So what the Feck is the fuss all about? seriously guys i like the TR but if this is where its heading u can add me to the same unsubscribe list as the Straits times.

SNAP OUT OF IT… for readers sake!!!

Recently got this Indian man, was accused of supplying weapons to Tamil Tigers and the article by ST clearly also link him as a founding member of a opposition Party and the party support for a “wanted man”.
http://www.straitstimes.com/Breaking+News/Singapore/Story/STIStory_438662.html

Not long ago, got this Tan Lead Sane who has family problem
and was stabbed by wife of his brother, who happened to be a member of another political party.
http://www.straitstimes.com/Free/Story/STIStory_252816.html

Then of course there was the example of Steve Chia taken pictures which could have happened to any avid photographers. Again, ST did not failed to link him back as a NMP.

What I want to say is that when there are others who tell TR not to sensationalize this issue, must also consider this as the same medicine for ST.

Now, the grouse is that Mr G is wrong. TR article say TR and SPH are talking different time periods, so they can obviously be both correct. No?

Aiyah, the very basic main point is: so what if someone is grabbing the site??? Rolleyes! How come your host provider so sensitive? But bravo to TR, this is really BOOMZ!

RAB basically tracks an IP address through the entire network and monitor its behaviour, ie: everything it does and whether it was conforming to established TCP/IP protocol.

It also blocks spoofed IP and by spoofed IPs, that includes those that are reserved and invalid, examples of which you have already given. RAB recognises a spoffed IPs not by the IP address alone but by the characteristic of the packets and behaviour exhibited, so your claim that it cannot detect a spoofed IP not listed under the reserved IP range is not true.

The syncookie I do agree is ineffective against a DDoS but it does help in detecting spoofed IPs since a return hash has to be sent by the host computer to make the packet a valid one.

You said: Neither RAB nor syn-ack has anything to do with stopping the alleged grabbing “attack”. It’s simply stopped because it exceeded a threshold.

That is also true. The reason for the mention was because it the IP had been spoofed, it WOULD NOT have been allowed through the firewall at all and I wrote that dispelling the claim by the SPH journalist that the IP address was spoofed.

The said incident was stopped by a feature on the software firewall called connection tracking.

Orange said: If suppose SPH says they’ve concluded that it was due to normal browsing by a staffer whose browser does prefetching, would you be satisfied?

SPH have DENIED that any of their staff was involved in this incident. Would you have accepted anything else?

Furthermore, thats certainly NOT normal browsing unless one of their staff is someone in the soap opera, HERO.

OK then.

Just saying that the original article, “/2009/11/02/sph-and-recent-ddos-attack-on-temasek-review/” seems overly-dramatized, if your server wasn’t affected, etc.

If suppose SPH says they’ve concluded that it was due to normal browsing by a staffer whose browser does prefetching, would you be satisfied?
Would you further want to know the staffer’s identity?
Do you think it is within your rights to demand that info?

This whole incident shows that if you all have been accusing the Govt of monitoring people’s IP addresses for “security reasons”, you should open your eyes and brain BIG BIG and realise that TR and all its anti-govt yakkers are also dictators, and are monitoring YOU, and your IP address too!

Come on guys, if you are truly anti-establishment, then please REALISE that TR has become an ESTABLISHMENT TOO!!! Its time to whack TR!!! Boomz their servers, woohoo!!! Bring ‘em down…

That’s why we published the article to ask SPH what is going on.

This is our site and we were informed by our system administrator that a IP address traced to SPH was caught “grabbing” our entire site.

It is our right to find out what is happening. Neither you or us or anybody else can answer the question.

This is not “normal” browsing as Sinkapore has already explained earlier.

We reproduce what he posted:

“The SAME IP address was logged to be simultaneously connecting to the server at a VERY SHORT interval, hence the IP was repeatedly logged immediately one after the other. This is the characteristic of a web grabber kind of software (it may also be sort of a SYNC attack but a SYNC attack would be grabbing the same content instead of multiple), certainly not any browser’s characteristic”

Again, it goes back to the questions we asked in the initial article: why is there a need to “grab” the content from our site at one go when all of them are already in the public domain?

Can it be offline reading? Or it’s simply a fault of his browser’s prefetching? Or he’s researching about alternative media?

Come on, you believe they want to use your articles for publish? We’ll all strike lottery if they can publish any of your articles. There’re so much grousing and grubbing and anti-this anti-that everywhere. Once all of that is removed through a very thorough deep cleansing, what’s there to publish?

You are right: the most important KPI for us now is Alexa ranking, not that the rest doesn’t matter, but based on our limitations at the moment, they can be KIV for the time-being.

TR is an evolving project. It will gradually adopt a centrist position to reach out to the mainstream audience. It will not remain stagnant like this forever.

In the near future, such articles will never be published in TR again as we want to become a full-fledged online news daily instead of a mere blog.

This article is as objective as it can get. Everything is based on facts. We did not make any wild accusations against SPH in them.

We simply rebuke the points raised by Mr Pereira one by one. You should be questioning the objectivity and accuracy of Mr Pereira’s article and not ours.