2718.us blog » dns http://2718.us/blog Miscellaneous Technological Geekery Tue, 18 May 2010 02:42:55 +0000 en hourly 1 http://wordpress.org/?v=3.0.4 DNS, DDoS, and VPSes http://2718.us/blog/2008/07/24/dns-ddos-and-vpses/ http://2718.us/blog/2008/07/24/dns-ddos-and-vpses/#comments Thu, 24 Jul 2008 20:20:09 +0000 2718.us http://2718.us/blog/?p=66 For many years now, I’ve used WorldWideDNS.net for the bulk of my DNS hosting.  On Monday, they suffered a massive DDoS attack, taking out pretty much everything and making a few of my domains (including 2718.us) unavailable.  Now, personally, I consider this sort of attack and outtage at a service provider to be an inevitability, so from my perspective, it’s my own damn fault that my sites went down, since I failed to diversify their DNS across providers.  (Also, I have no intention of leaving WorldWideDNS over this—they have always been a great value and good provider from my perspective and a few hours of downtime in years of using them is insignificant to me.)

Over the past few years, as I’ve moved into VPS-based hosting, I’ve also started to use my VPSes as additional DNS servers, keeping the professional hosted-DNS for geographical and connectivity diversity.  As this incident has pushed me along in making sure that every domain I host has DNS from at least two different providers, I came to the conclusion that, given that I already have one commercial DNS host (giving me three nameservers), the best economics were for me to get a super-cheap VPS to run as only a nameserver.  While not the absolute cheapest, JustGotVPS.com is probably the best price-configuration balance, especially at their cheapest ($5/mo and $8/mo) plans, and they discount for longer-term prepayment.  There’s an entry for them, as well as numerous other VPS options around the $5/mo price point at lowendbox.com.

The tradeoff for this versus a commercial DNS host (since in both instances I’m paying about $60/year) is that the commercial host gives me three diverse nameservers but limits the domains, etc., whereas running my own VPS-based nameserver gives me only one host but substantially greater flexibility.  I would also note that I chose to get a cheap VPS box from some provider other than my primary VPS provider so that my new additional nameserver would not be in the same datacenter and on the same internet links.

I also have been using EveryDNS.com, a free DNS host, for additional backup (I’ve donated since I’m using them on several domains and they seem to provide a good service), but having used GraniteCanyon and others in the past, I don’t consider a free DNS host as a serious alternative to a commercially-provided option.

]]>
http://2718.us/blog/2008/07/24/dns-ddos-and-vpses/feed/ 3
Input Validation: Check your RFCs http://2718.us/blog/2008/05/01/input-validation-check-your-rfcs/ http://2718.us/blog/2008/05/01/input-validation-check-your-rfcs/#comments Thu, 01 May 2008 16:31:33 +0000 2718.us http://2718.us/blog/?p=31 Most drop-in “is this a valid-form email?” functions do label certain valid email addresses as invalid.  In particular, while highly unlikely, it is valid to have an email address at a TLD.  Why did this come to mind?  Very circuitously.  I was watching YouTube videos when I noticed that it was loading stuff from “i.ytimg.com,” which is NOT a valid FQDN.  Each part of a FQDN must be at least two characters, with the special exception of the root nameservers.  While nearly everyone and everything handles single-character hostnames nowadays, there have been and probably still are some servers that choke on single-character hostnames (I know that I’ve had issues with email addresses with single-character hostnames).

By the way, the combination of these two things means that the shortest email address that will validate in (nearly) all format-validation routines is a single character at a two-character SLD under a two-character coutry-code TLD, such as “a@te.st”.

]]>
http://2718.us/blog/2008/05/01/input-validation-check-your-rfcs/feed/ 0
Web Hosting http://2718.us/blog/2008/04/11/web-hosting/ http://2718.us/blog/2008/04/11/web-hosting/#comments Fri, 11 Apr 2008 21:25:12 +0000 2718.us http://2718.us/blog/?p=14 … or “How I learned to stop worrying and just sell my friends hosting.”

I have many friends who aren’t particularly techie types.  Actually, I have very few techie friends.  And they all figure I’m the go-to guy for their tech questions.  Hence, I get asked to “help out” with setting up web sites now and then.

At some point, it occurred to me that, while there were plenty of good vendors I could recommend to peope (I’ll even give a list of some below), if I suggested that a friend use one or more of these vendors, the friend would inevitably still have questions that were vague and not really tech-support questions, and they’d end up back asking me for help.  It’s much easier to help them if I don’t have to go digging through some hosting company’s control panel to find the one messed up setting that I could have fixed in 2 seconds with a command line…

So I should just provide these people with hosting.  This is how I entered the world of small, in some sense “boutique,” hosting.  I’m not a company with credit card processing and automated account setup and 24-7 tech support.  These aren’t mission-critical sites.  When I’m asked, “How do I go about setting up a web site for [X]?” I can explain the overall steps (get a domain name; get hosting; if these are separate, point name at host; make web pages; upload web pages), I can recommend commercial providers (list below), and I can add that while I can honestly recommend those vendors, I can also offer to deal with all the setup and hosting to the point where they have some control panel and can figure out page creation and uploading, and I’ll charge them something or other that we mutually agree is fair.

When things break, I can fix them on the server easily.  If they’re unhappy, I can help them move off to a commercial provider.  And, hopefully, what they pay me defrays the costs of the servers I’m already running my sites on.

Oh, and as a side note, unless you’re doing something fancy or getting a lot of traffic on your site, there is no reason to be paying more than about $1/month for hosting, and contracts longer than a year are probably a bad idea (except where the monthlies are so small as to make month-to-month impractical, say maybe under $5/month, or where there’s a deep discount for longer contracts, I strongly prefer month-to-month payment rather than yearly contracts).

Vendors I currently use:

Vendors I have used in the past and think are generally good:

]]>
http://2718.us/blog/2008/04/11/web-hosting/feed/ 0