An often requested feature to the website is the ability to search for specific arrival airports when looking for flight assignments. The ETE search for flight assignments works a little more like it is described now. Previously a search for 2 hours or less would really be a search of 2 hours or less AND more than 1 hour. Now that search is actually 2 hours or less and no other constraints. This shouldn’t affect too many of you unless you were specifically looking for flights of 61-120 minutes in length.

Unlike a flight search on an airline site, flight assignments will not try to find the quickest way to your destination. Instead it will strictly obey your “# of Assignments” criteria. This means that there may be a shorter route to your destination.

In the following screenshots a search for A320 and A321 flights starting at DFW and ending in BIL could be done in 2 legs via Ontario but instead we fly via Kansas City and then Ontario. If you’re looking for the shortest way to get to your arrival, start with the smallest number of legs and work your way up.  You may not find any results if you’re picky and choosing B752 flights that are an hour or less; If you find yourself with no results remove a constraint like limiting your legs to only 1 or try expanding the ETE or adding in some additional aircraft types.

Both cities will also make an excellent weekend break for people looking for something new, both cities have lots to offer with San Luis only being a stones throw away from the San Luis Wine Country which will give all our wine connoisseurs the chance to sample some of that great Californian wine, or even just the chance to unwind on the quiet picturesque beaches. Or if you fancy a weekend break to a calm and peaceful city with lots of little quaint charms then Bakersfield is the place for you. Its biggest income is from Farming and in particular Horse shows and races that run throughout the year showcasing the very best of the country lifestyle. It also prides itself on its history and has many museums featuring lots of exciting exhibits. Or if that is not your thing the city is also famous for its Basque food (A type of tapas) And it has many historic  restaurants featuring this menu. In all visitors to these cities will not be board. So we hope to see you on one of our flights soon.

Are you tired of being all alone when you fly with FS ATC? Tired of being vectored 40 miles out of your way to get to an ILS final? Why not try your hand at the wonderful world of VATSIM? Just as there are thousands of pilots flying around in the virtual world, there are hundreds of controllers just waiting for you to join them in a full blown simulation. Live pilots, live controllers, and no more AI runway incursions on departure roll!

The month of June is DAVE’S BIG ADVENTURE!

Come join Kansas City hub manager, Dave Nichols and the rest of the staff on VATSIM! Dave is a former air traffic controller as well as a retired real world pilot. Until now, he has not experienced the exciting world of VATSIM. That is all about to change. The entire month of June will be dedicated to assisting him and any other pilots who are interested with getting started in the wonderful world of online flying.

To all my Metro pilot friends,

I am very happy to be a guinea pig during the VATSIM June adventure.  I have wanted to be a part of that network both as a pilot and controller but have been discouraged by the downloading process.  I am tech challenged.  This month of training will help me immensely and I want as many of you to come along — not just for the ride but to be an active part of the creation of a group of Metro VATSIM students.   A number of our senior VATSIM certified pilots want to be a part of this as advisers.  This is the perfect time.

Lets get ‘er done!
Dave

Why are we doing this, you may ask? We are a VATSIM partner! It only makes sense to encourage our pilots to take advantage of the totally free services offered by the VATSIM Community.

Here’s what’s in store for you:
-Daily Availability of your MetroAir staff on TeamSpeak(Times may vary).

-Help with establishing your unique VATSIM ID.(Get a VATSIM ID and receive 200 MetroMiles)

-Technical assistance with downloading and installing client software applications to let you connect to the VATSIM network.

-Tutoring sessions for those who may have “mic fright” or are easily tongue tied.

-Already have a VATSIM ID? No problem. Gain added bonus hours for flying online anytime during the entire month!(Bonus multiplier for flying online is currently .2hr. Fly on VATSIM in June and recieve a bonus multiplier of .4hr)

-Get your VATSIM P1 Certification in JUNE and receive an added goodie to your award panel plus some MetroMiles to boot!(Normally 200 MetroMiles, during the month of June 300 MetroMiles)

-Group study sessions can be arranged for those who wan to prepare for the P1 exam.

What you need:

-A stable internet connection.

-A working headset(Any normal internet voice headset will do. Most retailers carry an adequate headset for under $20 US.)

-A little time on your hands to spend on TeamSpeak to get started.

All of the associated software is totally FREE! AND….the MetroAir Staff will be on hand at different times of the day during the entire month for your convenience.

Whether you are just getting started or are a veteran VATSIM pilot, there is something here for you. Put it on your calendar to Join us on DAVE’S BIG ADVENTURE!

Watch the forum’s VATSIM channel for updates on staff availability and TS times.

Scheduled to begin on Jun. 5, the exhaustive maintenance program will see a majority of MetroAir’s fleet flying through one of two maintenance bases at Kansas City International Airport in Kansas City, MO, or the Southern California Logistics Airport in Victorville, CA.

“This comprehensive plan will see all of our aircraft, excluding the Boeing 777s, Airbus A330s and the new Boeing 757s, undergo heavy maintenance, otherwise known as a C-Check.” stated Zak Winnick, MetroAir’s Fleet Director. “It’s a very vigorous program that has been months in the making. Let’s just say, I’m happy to finally get it rolled out!”

A C-Check is performed approximately every 15-21 months or at a certain set of actual flight hours. This maintenance check is more extensive than both an A and B Check. On average, a C-Check requires about 6,000 man hours to complete and sees every centimeter of an aircraft being inspected. The average amount of time an aircraft is in a C-Check can vary from 1-2 weeks.

The beginning phase of the maintenance program will see the rest of the Bombardier CRJ-700 fleet complete their maintenance and will introduce the Bombardier Dash-8-Q200 and Dash-8-Q400s. From there the plan is to build up from smallest to largest aircraft, ending with the Airbus A321. At one point in the program, both maintenance bases will see a combined 10-12 aircraft a week.

The maintenance program is currently scheduled to be completed by the end of January 2014. It will see 220, or 85%, of MetroAir’s fleet in for maintenance by the end of the program.

We all hear how important security is and deep down we know what we should be doing, but do we? You may think  why do I need a complicated password for my forum account. What can a hacker really do by logging into the forum. Well unfortunately for us, we saw what happened. As an Administrator on the forums, great power comes with great responsibility (and great unfettered access to the guts of the system). So you’re a pilot. You can’t change the themes on the forums or mess around with access for others, so maybe you are wondering why password security on VA website matters to you. I guess the answer to that question depends on how much you ? MetroAir. If a hacker gains unauthorized access to your forums and begins to post using your account content that is objectionable and in violation of the rules, it’s very possible that you will be terminated and banned from the airline. While we often will allow rehires for simply being terminated due to inactivity (even tho we may ask you to prove your commitment), terminations due to behavior or failure to abide by some of our most core policies will keep you out and may take a long time before being allowed back. Can we prove that it wasn’t you? Maybe. It depends on how good the hacker was. Ultimately though, you are responsible for your accounts. It’s your job to safeguard those authentication details and make sure they aren’t shared with anyone else. Or to say it in much more direct terms, it’s your butt that is in the hotseat.

Despite how much we all care about this VA, there are much more secre details about your personal identity flying across the internet these days from financial information to medical details. If you don’t want your neighbor to know how much $ you make and why you got that suspicious blood test at the doctor’s office last week, you should probably care just as much to make sure some unscrupulous individual trolling the internet doesn’t get that information either.

Are you motivated yet to start improving your security practices? You SHOULD be!

Antivirus

First, make sure you are running an antivirus program. Viruses and trojans are hidden much more cleverly now. With websites becoming much more media intensive and running other applications like java in the background, simply visiting a website with plugins enabled can infect your machine. Trust the websites you visit but more importantly, make sure you’ve got some protection. It may not just be a website that can infect you; downloads, transferring files from a USB drive (which I have recently heard at a tech conference being equivalated to sharing needles) and via e-mail.

Second, use unique passwords for different websites. Don’t use the same password of “IROCK” on every website you visit. If someone is able to figure that you’re not rocking out so much when you create passwords, suddenly your identity has been stolen and someone has access to your finances, your most personal data, and all of the pictures you ever uploaded to Facebook. And let’s be honest, if you don’t want your mother seeing that picture of you when you were so drunk you fell to the street and probably should have used the restroom before leaving the bar, you probably don’t need the world seeing those photos either.

Unique passwords that have no significance can be hard to keep track of. Unique passwords on post-it notes all over your monitor isn’t very secure either. There are a number of password managers out there now that can help you create a password and associate it with a certain username and website. I won’t get into an argument over which the best one is. I use two, one for personal usage and one that is shared with colleagues for business: LastPass and Keypass. There are a few more out there and they are a simple google search away. If you’re worried that it will complicate things for you, put that fear away. I think it actually makes things easier with features like autofill and autologin; You won’t even need to think about authentication to a website again.

The last thing to touch upon in this post is two-factor authentication. A lot of websites are starting to introduce two-factor authentication. The simplist way of explaining it is it combines something you know with something you have to protect your accounts. Something you know is your password. Something you have is your phone (or something else on your person like a code generator or paper with pre-generated codes). If you use GMail, go into your settings and enable it. Hint Hint to MetroAir staff Recently Apple introduce two-factor authentication for iTunes accounts. Even the MetroAir blog now has an option for two-factor authentication. It’s certainly something you should be investigating if given the option.

In closing, we hope that the attacks on our beloved VA in the middle of April have really brought security to the forefront for all of you and have you questioning your security a little more and paying attention to your online transactions just a little more. Don’t get too lax because we know that you really do rock!

Following the success of least summer’s venture with Island Air of Hawaii, MetroAir announced the return of this partnership for the Summer 2013 season.  Two of our Q400 aircraft have been specially outfitted for the trip to the islands of Hawaii and will be ready for service as of May 1st.  These aircraft will serve many cities in the Hawaiian islands from bases in Honolulu and Maui, like Kona, Lanai, Lihue, and many others (shown on the route map above).  Island Air CEO, Leslie Kaneshiro issued a statement earlier that “Island Air is delighted to once again partner with MetroAir to help us offer our customers new route options in the spacious, comfortable, and quiet Dash 8-Q400 aircraft.”

Also, following the return of two A320 aircraft from Viva Columbia, who had leased them for the winter, the airline announced it would be using these aircraft on a route network connecting various cities in Alaska and the Pacific Northwest with Juneau and Fairbanks.  The Chief Operating Officer, William Hogarth earlier stated that “the new Alaskan network would offer new connection opportunities out of Seattle and especially out of our new Pacific focus city in Portland.”

MetroAir also announced a new venture today by offering service to Australia. The Service will operate on A330 aircraft currently being used on seasonal service to Europe.  These aircraft will be ferried from Baltimore to MetroAir’s hub in Ontario and will operate to Sydney and Melbourne via Auckland, NZ, as well as direct to Brisbane.  These destinations offer direct access to some of Australia and New Zealand’s largest cities.

These summer service will be supplemented by one of MetroAir’s new Boeing 757 aircraft, operating on routes from Honolulu – Ontario, and Seattle – Ontario.  “The 757 will absolutely help integrate the 3 summer route networks by allowing passengers  to directly and easily transfer between services in Alaska, Hawaii, and Australia,” said Alex Norgaard, director of Charter Operations.

The Hawaiian Hopper partnership with Island Air will launch tomorrow (May 1st), followed by the launch of the rest of the network on May 15th after the delivery of the final three 757 aircraft to MetroAir and after the A330s have been ferried from Baltimore.

Backups

Since the incident regular backups of our data has resumed. We initialized the backup services provided by our host that will backup data in 4 slots; We get a backup provided automatically every day and the last two weekly backups. We also get a manual backup slot to take a snapshot of the server at any given moment. While there is a cost associated with this; it is only $5 USD a month. The peace of mind the service provides in the event another catastrophic incident is priceless; Knowing that there is something sitting around that some recent copies of not only our data, but all of our configurations, applications, and scripts that are used everyday to provide teamspeak, up to date FAA charts, VATSIM data, US Airport delays, ACARS, and more are safe and secured is worth a lot more than $5.

In addition to the host initiated backups, we enabled other backup protocols. Twice a day snapshots of all of our databases are being output. We found some ways to improve how the dumps are taking place to minimize the impact on our normal operations. We are also getting backups of all of our web files on a daily basis. Each day we ship those backups almost 1,500 miles from MetroAir’s datacenter to a server that Lindle is running in Dallas, TX.

I’m happy to report that those backup have been running flawlessly for almost 2 weeks now.  While both servers have seen a dramatic increase in bandwidth being used, they are still well under our hosts caps thanks to a recent upgrade earlier this year. This is just another example of keeping peace of mind just in case.

Software Updates

The forum software that was running pre-hack was an older version. While in the past we had kept up with security updates, we recently stopped patching the forums when an update that was done stopped playing nicely with our forum theme. In hindsight, that was silly;  like most things in life, appearance is usually not as important as what is underneath the surface. The hack was a great opportunity to upgrade to the newest version and put the issues of updating the look of the forums out of mind since the priority was restoring access. While we do have plans to update the theme associated with the forums, we aren’t rushing to get that project completed, especially since both of our graphics experts, Rob & Alex, are either on vacation or busy working on other important projects that have a higher priority.

Password & General Security Practices

The importance of general security practices came rumbling into our views. An informal poll of our execs who have unlimited access to our forums which can cause debilitating effects in the wrongs hands showed no one had updated their passwords in more than 2 years; for some of us it was even longer since they were hired on as staff members. We all hear that we should update our passwords often but rarely do unless forced to. Because of the hacking incident, all of the staff members changed their passwords before going back online. We are also looking into policies of requiring executives to reset their passwords for all MetroAir systems on a recurring basis.

We also expired passwords for all pilots to ensure that the hackers weren’t able to impersonate any of our pilots. If you still haven’t restored your access to the forums or are having issues because your forum email account is no longer active, you should contact staff.

We also cleaned up a number of accounts on the forums that were never activated by pilots or which were dormant for a while. Removing unused accounts is a good security practice since for each account removed is one less method of unauthorized entry. That is also a good reminder for everyone that your forum account and pilot account should be using the same email address. If they differ your forum account may be purged by the system. This has always been policy but was not always enforced. That is going to be more important going forward. It is the pilot’s responsibility to maintain their contact information in both systems.

In summary, we’re feeling more confident about what we are doing now. While it was a painful few days of dealing with the attack, we were grateful for the not-so-subtle reminder that we were not impervious to an attack and to step up our security policies and practices.

“So what are they losing” I hear you all ask, we’ll we will see reduction in service to the following Destinations: Barbados, Cancun, Dallas Fort Worth,  Jacksonville, Montego Bay,  New Orleans, Punta Cana, Nassau and St Maarten.

The following cities will be lost from FLL:
Cincinnati, Cleveland, Freeport Bahamas, Key West, Montevideo, Myrtle Beach and Norfolk.

Along side these changes the new list of gates are as follows. Mainline Domestic will operate out of: E6, E8, E9 and E10. Allegius Dash 8 flights will now operate out of F2 and international flights will remain on the H concourse but they will  now operate out of  H2,H4, H6 and H8. These news flights and gates will take effect on May 1st. Following the review in FLL a full schedule review will also take place in Chicago and then Ontario.

After a busy Saturday enjoying the the 74°F (23°C) temperatures taking a walk on the beach at Back Bay Refuge and finishing the day off with some NC style barbecue with friends, I returned home at around 9pm to find Skype messages from Sara and James alerting me of an issue with the forums; This is when it all started to go downhill.

Upon first inspection it seemed that only our forum database had been attacked. We were left with about 10 forums messages but everything prior to that was wiped clean from the database. At the time, the forums were not even loading. After fixing a configuration file to get the forums working and with what was thought to be a limited scope at the time, I began focusing on looking for backups of the forum database. After about 4 hours of searching through every nook & cranny of my hard disks and on the MetroAir server, I was left with 2 possible backups, neither of which were promising. The last full backup of the database was in July of 2012. In November we had done another export of the forums in an investigative move to try looking at alternative forums. Unhappy with the results and with drooping eyelids, I decided to call it a night and try to find a better backup the next morning. What no one knew at the time was that the website was still under attack.

After a restful night of sleep and working out frustrations of the hack at the gym early Sunday morning, I started my work on a plan of restoration. We had different options but none were great. Do we restore the really old backup and lost 8 months worth of content or do we see if we can somehow export data from the testing forum back into the old version of the forums that we were running? Going back and forth and researching options it became apparent the attack was not limited to just the forums or the forum database. During the morning the main MetroAir website homepage was hacked leaving a a marker saying we were attacked by a Kurdish group. Restoring the main page seemed to fix things temporarily but I had no idea while I was taking steps to move forward that there was an unscrupulous individual working to undermine my attempts halfway around the world.

While the website was being attacked I had attempted to log in to the forums. I immediately noticed that I no longer had administrative access to the forums. After correcting that directly in the database and logging in I found that there was only 1 administrator account left. All of the other executives were “demoted”. I was able to reset the password on the account in hopes that the hacking would cease at that point. Unfortunately the hacker had already left a trail and secured backdoors to get back in to cause more havoc.

Before talking about backups I should probably offer a history of how backups worked. For a long time MetroAir had fairly impressive backup routines, for a VA anyway. Around 5 years ago MetroAir would FTP backups to one of Lindle’s servers. At the time MetroAir and Lindle were both using Windows based servers and were in the same datacenter. We moved MetroAir’s server off of a full dedicated server shortly after that and it went to a new virtual private server. It was linux based with a better price point than paying the monthly fees of a full dedicated server. The servers were no longer in the same datacenter, bandwidth caps were a little tighter and Lindle was in the process of considering alternative servers as well. After moving MetroAir we ended up changing the backups so that it would all be stored on the Amazon Cloud. This worked really well. We were backing up not only regular files but snapshots of the databases every 12 hours. After about 8 months though the backups were starting to get out of hand and the monthly fees for storing backups surpassed the monthly cost of  running the server. We ended up switching those cloud backups off. Around the same time our host began offering its own backup service for a simple and flat $5 a month plan. We were all signed up and never needed the service. The backup service handled everything on the server, but for good measure we were still doing snapshots of the databases every 12 hours. As the MetroAir databases grew, taking the snapshots started to undermine performance of the website. You can probably imagine that 5,676,500+ records (1.1GB) of just ACARS positional data could cause some slowdowns when the database is being locked for backup and the website and ACARS is still trying to access it. We ended up cutting the db backups to be less frequent and eventually stopped them altogether when the performance suffered too much. Early this year we switched all of our services to a brand new server. We wanted to update everything to one of the newest versions of Linux. In doing so, everything had to be set back up again. One of those things was the automated backups with our host. Since it was a different server, it was not automatically backed up. Unfortunately, it was never re-enabled meaning we had no backups. Aghhh!

Early Sunday morning I had got a call from Lindle asking if I had known about the hack and offering his assistance. He also reminded me of the automated backup service from Linode saying that he was going to enable that on his own server in light of recent events. It was a good reminder to get things re-enabled and start the backups on the MetroAir server again.

During all of this, in hopes of restoring the forums an installation of the newest version of the forums was in progress. We had began importing some of the older posts into the newly created forums. William was able to help set up some of the back end of the forums by assigning permissions to certain boards and removing some of the older members who had never logged into the forums. Derrick worked on cleaning up some of the forum accounts as well while James helped to poke his head around trying to find things that were broken in the forums and website.

By 8pm on Sunday it looked like we one of the most devastating blows of the attack was in progress. This time the hacker was deleting files. The entire website was nonfunctional and some of the core files needed to provide services had been deleted from the system. The hacker replaced the website with links to adult websites and lewd images. It was the one time that I wished there was a “recycle bin” I could use to get things back quickly and painlessly. Luckily, that reminder from Lindle to re-enable the backup service couldn’t have been at the most perfect time. I was able to restore the entire server from the very first backup that it had done a mere 7 hours earlier. It was backed up to a completely new server and the IP addresses of the server were changed. We were hoping this would keep the attacker away.

Despite our hopes, we were finding despite the IP address change and restoring things back, the attacker had found us once again. The main website page was left with a simple message for us saying “You all suck.” Finally late Sunday night after combing through webserver access logs I was able to find the source of the continued attempts. The hacker was able to hide his backdoor by naming a new file on the system something that looked like it should be there. Would you have seen something wrong with twittter.php? While I would love to think that our pilots were checking out MetroAir’s twitter feed as much as the access logs were indicating, it was a little skeptical. I went to the page and was quickly devastated seeing just how much access the hacker had to the server’s filesystem. I changed the page around leaving a simple message for the hacker. At that point it seemed as if the backdoor was closed and we would be on the road to recovery.

With everything patched up, we thought we were good to go. Early the next morning while continuing with cleanup efforts we had scoured the system to see if there was any other telltale evidence the hacker left behind. While we were searching for him, he was using one of his last backdoors that he had placed on the server. Twittter wasn’t the only one he had left; it was found in some other innocuous spots on the server as well. This hacker was smart. He wanted to make sure he had access after we had repaired each hole. This time we were a step ahead and found each backdoor that was left on the system and worked to remove them all. For one and for all, order was restored and we were finally confident that things had been cleaned up and we were able to keep the hacker out. We also employed some firewall tactics on the hackers IP range; If you’re in Turkey anytime soon don’t expect to be visiting the MetroAir webpages.

So what exactly did the hacker have his dirty hands on? First he used the forum software itself to purge “old” posts. Unfortunately old for the hacker was everything that wasn’t in the last day. Technically he could have backed up the database and seen email addresses, this hacker seemed to be much more concerned with being malicious and leaving a trail then silently trying to access user data. He wiped files in the forums and main websites. He managed to clean out every single resource we have like gate charts, every download available that we offer, and our latest Monthly Updates. Even the images and scripts used to generate our forum signatures for pilots and the static signatures used for staff were missing. Almost no stone was left unturned but I’m confident that better days are ahead as we complete our restoration efforts of ensuring everything is back to normal. The last big challenge we have is “prettying” the forums with our own spin, though we are just happy with the simple knowledge that it’s back up and running and our pilots can post again without issue.

Part 2 where we discuss what we are doing differently will be out later this week and part 3 discussing your own online security will be out shortly after that.

If you have made it this far, thank you. I’d also like to take the opportunity to thank Sara, James, William, Derrick and Lindle for their concern and cleanup efforts taken to restore the MetroAir that we all know and love!