Micah

For many, our hobby started with a Google search. "Tang has white spots all over" returned links to forums with information like we lost. The only difference between goofing off and science is writing it down. The last 2 years, we've just been goofing off.

One of the first things I implemented was remote daily automated backups. Currently, they are being pushed to two other geographically separated VPS accounts I manage as well as my home server. 2 Daily, 2 Weekly and 1 montly copy are stored at the moment, but I hope to increase those numbers slightly. I would also like some incremental backups done every 6 hours - but I'm having to weigh the performance degradation during backups and bandwidth costs against our need to have a current backup. But, I think we're relatively well set for now.

Cool, just let me know and I'll investigate or at least try to replicate the error.

Also, can you give me specifics as to how tapatalk keeps crashing? My wife and I are using it with no problems so far. Android/iPhone? Tapatalk free or tapatalk pro?

One thing I DID do (mainly just because it was annoying) was clear the cache within tapatalk. There was a lot of old posts that wouldn't load and were causing error messages to pop up when the app tried to reach them. Clearing the cache resolved this.

Yeah, the main page was a part of the site that was seriously compromised and we could not find a non-broken file to restore. I implemented a workaround by just getting the forum site online and error free. Tonight will be the first steps toward a clean copy of the forum with some of those main page features restored. I am moving the site to another server while the old server is rebuilt/re-installed (to ensure that there are no vulnerabilities still left on it). Once we have a known-clean state, we can start working on getting the main page restored. I'd love to see a new POTM/TOTM displayed up there.

Thanks for your observations Jessie. I'll look into the Tapatalk issues right now actually as they should not be tied to anything I'll be doing in 50 minutes or so.

On 8/25/2014 this forum was attacked by a malicious hacker. All data was destroyed and we had to revert to a backup from November of 2012. If you signed up between then and now, it is likely that you will have to re-register your account. We have a lot of rebuilding to do, but let's replace those two missed years with two much better ones going forward!

If you have any questions or account complications, please send me a PM or use the Contact US feature of the site and somebody on the admin team will get to you ASAP.

Thanks,

Micah

Adam, you quitting was a major bummer for me, I was very excited to admin along side you. I appreciate all of the work you did to get it to the point it is and I'm sorry if I did not give you the credit you seek. I understand that you weren't part of the politics leading up to this nightmare, but it is what it is. I understand that I/we should have been more up front about creating the site, but realistically we would have been met with the same resistance or "Just wait, we've almost got it going" like I did hear. Change doesn't happen by waiting, so I made a judgement call with the knowledge I was presented. Going back, I would have made the same decision. I would have carried it out differently and by myself without involving ANYBODY. Involving certain people who twist and mangle the truth is how we are having this conversation in the first place.

I did not approach sponsors. Stop creating facts - this isn't fox news.

Did I modify your access? Yes. Though, I thought what I was doing was giving you more access, I instead gave you less. For that, I'm sorry, but it was not my intention. Instead if flying off the handle (something I'm often accused of doing), you should have sent me a message.

If you ever want to come back to the team, you have an open invitation, but I understand if you have reservations.

Guessing you haven't seen the email. If you had you would understand the frustration for those of us that respect the people that were kicked away because of Micah.

Are you referring to the email in which Mattv (employee of goldenbasket) was totally fine running the new site for-profit? You mean that one? Or was it the email in which "my terms" were the ones in which the interest of the PEOPLE was held highest?

I think you are all forgetting the main reasons for this - the current technical administration of this site was far less than adequate. Anything worth doing is worth doing right, and if I had to take that outside of the club (since I was powerless from within prior to the 5th). You should be less annoyed with me for doing this and MORE annoyed that nobody has done this in the past. Did we do it behind your backs? Sure, how else would we have done it? On the forum!?

I know we all have 2 years of pent up frustration (2012-2014 in this case) in this matter, but let's not praise those who took nearly two weeks to half-fix a problem that they created. Sometimes you have to crack some eggs to make an omlet.

I have sent this entire email (the one Emerald525 took out of context) to Kevin. If he approves and people request it, I have no issues posting it publicly on the forum. Feeling the urge to gag you all with the truth. Be careful what you wish for.

President already accepted explanation and dealt with this issue by acquiring the right to pnwmas.com name.

That doesn't unpurchase the domain or undo the initial intent of said domain..

To expel further rumor, I have little to hide. Should I have said some things? No... probably not, but like PNWMAS.COM, it's all spilled milk...

I have sent the email people keep referencing to Kevin and will post it publicly upon authorization from the board.

--Micah

[sIZE=3]Like Rudy said' date=' people can take back what they say but they can't take back what they have said in email. Brad you can say all you want but and edit my thread by saying "the facts as I know them". People will believe what they want to believe but it's difficult to refute email evidence and Brad you can argue all you want that it was taken out of context.[/quote']

 

Well, it WAS taken out of context. Also, it WAS an abysmal failure. No backup since 2012 is an abysmal failure. Things needed to change - one way or another. I had a choice to make, I made it... when the options presented to me and the situation changed, so did the choice and my opinion of said club. I'm glad I am able to stay with the club I love in order to make it a less-abysmal success.

There has been some serious speculation, name calling and a LOT of make believe. Before using the word "fact", let me tell you my point of view and everything that I know to be true with this chain of events.

At 8am on the morning of 08/26/2014 I attempted to get on the forum. Upon noticing it was down, I immediately texted Darryl hoping he was aware of it. He assured me he was aware and was working on it. Following this a group text conversation occurred an hour later. In this conversation it was understood that Jay (Chief) was busy until 6, and nobody else was communicating the issues, or couldn't help because they were busy or their firewalls wouldn't allow them to. Later I read on Facebook that the forum had been down since the night before at some point. At 6:00pm on the 26th, nearly 12 hours after texting Darryl, a ticket was submitted to our hosting provider to resolve the issue - an issue that was not theirs. The site eventually came back online at - 9/5/2014 - twelve days later. I was given admin privileges by Jay(Chief) at 8pm 9/5/2014. After the site came back online.

Let's take a step back; I've been in the IT field since 1997. I've been a senior level systems engineer for the last decade. I've worked for large companies, small companies, energy companies, home offices, non-profits, and military organizations. I ran a web hosting company from 1999 to 2009. I've seen this site go through several heavy outages over the years; most have been 100% preventable. I decided to offer my much needed help and was considered by Darryl to be an admin a couple months ago (during my running as VP). According to Darryl (a board member and admin), a vote was held by the officers/board of the time saying that my involvement would be a conflict of interest as I was working on cuttlefishandcorals.com and was leading the VP vote. Later, I discovered that the board vote to keep me off the admin team never happened. I never became admin, but assumed the site was being cared for as best as it could.

Since being given access, I've done some analysis and found on the 25th of last month, we took a huge hit. We were breached by an organization named "ArHaCk.NeT". This is an organization that phishes money and raises mayhem. They used our site as a gateway for PayPal scam emails that you may or may not have gotten in the past asking you to verify your PayPal account - erroneously. This organization uploaded a file 's.zip' through an unpatched vulnerability in our server that contained the payload to make their web presence work. Luckily, restoring the site is as simple as looking through our most recent backups and restoring one that did not contain s.zip - or any traces of said payload - then simply patching the vulnerabilities and plugging the hole these hackers got through in the first place. About 8 hours of total work. Backups… Well, we didn't have anything valid. No backups had been made since November of 2012. Later, I heard that this was because VPSLatch (our server host) was bought by HostDime (a large hosting provider) and they removed this feature from our server/account. In a professional IT environment, nobody who has any experience with backups would ever assume that backups were being made. Backups should be verified by quarterly or bi-yearly "fire drills" where said data is restored to a sub-domain of the site and verified for integrity. Said backups would be stored off-server, preferably in multiple locations. Beyond backups, the server was in a neglected state of patching/updates. We were running an outdated operating system, a database server that was three stable revisions old (a couple years), web server (Apache) versions that were riddled with vulnerabilities and an Apache module (FrontPage Extension - http://docs.cpanel.net/twiki/bin/view/EasyApache/Apache/ModFrontPage) that warns you that running it is not recommended as it's a huge security risk.

Prior to me being given access to the forum, the forum had been restored. Both the web side and database side. The themes were partially broken, but the site was functioning for the most part. Automated site emails weren't being sent, and other small things needed fixing. Upon being given access to the server, I double checked that indeed this was the latest copy of the forum we had and I proceeded to resolve the little things. I found old archived site images from waybackmachine.org, resolved the email activation issues, and removed the FrontPage extension. I then ran a couple of utilities that check for rootkits and malware by comparing their checksums against an internet database of known good checksums. There were only a couple of things it returned, but nothing too serious. I resolved these small gaps in security and changed all of the passwords on the site. These passwords would then be updated and distributed to the admin team in the same document I was provided as soon as I had a chance. I gave vbulletin (the forum software) admin access back to Adam and Darryl as Jay already had it. There was also talk of a new admin team. Perhaps having Darryl focus more on his vendor relations duties and less on something he was trying his hardest with, but ultimately did not possess the knowledge or experience to be handling. This was not a slight against him or an attempt to humiliate or ego crush.

During the time the forum was down, I commented "[language filter]?!" and the such on things like "Our last backup was in 2012". This was immediately followed up by a text from Darryl telling me how they aren't trying to cover things up, but we should be selective on how we announce this to the forum. I've never been one for covering or tweaking the facts to make myself or a situation look better. I'm a blundering fool, much like many of us - but covering things up was never my style. [language filter] could have been responded to with "I know, we're not sure what happened…. But, yeah.. This really sucks - stay tuned folks!". Instead, I received a phone call from Darryl. He stated that he volunteers for the forum and does not get paid (insinuating that the lack of response or ability to resolve this issue was somehow justified because he doesn't get paid). He also stated: "Micah, I'm too old. Too old. I won't be taking any orders from a young guy like yourself.". I'm paraphrasing of course as this was a phone call and I'm pretty sure he used the word "whippersnapper". It was well received that Darryl and I don't get along with each other, but none of that was a determining factor for me wanting to help the site or for what happened later. Something that did not happen until nearly two weeks of the site being down. I too was kept mostly out of the loop during this time.

WestCoastReefers; let's address that rumor mill. Yes, there were frustrations about the site being administered poorly. Yes there was perhaps even venting. What there wasn't, was slander, name calling or competition. The site was created in an effort to give the community a forum - one way or another. Because I could not be given admin access to help resolve the community I love so dear, a few individuals and myself decided it would be best to give the forum a place to go in the event PNWMAS.ORG never came back online. The club was decided on their path, and I had to make a decision on mine. I chose to provision and create a server. I installed the forum software and proceeded to get categories configured so people could start registering and posting in PNWMAS's stead. Competition? No… I was 100% devoted to the same community of people that has now put on this witch hunt. Devoted enough to give up my position as VP on the broken forum/club. There was even a moment where we though "While we're at it, why not make it a for-profit site and charge for memberships. We have the opportunity to make the second site however we want.". In the end, we did not go that route - the concern for getting a site up to the community was more pressing than trying to change something that was proven to work. There is even an email chain floating around with our plans in it. Our plan was to start a new site. Frustrations were made clear and decisions were made based on our suggestions/concerns and votes. Like I said, there were a lot of us out of the loop and many of us assumed the worst with pnwmas. As far as CuttleFish and OceanRevive being in the sponsor section? The site wasn't announced as live due to the change in direction with PNWMAS.org. Those sponsors stated that a functioning site was needed and that they support the idea of having a backup/second site. Them being listed on that site in no way reflect actual sponsorship. No money changed hands and as far as I know, there was no exclusivity to sponsor only a single site. Many shops sponsor on multiple sites. Please try to keep what blame you find on myself and nobody else as nobody has done anything wrong; regardless of their level of support.

People in glass houses should not cast stones. We were not the only ones; at least one more domain (PNWMAS.COM) was purchased by another individual who is very involved in the forum. Somebody who works for an LFS who opposes these actions. This persons intents were the same as mine - to provide the community a place to go. Said person has now cast stones and proclaimed their hypocrisy.

Micah Morton

PNWMAS Vice President/SysAdmin

How could I forget Micah DOH! THANK YOU MICAH

(enforcer)

Totally fine. Happy to help.

Spend the extra couple bucks and get yourself a werker brand battery.

Also, found an old post of yours cached in google with a post count...... best I could do.

Sounds like a dead battery/battery set. All of my APC's do the same thing when the battery needs replacing. What happens is, it'll do it's self-test (once a week or once every two weeks - sometimes "as needed") and when it puts the load on battery, it's too much load for the battery and it stops power the battery side of the UPS. The other surge protection only side remains powered. Is that about the behavior you're seeing?

Squatch and learn!

I've got most of the images back - so the theme looks natural again. The CMS (everything but the forum) isn't working at the moment, but should have that part back tomorrow when Chief wakes up and can send me the files. For now the forum is up. If you see little glitches here and there, shoot me a PM and I'll see if I can fix it. Missing images and such are going to happen.

To quote people from the south after a tornado "All we can do now is rebuild..."