CTU Website Update :D

[cordel]

The computerntelecom.com site is going down while I migrate things into the new system.
I decided to bite the bullet and shell out the $3k to put together a real server for once. This new system is expanable and can grow as needs arise as well as having RAID so we should not see any more disapearing files

The new system is a dual socket F Tyan board with a Dual core Opteron Proc and 2Gigs Ram. It's capable of running the up coming Quad Core Opterons as well. It will be able to run Para-virtualized and fully virtualized OS's.

This is also the begining I needed to start a new set of Distro's. I'm not sure just when I will have these ready but once I get everthing all setup, it will be my primary focus right after taking care of the forums of coarse.

Regards,
Corey

[cordel]

Alright, every thing is in, together, and I have spent fifty hours this last week getting all the base stuff setup. So the OS's are installed and the server(s) are running and I'll be getting them configured over the next few weeks. I ran out of cash so I didn't get everything I had hoped for. I sacificed 2GB of Ram, got almost the cheapest Opteron F socket proc and didn't populate the other socket, and sacraficed the 3ware raid card and the cheaper rocket raid that I was looking at ( That's okay I'll wait for the 3ware card I think . But thats okay as these can be added over time (besides it would be killer to get a couple quad cores when they come out But that would just be playing now wouldn't it ). But, over all is seems to be performing better than I had anticipated and worst case I'll have to pick up another pair of ecc reg ram.

BTW, The Istar case is really nice, but with the Istar Hot-Swappable SATA HDD Enclosure, it overlaps the main board on the left side and is sitting right on top of the SATA cables, so much so that I don't like it, I would suggest going with the 3ware cages instead as they used the waste space on the side of the enclosure to place the fans instead of mounting them on the back and extending the overall length.

The urls are still the same and the packages are still in the same place but some were lost in the drive corruption but I moved what was left to the new system. I'm going to attempt to recover the drive from the build machine that blew up last year and get the rest of the packages and rebuild the repo.

If anyone would like to give me ssh access to their system (Has to be CTU core Distro) would be great and I could just pull the packages out of the cache and would be helpfull, time saving, and get me going forward a bit faster rather than working on data recovery

Also on the todo list is I'm going to setup a Trac site. Every one will be able to use this to report bugs in the RPM's and of course get support for the rpm packages. This may expand to supporting other packages as well if the need arrises and I might add apt or other update support as well if the demand is there. This would give other packagers access to use Trac as well to support their efforts.

I'll keep every one posted on this thread.

[cordel]

While doing this upgrade and shifting things around I had committed a drive to /home to basicly store all the user data, source, rpms, Web site, databases, etc. etc. and this was to be mirrored in raid one, once I got a raid controler card. Well the drive gave up sometime last nite and everything is gone. I'm going to attempt to use a controler card off another drive to recover the data. Else I have some fairly old backups. Is it just me or does Maxtor drives seem to fail allot?

[cordel]

Well the issue with the drive, is the control board has failed. So what is the chance that someone might have in their possession a Maxtor (yeah, I already know, it was cheap) sata 3Gbs DiamondMax10 Model 6V250F0 That has patters going bad?
I would like to strip the controler off of it and recover this drive.

[edit]
new controler on order and should be here by next week

[Lee Sharp]

While doing this upgrade and shifting things around I had committed a drive to /home to basicly store all the user data, source, rpms, Web site, databases, etc. etc. and this was to be mirrored in raid one, once I got a raid controler card. Well the drive gave up sometime last nite and everything is gone. I'm going to attempt to use a controler card off another drive to recover the data. Else I have some fairly old backups. Is it just me or does Maxtor drives seem to fail allot?

My last failing drive was a 2 month old Maxtor. That will be my last Maxtor ever. Too many DOA or "DO soon after A." Seagate and WD for me!

[cordel]

Seagate just bought out maxtor though, hopefully they Drop maxtors designs.

[quietas]

One thing I do have to commend Maxtor on is their customer support. A few years (5-8) back they replaced the same drive for me 6 times of the course of a year. =)

Hey, that's bad though.

Actually it was nice since they upgraded that drive from a 10gb to 40gb in the end. =)

[Lee Sharp]

Seagate just bought out maxtor though, hopefully they Drop maxtors designs.

Naahh... They will just use them to sell the drives that fail QA.

[cordel]

A few things, I got the new card installed and recovered the drive so back to some semblance of forward motion

Now since all my servers have always been setup for doing ZM.... and this is the only place I have linked or otherwise divulged their existence (not including of course search engines that crawl here) I must really say I'm annoyed with whom ever was attempting to get into one of my servers for the past nine days. Come on, I'm not a rookie and have been watching you and apparently you are a rookie. Granted I closed the port tonight any way as I thought you would have given up by now. Any case I have turned the logs over each day to the authorities so good luck with that rook.
FYI I'll bring the port back for you before the end of the weekend or by Tuesday at the latest just so we can have a bit more fun.
Cheers and have a nice day,

[EDIT] Okay I lied, I put the port back two hours later. I just couldn't live with not having it available any time I might want it. BTW, I only ever have root as a user and would never be dumb enough to have any user names with out a password, matter of fact you can give up on the other user names all together as none exisist except for system users. Have fun DA AH

[neilk]

I'm annoyed with whom ever was attempting to get into one of my servers for the past nine days.

you would think the "numptys" would have better things to do , (like try a Mico$oft box ..it's easer.), do they never think they can be traced no matter how many IP's they jump though .LoL

[cordel]

I'm actually considering creating a web page to track and watch this guys failed attempts. Mostly just for every ones amusement I haven't counted how may IP's he's tried but there are several of course as any script kiddy would try. I got hacked once a couple years ago, when I first started putting up linux servers A rook mistake on my part. Tons of googling and reading to learn the ways of the land. He'll be lucky to get in before his grate grate grate grate grandson is born and I'll own him too from my grave
Just not sure yet how they came accross the server whether here, on a search engine or what. Time will tell
hehehehe

[eracc]

If the attempts are against ssh then you are probably dealing with a bot. It will tirelessly try hundreds, thousands or millions of combinations against a port it finds open. I handle this on *n?x servers we manage in two ways.

• 1. Public ssh access from the internet is on a nonstandard port.
  2. Only one login/password user has ssh access as defined in the sshd_config file, root does not.

One can also use key files and such but I think that is overkill and not necessary in the majority of cases.

[cordel]

Thats possible as well. Bot or not though, it's fun to play. I usualy do change the port to a nonstandard port, I just hadn't gotten around to it on the new server, but the chances of him getting in would take many centuries for any bot to get passed unless I screw something up like a user whith a shell and no password. I'd love to share my security secretes but that would obviously be not the best choice but I'm confident that if I did and it's a real person working it, they still would never get in,even in my life time.

[Lee Sharp]

I will share one that is damned handy. fail2ban is wonderful. After a %defined% number of failed attempts at a service the IP address is blocked for %defined% amount of time. It is in the Ubuntu repositories as well.

[cordel]

I would love to share my secrets, but of coarse I will not do that on a public forum. Lee if you are interested, I would be willing to share with you but not on the forum. Maybe once I get my web site back up, I will dedicate a section to security methods that will of coarse cover what I do and several other methods. The best method to start out with of coarse is change your port and disallow root login. Also you can restrict login from certain subnets. Although this is not always feisable for everyone, and I'm a bit cocky
Also the server I have open would only take me 10 minutes to replace if it was compromised and has nothing really on it except the yum packages that are accessable through the web port anyways. Also it's seperated o the net, So really the joke is on them