Leo and the administrators to start all over from scratch. It was the largest English language Buddhist forum (that I know of) that ever existed. It had something like 1.4 million posts and about 60,000 members. Can you imagine how long it will take to build that base up again? So they are probably still searching for ways to restore it to the level it was at.
If that is the reason for the delay, there may indeed be a lesson on attachment here. I remember when a really popular ES thread some of us were communicating in (in the Beatnik Buddhism forum) called "Laughing Buddha's Roadside Cafe" was deleted. The next day we all returned, it was gone without a word, we said nothing and started gathering again... I think I started a new thread called "Castles Made of Sand" or something, with the theme of Impermanance.

Eventually the Beatnik Buddhism forum dissappeared, and finally members who had felt unwelcome started to move on. It was all good though, many good things learned, including: 1) Don't hold on to things that are illusory, 2) from change and death important dhamma lessons can be learned, and 3) real relationships and friendships forged, dhamma sisters and brothers found, are much more important then any words posted online.

I give thanks to E-sangha for all the people i've met online, and all i've learned about the dharma.

But 1.4 million posts and 60,000 members, what is that? It's an illusion, and artifact. The real good that Esangha has done can't be found in its archives. We all should give thanks, and pray for a fortunate rebirth, imo.

Start fresh, start over. Allow E-sangha to begin anew...

:group:

Re: E-sangha news

Posted: Thu Nov 05, 2009 9:22 am
by retrofuturist
Greetings,

Just a little reminder about David's post that kicked off this topic.
David N. Snyder wrote:PLEASE keep all comments about e-sangha toward your ability or not to log-in, updates you might have from Leo or another admin. over there, or for suggestions on how we might be able to help them get back online!

Thank you!
Thanks.

Metta,
Retro. :)

Re: E-sangha news

Posted: Thu Nov 05, 2009 9:23 am
by christopher:::
Ooppps! Sorry. Delete my post?

:anjali:

Re: E-sangha news

Posted: Thu Nov 05, 2009 1:59 pm
by Su Dongpo
retrofuturist wrote:Greetings,

Just a little reminder about David's post that kicked off this topic.
David N. Snyder wrote:PLEASE keep all comments about e-sangha toward your ability or not to log-in, updates you might have from Leo or another admin. over there, or for suggestions on how we might be able to help them get back online!

Thank you!
Thanks.

Metta,
Retro. :)

Hmmm. I get that this forum's administrators and moderators don't want Dhamma Wheel to be drawn into intra- or inter-communal squabbles, but Christopher's message does pertain to problems related to communication, doesn't it? Not to stir up trouble here, though... :stirthepot:

heybai

Re: E-sangha news

Posted: Thu Nov 05, 2009 3:26 pm
by DNS
poto wrote: I'll try to break it down for peeps that aren't familiar with how this works. Some hosting companies provide daily backups as part of their service. What that means is the server your website is hosted on (in this case E-Sangha) is backed up once a day. Now, every day at the same time the previous day's backup is overwritten with the current day's backup. The problem here is that once your website is corrupted (or hacked) for more than 24 hours the old backup gets automatically overwritten with the fresh corrupted backup.
We have that solved by doing the following back-up process:

We have the hosting company back it up for us (about once a month) and then they send us an e-mail with an attachment with the entire data base. Then we download it to the pc. That way, even if the site got hacked and the hosting server got hacked, the data base is still on the pc, which the hackers could only get to by literally breaking into my house, which virtually no hacker would go to the trouble to do.

:jedi:

Re: E-sangha news

Posted: Thu Nov 05, 2009 9:38 pm
by retrofuturist
Greetings heybai,
heybai wrote:Hmmm. I get that this forum's administrators and moderators don't want Dhamma Wheel to be drawn into intra- or inter-communal squabbles, but Christopher's message does pertain to problems related to communication, doesn't it?
Yes it does... and that why we left it there, despite Chris:::'s question on whether it ought to be deleted.

Metta,
Retro. :)

Re: E-sangha news

Posted: Thu Nov 05, 2009 10:04 pm
by poto
David N. Snyder wrote:
poto wrote: I'll try to break it down for peeps that aren't familiar with how this works. Some hosting companies provide daily backups as part of their service. What that means is the server your website is hosted on (in this case E-Sangha) is backed up once a day. Now, every day at the same time the previous day's backup is overwritten with the current day's backup. The problem here is that once your website is corrupted (or hacked) for more than 24 hours the old backup gets automatically overwritten with the fresh corrupted backup.
We have that solved by doing the following back-up process:

We have the hosting company back it up for us (about once a month) and then they send us an e-mail with an attachment with the entire data base. Then we download it to the pc. That way, even if the site got hacked and the hosting server got hacked, the data base is still on the pc, which the hackers could only get to by literally breaking into my house, which virtually no hacker would go to the trouble to do.

:jedi:
Glad to hear. :twothumbsup:

Although, once your websites grow larger you may need a more robust backup solution. It simply isn't possible to e-mail and download a ton of data on a regular basis. Even if you have a fast connection, downloading +100GB backups regularly really isn't feasible. If you're only dealing with text and images, you should be good for a while, but if you start getting into video or any user generated content with a large user base, it adds up quickly.

Re: E-sangha news

Posted: Thu Nov 05, 2009 10:27 pm
by LauraJ
Oye, there was such an enormous amount of information compiled there. I'm still hoping it can be retrieved...

:anjali:

Re: E-sangha news

Posted: Sat Nov 07, 2009 6:27 am
by christopher:::
David N. Snyder wrote:
poto wrote: I'll try to break it down for peeps that aren't familiar with how this works. Some hosting companies provide daily backups as part of their service. What that means is the server your website is hosted on (in this case E-Sangha) is backed up once a day. Now, every day at the same time the previous day's backup is overwritten with the current day's backup. The problem here is that once your website is corrupted (or hacked) for more than 24 hours the old backup gets automatically overwritten with the fresh corrupted backup.
We have that solved by doing the following back-up process:

We have the hosting company back it up for us (about once a month) and then they send us an e-mail with an attachment with the entire data base. Then we download it to the pc. That way, even if the site got hacked and the hosting server got hacked, the data base is still on the pc, which the hackers could only get to by literally breaking into my house, which virtually no hacker would go to the trouble to do.

:jedi:
Might it even be wise to keep at least 2 versions for 2 different months, with one on an external HD as backup for the backup? I'm really surprised E-sangha's host didn't do that.
retrofuturist wrote:Greetings heybai,
heybai wrote:Hmmm. I get that this forum's administrators and moderators don't want Dhamma Wheel to be drawn into intra- or inter-communal squabbles, but Christopher's message does pertain to problems related to communication, doesn't it?
Yes it does... and that why we left it there, despite Chris:::'s question on whether it ought to be deleted.

Metta,
Retro. :)
:bow: :juggling: :thanks: :spy: :bow:
poto wrote:
Glad to hear.

Although, once your websites grow larger you may need a more robust backup solution. It simply isn't possible to e-mail and download a ton of data on a regular basis. Even if you have a fast connection, downloading +100GB backups regularly really isn't feasible. If you're only dealing with text and images, you should be good for a while, but if you start getting into video or any user generated content with a large user base, it adds up quickly.
Good points. I wonder how large E-sangha's data was? It probably reached a size where Leo couldn't store it very easily on his own, for the reasons you've stated.

In this case, unfortunately, size becomes a hindrance.

:computerproblem:

Re: E-sangha news

Posted: Sat Nov 07, 2009 6:32 am
by Paññāsikhara
christopher::: wrote: Might it even be wise to keep at least 2 versions for 2 different months, with one on an external HD as backup for the backup? I'm really surprised E-sangha's host didn't do that.
They basically did. Then the host copied over the backup with a corrupt version. So my reliable sources say.

Re: E-sangha news

Posted: Wed Nov 18, 2009 7:38 pm
by DNS
E-sangha is still down. Their sister site, Buddhist Community appears to be down too? I get a warning message not to enter and then this message:
Safe Browsing
Diagnostic page for buddhist-community.com

What is the current listing status for buddhist-community.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 46 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-11-18, and the last time suspicious content was found on this site was on 2009-11-18.

Malicious software includes 4 scripting exploit(s).

Malicious software is hosted on 2 domain(s), including mobydickrock.ru/, vanilla-resort.jp/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including mobydickrock.ru/.

This site was hosted on 1 network(s) including AS25653 (FORTRESSITX).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, buddhist-community.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

* Return to the previous page.
* If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
But I have been still getting a few e-mails from the site telling me I have received a message from someone. Are any of you getting into that site? Is anyone else also not getting in?

Perhaps it is just as well, with Dhamma Wheel, Dharma Wheel, and facebook, I'm probably online too much anyway. :tongue:

Re: E-sangha news

Posted: Wed Nov 18, 2009 8:41 pm
by poto
David N. Snyder wrote:E-sangha is still down. Their sister site, Buddhist Community appears to be down too? I get a warning message not to enter and then this message:
Safe Browsing
Diagnostic page for buddhist-community.com

What is the current listing status for buddhist-community.com?

Site is listed as suspicious - visiting this web site may harm your computer.

Part of this site was listed for suspicious activity 1 time(s) over the past 90 days.

What happened when Google visited this site?

Of the 46 pages we tested on the site over the past 90 days, 3 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2009-11-18, and the last time suspicious content was found on this site was on 2009-11-18.

Malicious software includes 4 scripting exploit(s).

Malicious software is hosted on 2 domain(s), including mobydickrock.ru/, vanilla-resort.jp/.

1 domain(s) appear to be functioning as intermediaries for distributing malware to visitors of this site, including mobydickrock.ru/.

This site was hosted on 1 network(s) including AS25653 (FORTRESSITX).

Has this site acted as an intermediary resulting in further distribution of malware?

Over the past 90 days, buddhist-community.com did not appear to function as an intermediary for the infection of any sites.

Has this site hosted malware?

No, this site has not hosted malicious software over the past 90 days.

How did this happen?

In some cases, third parties can add malicious code to legitimate sites, which would cause us to show the warning message.

Next steps:

* Return to the previous page.
* If you are the owner of this web site, you can request a review of your site using Google Webmaster Tools. More information about the review process is available in Google's Webmaster Help Center.
But I have been still getting a few e-mails from the site telling me I have received a message from someone. Are any of you getting into that site? Is anyone else also not getting in?

Perhaps it is just as well, with Dhamma Wheel, Dharma Wheel, and facebook, I'm probably online too much anyway. :tongue:
Looks like they still haven't fixed the hack.

I wouldn't recommend trying to login while the hack is still present. However, if you really need to get in there, you could setup a virtual machine on your computer, or run linux off of a live disk. That way if your virtual machine gets infected with malware, it won't be able to infect your main OS.

Also, there is the NoScript addon for Firefox, that will allow you to block certain malicious code and scripts. Though, a virtual machine would be safer.