Can't/Won't Pay Your Bill? It's Ned's fault.
August 8, 2006 11:18 AM   Subscribe

"It's entirely possible the Lieberman Campaign was indeed paid up on whatever hosting package they purchased, but they had not purchased sufficient bandwidth to meet the demans. It's important to understand the difference between not paying your bill, or just not planning properly. I suspect for the Lieberman Campaign, who appear to be leaning toward being luddites, simply didn't know or plan for the bandwidth demand their site might see.

Certainly Lamont cannot be blamed for Lieberman or his campaign aides being ignorant."

...I own a web hosting company (***********.com) that uses the same software as the Lieberman site. That screenshot that the Lamont folks grabbed is a standard automated warning from a website control panel known as "Cpanel". Most large webhosts host many thousands of domains and their systems are automated. If a bill goes unpaid, or bandwidth is exceeded by a specified amount, the site gets auto-suspended and that Cpanel page replaces the index page. It's possible that the site was suspended for exceeding their bandwidth allotment as opposed to not paying their bills, but for someone like Joe Lieberman to not have his ducks in a row on the night before an election like this is quite telling.

OK, so http://joe2006.com/ is hosted by http://www.myhostcamp.com which is currently redirecting to http://suspended.page/ which is obviously not a proper address. Looks like their ISP is INCOMPETENT, speaking as a UNIX admin, there is no excuse for redirecting to an invalid domain other than stupidity. I was thinking that the redirects could be done as a last ditch attempt on a load balancer if the server farm was overwhelmed, but guess what. There is no load balancer, a tcp fingerprinting shows its a Linux host, and not only that, it's not even running a firewall.. MySQL is running on an open port (pretty sizable security hole), and oddly enough, it's running an IRC daemon - which is a notoriously stupid thing to run if you value your bandwidth (its a service just begging to be used for DoS). Looks to me like it's either 1) amazing incompetent admins or, more likely 2) a honeypot server just asking to be crashed so someone can point fingers. No admins I know are stupid enough to setup a server like this.

...so it looks like a managed server which planet.com leases to myhostcamp.com, who runs multiple domains on that one machine (unless its a round robin DNS load balancing scheme, but I haven't detected that after resolving from four different locations, so it looks like a single machine).

Oddly enough, myhostcamp.com has a very small (re: almost no) online presence, tho it does show up here: http://www5.geometry.net/... "Geometry.Net - Religion: Evangelical Free Church Of America" some sort of click harvesting link page.

Strange going ons, looks pretty phony to me. [source]

$ ping 69.56.129.130
PING 69.56.129.130 (69.56.129.130) 56(84) bytes of data.
64 bytes from 69.56.129.130: icmp_seq=1 ttl=55 time=35.5 ms
64 bytes from 69.56.129.130: icmp_seq=2 ttl=55 time=35.8 ms
64 bytes from 69.56.129.130: icmp_seq=3 ttl=57 time=36.4 ms
64 bytes from 69.56.129.130: icmp_seq=4 ttl=55 time=35.6 ms
64 bytes from 69.56.129.130: icmp_seq=5 ttl=57 time=35.4 ms
64 bytes from 69.56.129.130: icmp_seq=6 ttl=57 time=30.1 ms
64 bytes from 69.56.129.130: icmp_seq=7 ttl=57 time=35.6 ms
--- 69.56.129.130 ping statistics ---
7 packets transmitted, 7 received, 0% packet loss, time 6062ms
rtt min/avg/max/mdev = 30.188/34.966/36.419/1.975 ms

...it's clear that Lieberman's website isn't suffering from a Denial of Service attack.

But now I have the definitive answer as to why Lieberman's site went down.

They are paying $15/month for hosting at a place called MyHostCamp, with a bandwidth limit of 10GB. MyHostCamp is currently down, along with all their clients.

Here's the deal -- you get what you pay for. My hosting bill is now over $7K per month. A smaller site doesn't need that much bandwidth, but if you're paying $15 because your $12 million campaign is too freakin' cheap to pay for quality hosting, then don't go blaming your opponent when your shitty service goes out.

For their part, the Lamont campaign has offered its technical expertise to get Lieberman's site back up (which could be done in an hour by a competent sysadmin), and has added a link to the googlecached version of Lieberman's site at the top of their blog.

One side is acting mature, the other is running around making baseless accusations.

Update: Dan Gerstein, Lieberman spokesperson, admits they have no evidence Lamont's campaign or his supporters are behind their website woes.

I'm telling you, it's down because they were too cheap to pay for quality hosting. That's a lesson to all of you campaigns skimping on hosting. $15 won't cut it."

1. Unless and until Lieberman's hosting provider releases his logfiles (gateway router, www server, mail server, DNS server) for forensic review, all of this is speculation.

2. Using the following information:

a. the site has been down for 18 hours
b. email to (and from?) Joe2006.com addresses has been affected
c. Joe2006.com and mail.joe2006.com resolve to IP 69.56.129.130
d. the reverse lookup on that IP is 82.81.3845.static.theplanet.com
e. joe2006.com now forwards to http://server1.myhostcamp.com/
suspended.page/

3. It's highly unlikely this is a true DoS of DDoS attack. This is because we can ping all the IPs noted above and we can see the page at http://server1.myhostcamp.com/suspended page. If this was a real DoS or DDoS attack, we'd not be able to see any of this and their servers would not be answering their ping at an average of 50ms (millisecond) per packet. True attacks bring down servers, routers and networks. From all available outside evidence this does not appear to be the case.

4. Here what might have happened:

a. Web traffic spikes as national focus on the campaign grows
b. Based on (2b) above, if the webserver is throttled by traffic (due to actual traffic or poor response tuning or an attack or a combination of the three), this would also affect mail delivery to joe2006.com. It could also affect outbound mail if users on that domain use that address for SMTP service.
c. The server is most likely a shared one, since the name, server1.myhostcamp.com, implies lots of other hosts live on it.

5. Regardless of the explanation (3 or 4), here is what you do when that happens:

a. You grab your local backup (you do have a local backup of your files (both scripts and database snapshots, right?).
b. You find a host that specialized in high bandwidth hosting and you get an account going ASAP. There are plenty of ISPs that would take your money to expedite this.
c. You move your files up, test that everything is working
d. You redirect your DNS so that Joe2006.com points to you new server; this change doesn't take very long to propagate because you make sure that the DNS update uses a very low TTL (time to live).
e. If needed, you separate your mailserver mail.joe2006.com from your webserver joe2006.com/www.joe2006.com so as to keep your mail up and going.

Steps a-e can be accomplished, especially with the kind of site Joe had up and running before this incident (nothing particularly complex), in less than an hour or so by a competent sysadmin."

"For the past twenty-four hours my toaster oven has been acting funny. I turn the little darkness thingy all the way up and the toast still comes out only half toasted. I believe this is a retaliation by my political opponents for my blogging about their dirty tricks.

Since becoming a left-wing wacko I have lived my commitment to being lax on security by occasionally leaving my front door unlocked. It would be child's play for my political opponents to sneak in, diddle with my toaster oven, and slink back out into the night their nefarious diddling accomplished. Of course, it's totally unreasonable to expect me to be able to fix it myself.

I call on Senator Lieberman to make an unequivocal statement denouncing this kind of dirty campaign trick and to demand whoever is responsible to cease and desist immediately. Any attempt to suppress voter participation (how can you vote when you're worried sick about your toaster oven?) and undermine the voting process on Election Day by depriving me of decent toast on which to slather my peanut butter is deplorable and has no place in our democracy."

$ dig joe2006.com mx
(trimmed stuff from here -- eriko)

joe2006.com.            86364   IN      MX      10 mail.joe2006.com.

$ telnet mail.joe2006.com 25
Trying 69.56.129.130...
Connected to mail.joe2006.com.
Escape character is '^]'.
220-server1.myhostcamp.com ESMTP Exim 4.52 #1 Tue, 08 Aug 2006 13:36:59 -0700 
220-We do not authorize the use of this system to transport unsolicited, 
220 and/or bulk e-mail.
HELO
250 server1.myhostcamp.com Hello  [XXX.XXX.XXX.XXX]

The campaign of Senator Joseph I. Lieberman admitted that their website was not “hacked” on the day of the Democratic primary race for the United States Senate between Mr. Lieberman and Ned Lamont, a Greenwich multimillionaire whose antiwar candidacy proved unexpectedly strong, but that it "crashed" due to the “gross incompetence” of the system administrator responsible for maintaining their technical operations. “It’s true,” said Mr. Lieberman’s campaign manager, Sean Smith, “We should have never listened to Senator Stevens’ recommendation that we hire a television repairman to maintain our tubes on the Internet.” Smith, referring to Senator Ted Stevens (R.-Alaska) recent claim that the Internet is a series of tubes, and “not a truck,” added, “It is unconscionable that our opponent did not inform us earlier that we were operating a sub-par website and e-mail operation. Furthermore, how dare they wait until the day of the election to offer us their technical support at the time of our greatest need?”

http://www.meetned.com/ 69.56.129.130
http://www.joe2006.com/ 69.56.129.130

MeetNed.com - Up.
Joe2006.com - Down.

Lieberman's internet consultant Dan Geary, who oversees Joe2006.com, says he's still sure that their site suffered a "malicious attack." But when pressed, he said that they weren't sure that it was a "Denial of Service" attack, as he'd said earlier. He didn't have any more information about the nature of the supposed attack. "I've spent 99% of my time speaking [to reporters] about the story," he said.

"Why the hell is Joe Lieberman’s campaign site hosted by these people (site down — probably not because of dirty deeds, by the way) under the cheapest plan available? And why do Lieberman’s FEC filings say he’s paying $1500 to a different company for web hosting? No, we seriously want to know. These aren’t rhetorical questions.



We have to assume that Lieberman paid the guys named above (click to enlarge slightly) to find hosting, and “2 Dog Media” went with the cheapest option available..."

"Joe2006.com was setup by Dan Geary who has an e-mail address at Hotmail and no discernable website. Likely, someone in the Lieberman camp knew Geary to be 'technical' and someone who could help out. I’ve never heard of myhostcamp and I’ve been working with websites and website providers a long time, making it possible that Geary personally knows, or is even involved with, the myhostcamp.com hosting company.

While it’s possible that someone actually hacked joe2006.com, from what I’ve seen, this seems to be the least likely option. More likely, this whole episode started last night with a simple over-usage of bandwidth....This looks to be simply the work of an inexperienced technical consultant...." more ...

Diane Farrell for Congress
Norwalk Democrats
Senator Bill Finch

Anyway, this looks like a DoS attack to me.¹

• Whatever has happened, it's certainly not a simple drain the available bandwidth attack, as the other sites hosted on the same IP have run without interruption.
• The mail server, as eriko demonstrates, is perfectly operable despite claims otherwise.

Being from CT, Lamont winning is probably not a good thing.²

Error
An unexpected error has occurred on this page.The system administrators have been notified.

The error occurred in:

http://www.statementofvote-sots.ct.gov/StatementOfVote/WebModules/ReportsLink/USSenCountyView.aspx?Parameter=08/08/2006-Primary

Error Message:

A Crystal Reports job failed because a free license could not be obtained in the time allocated. More licenses can be purchased direct from Crystal Decisions or through the Crystal Decisions Online Store.

160 of 748 Precincts Reporting - 21.39%
Lamont, Ned, 35,942, 56.01%
Lieberman, Joe, 28,227, 43.99%

89 of 748 Precincts Reporting - 25.27%
Lamont, Ned, 40,934, 55.09%
Lieberman, Joe,	33,375, 44.91%

UPDATE: 253 precincts in, 60K votes for Lamont, 50K for Lieberman.

376 of 748 Precincts Reporting - 50.27%
Lamont, Ned, 70,444, 52.13%
Lieberman, Joe, 64,700, 47.87%

The reason Lieberman's site is down is the reason EVERYONE "hosted" by myhostcamp.com is down (including myhostcamp.com, which is the tipoff to what's going on).

484 of 748 Precincts Reporting - 64.71%
Lamont, Ned, 89,814, 51.60%
Lieberman, Joe, 84,231, 48.40%

MAJOR UPDATE: 80% OF THE VOTE COUNTED: 117K VOTES FOR LAMONT, 103K FOR LIEBERMAN. Someone calculate this! CT Blogger is saying, "It's over." Let's wait and see.

"[N]o matter what happens later today, Wednesday will be the worst day of press for the progressive netroots in years. If Lamont loses, we will be branded as ineffectual, irrelevant, extremist, and destructive. If Ned Lamont wins, we will be branded as powerful, relevant, extremist, and destructive."

are the Casino workers Union?

"...63 percent of those polled said they thought Lieberman should not run as an independent candidate if he loses the primary, as the senator has said he will. Only 24 percent said Lieberman should stay in the race if he can't win his party's nomination."

[The Day | New London | August 5, 2006]

702 of 748 Precincts Reporting - 93.85%
Lamont, Ned, 134,942, 51.65%
Lieberman, Joe, 126,330, 48.35%

We're going to be breaking some news shortly on the Lieberman mystery site outage. Stay tuned

"We just finished the first half and the Lamont team is ahead."

Now he's saying he's going to "unite, not divide." By running a rogue candidacy.

the last one I saw showed Lieberman winning by a HUGE margin, bigger than any lead he ever had in the Dem primary.

Maybe, just maybe, we'll get lucky and see more politicians from both parties abandon their party and actually care more about their constituents than their political affiliation.

this is his last chance to save both from the cesspool of unbridled partisanship.

its that Lieberman will be forced to tack right for the rest of campaign in order to win, and will undermine other Dems nationwide in the process.

"Dear Senator Reid:

With Senator Joseph Lieberman's loss to Ned Lamont in yesterday's Connecticut primary for the United States Senate -- in which he was running as a representive of the Democratic Party of which I am a proud and registered member -- and his subsequent public statement that he would be abandoning the party to run as an independent candidate this coming November, I call upon you to strip him of all committee appointments effective immediately. He has taken a definitve stance in seeking to run counter to the majority vote of Democrats in Connecticut. Such a position demonstrates a lack of commitment to the party in general. No longer does the Senator deserve the committee positions he holds."

"[FBI Field Agent David] Straretz noted that if Lieberman 'hacking' charges prove false, the FBI and federal prosecutors could pursue charges against those who reported them. 'If it was fabricated and you could prove intent, there's Title 18, Section 1001, which is providing false statements to an FBI agent. That can be prosecuted at the discretion of the U.S. Attorney's Office.'"

"Sixty percent of Americans oppose the U.S. war in Iraq, the highest number since polling on the subject began with the commencement of the war in March 2003, according to poll results and trends released Wednesday.

And a majority of poll respondents said they would support the withdrawal of at least some U.S. troops by the end of the year, according to results from the Opinion Research Corporation poll conducted last week on behalf of CNN.

....Sixty-one percent...said they believed at least some U.S. troops should be withdrawn from Iraq by the end of the year.

....Asked about a timetable for withdrawal of troops from Iraq, 57 percent of poll respondents said they supported the setting of such a timetable..."

"The defeat of Senator Joseph Lieberman at the hands of a little-known Connecticut businessman is bound to send a message to politicians of both parties that voters are angry and frustrated over the war in Iraq. The primary upset was not, however, a rebellion against the bipartisanship and centrism that Mr. Lieberman said he represented in the Senate. Instead, Connecticut Democrats were reacting to the way those concepts have been perverted by the Bush White House.

Ned Lamont, a relative political novice, said he ran against Mr. Lieberman because he was offended by the senator’s sunny descriptions of what was happening in Iraq and his denunciation of Democrats who criticized the administration’s handling of the war. Many other people in Connecticut may have felt that sense of frustration, but no one else had the money and moxie to do what Mr. Lamont did. Mr. Lieberman was stunned to find himself on the defensive, and it was only in the last few weeks that the 18-year veteran mounted a desperate campaign to reclaim his party’s support.

....The rebellion against Mr. Lieberman was actually an uprising by that rare phenomenon, irate moderates. They are the voters who have been unnerved over the last few years as the country has seemed to be galloping in a deeply unmoderate direction. A war that began at the president’s choosing has degenerated into a desperate, bloody mess that has turned much of the world against the United States. The administration’s contempt for international agreements, Congressional prerogatives and the authority of the courts has undermined the rule of law abroad and at home.

Yet while all this has been happening, the political discussion in Washington has become a captive of the Bush agenda. Traditional beliefs like every person’s right to a day in court, or the conviction that America should not start wars it does not know how to win, wind up being portrayed as extreme. The middle becomes a place where senators struggle to get the president to volunteer to obey the law when the mood strikes him. Attempting to regain the real center becomes a radical alternative.

When Mr. Lieberman told The Washington Post, “I haven’t changed. Events around me have changed,” he actually put his finger on his political problem. His constituents felt that when the White House led the country into a disastrous international crisis and started subverting the nation’s basic traditions, Joe Lieberman should have changed enough to take a lead in fighting back."

[New York Times | August 9, 2006]

"...in two House primaries on Tuesday, Republican and Democratic incumbents also lost. Usually these upsets suggest the national mood is rising against incumbents, as well as against Congress itself.

And well it should.

A new Washington Post-ABC News poll finds Americans who approve of their own representative's performance is at the lowest level since 1994 - the last time control of the House switched parties. Usually, voters simply have a low opinion of Congress but then vote their senator or congressman back in. Incumbents have well rigged the electoral system to give them many advantages, from fundraising to gerrymandered districts. But now the percentage of voters disenchanted with their representatives has risen seven points, to 45 percent.

Some of that increase could be related to a rising disgust with the way the Iraq war has been handled by both Congress and the Bush administration. But it may also arise from Congress allowing its powers as the first and most representative branch of government to be eroded by a wartime presidency and by a string of Supreme Court decisions.

And voters are increasingly turned off by the extreme polarization of the win-at-any-cost politics that's developed over decades and ends up with both parties using national issues to score points rather than solve problems with a bipartisan spirit.

The image of a gridlocked, dysfunctional Congress is very clear in the way lawmakers have failed to pass reforms that would solve the crises in immigration and energy, and that would translate into reality for voters. Impasses within the marbled halls of Capitol Hill that then lead to blame games - e.g., 'do-nothing Republicans' or 'obstructing Democrats' - may play well to the most partisan of voters, but not to the vast moderate voters who increasingly declare themselves as independent. And let's not even dwell on recent cases of blatant graft, a rise in pork-barrel profligacy using undebated earmarks, a decreasing number of days in session, and strange timing in House roll-call votes.

Those in a supine Congress who would reform the institution itself - even if Democrats win a majority of seats in November - are still too few, but perhaps growing. The first override of a Bush veto came only last month, six years into his term. Senate oversight of Bush's wartime legal powers seems to be increasing.

Too much can easily be read into Lieberman's primary defeat. But perhaps it really is the signal of a political shift toward institutional reform that would outlast the current national debates over the Iraq war or the Bush presidency."

[Christian Science Monitor | August 9, 2006]