[OUTDATED] Important update regarding the status of the Escargot server


#1

UPDATE: This problem has since been resolved. See https://wink.messengergeek.com/t/important-update-regarding-the-status-of-the-escargot-server/4277/59.

Hello, all.

You may know that Escargot is back up, but along that are some huge aggravating caveats that @valtron had to deal with, which also affects us on our end.

So basically, you might know that someone has been trying to DDOS the server, and for good measure, @valtron decided to install some anti-intrusion software to try to halt the DDOSing to a minimum. Unfortunately, it halted on an error due to some nonsensical incompatibility, and in the process, took down Caddy, the thing that made Escargot support HTTPS, which is why you could still login on MD5-based versions of Messenger.

After playing around with it for a few hours, he decided on a simple fix to the problem, which fixed that. But another problem rose up: Caddy now wouldn’t run as a systemd service (basically, Admin privileges), which he found out was due to it not binding to the HTTP and HTTPS ports. Trying to set the permissions manually didn’t work, either. The built-in permissions checker in systemd didn’t do anything as well. He assumed that the anti-intrusion software probably upgraded systemd, so he decided the logical thing to do was to upgrade Caddy. The problem didn’t fix itself, though, so he decided to run Caddy himself.

As it turns out, the latest version of Caddy uses version 2 of the ACME protocol, which is related to HTTPS, so it has to retreive the HTTPS certificates all over again. Since he was running it over and over a lot, this combined with the certificate retrieval resulted in a rate limits error, meaning he couldn’t get any new certificates, nor could he use the old ones.

@valtron just decided to use a temporary Caddyfile, the configuration file for Caddy, and specify older certificates made before the time he had been fighting with Caddy. Apparently, they’re valid for two months as I’m writing this. But even though his Certificate Authority (CA) is Let’s Encrypt, which lets rate limits expire in a week’s time, he still has the port binding issue to deal with. So if a week passes and there’s an extended period of no connectivity to the site or on Nexus and RST-based versions of MSN, no more Escargot for a while.

So, now you see why Escargot is always “unstable.” Things have to screw @valtron over and make the experience a living hell. So in the meanwhile, enjoy these two months of Escargot use on MSN 4.7-8.5 that you have. If 2 months time passes and the server randomly shuts down, time to use 4.6 and below, and for anyone who hasn’t set up their account to have old MSN client support already, either follow the password reset procedure and check the checkbox that allows for old client support when it specifies for a new password, or create a new account with old MSN client support set up on it. Just keep in mind that you MUST do this before the potential shutdown of the HTTP service within 2 months, and that MD5 is an insecure hashing algorithm. This does NOT mean that it is possible to crack, but it is possible to create similar hashes of your password and potentially let hackers break in to your account, which is not 100% or even 50% guaranteed, but be wary of what you’re putting yourself into.

For now, bye.


Another MSN copy
Windows Live Messenger cant connect
#2

thanks for the information.did you have any progress for WLM 14.0 &16.0 ?


#3

damn those versions are on everyone’s mind
oh and no progress at development right now.


#4

Is he using letsEncript for the ACME?

If so, the limits must reset next week.


#5

i dont understand we’ll be able to use msn and wlm for 2 months ? And after it will not works anymore ? Can someone just explain me with other words please ? I dont natively speak English so sometimes i dont understand very well. What he ment by ‘’ No more Escargot for a while ‘’ Thank you


#6

escargot will discontinue the Messenger 8 service, Access will be limited to 1 of 3 versions, before and equal to 7.5, before Nexus (7.0 and below) or completely NO secure service at all (1.0 - 4.7 ONLY!!!)

due to the amount of generated cerfs to keep escargot 100% HTTPS, the generator has been rate-limited, the remaining cerf lasts only to the NEXT 2 months. after, expect escargot to disappear for 3-9 months.


#7

:open_mouth: Oh :frowning:


#8

Does that mean that Escargot will be discontinued in 2 months? Everything but that!


#9

:’( Well… It wil be for a couple of months and after ( 3-9 months ) it will works again ? :S


#10

We will have to see.


#11

i hope this change in 2 months :frowning:


#12

Noooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo


#13

bUT IF THE service is not secure so what it’s bad?


#14

well only msn 4-1 will work and will be insecure so its more easy do hack accounts


#15

Oh god:disappointed_relieved:


#16

But i use 4 on xp and theres no point to hack


#17


#18

Capturar4


#19

:stuck_out_tongue:


#20

Oh… Who tried anyway to send a DDOS attack to the server? @Leo_Historias Maybe? (ok no) but anyway, this really scares me