Replacement Post
This is a new post to replace the Rehab post that is being used to discuss start-ups, computer issues, and other technical stuff. Comments get automatically closed after a month, but the kvetching and problems tend to be longer term.
109 comments
BTW Bryan, I read about the suicide of AAron Swartz. A real tragedy for no good reason! I am very happy to see your banner promoting justice and a repeal of the insane law that caused his death. (Not that I would expect anything less from you of course). I only wish I could sign my support, but I’m not a US citizen. But still, if there is any way I can help, let me know m8!
I think things are still tough all over, and especially in Europe because austerity is destroying demand by pushing up unemployment. Anyone who looks like a valid sale is going to get buried.
As long as people don’t start jerking me around I stay with the same vendors. It gives me some power when there are problems, because everyone wants a stable customer who pays their bills on time, if not earlier.
I thank you for your thoughs, Kryten, but I think you are probably already doing what you can by working against too much cooperation between your government and mine in the brain-dead collection of Wars on Nouns™. So far Australia has avoided the worst, and knowing that there is a place that isn’t totally screwed up that you can flee to is comforting, even if you never exercise the option.
You could probably do a tourist campaign – Come to Australia and forget about Obama, Cameron, and Merkel for a while.
You could probably do a tourist campaign – Come to Australia and forget about Obama, Cameron, and Merkel for a while.
😆 I know you are joking (well, half joking!) 😉 But that is not an insane idea at all!! Except, I may change that to something like:
“Obama, Cameron, and Merkel for a while. Our Politicians may be useless, but they are not totally insane! Our Laws still protect the Citizens… mostly.”
I probably shouldn’t add: “Besides, our fauna needs more feedstock!”
LMAO
I’ll decide on my hosting later today. I’m about halfway through the SWOT. 🙂
Apart from Hosting services, I have also been working on security and site management/maintenance and other ancillary services I’ll need. 🙂
I’ve been using Comodo’s Security & Management products for about a decade. I have a good relationship with them, and have been a beta tester for several products. They have always been responsive, and their support is excellent. So, I get good discounts and freebies, which helps! 😉 😀
I’ve signed up for Their Endpoint Security Manager 3.0 PE with CIS (Comodo Internet Security) with 10 endpoint licenses (I only need 3 or 4, but the licenses are only in 5 packs, and they had a great deal!) Also the Login Pro – Remote Desktop, & Network Center (manages/automates remote backup/restores), the SecureDNS 2.0,and lastly, the Unite VPN! Eventually, I’ll look at the Comodo SSL products, though I already have a free site cirt & eMail cirt. 🙂
Once I have my online stuff completed, I’ll go see the bank about finalizing the loan to build my new Dev WS, then I’ll convert this old box into my local Dev Server equivalent of the host I go with (and that’s one of my SWOT criteria, that I can mirror the online host virtual environment). Then it will be full-on workaholic for awhile! So much to do, so little time… 😉 😆
You are always welcome to come visit Bryan, if you need a sanity/stress break. 😉 😀
BTW, I have been meaning to ask for awhile… Can you send me an email, then I can email you a few things. You should have my add’y from the comment email. 🙂
Hey Bryan! You mentioned the great little Raspberry Pi earlier… I came across this thread while browsing for Hosting info. 🙂
EDIS GmbH was offering free Colocation of the RPi in 2012, but have stopped new orders (they were swamped apparently!)
http://www.lowendtalk.com/discussion/2641/we-colo-your-rpi-for-free
https://manage.edis.at/whmcs/cart.php?gid=6
LOL Amazing! 😀
(ONce I get through all this hosting stuff and have the sites up and running, I plan to get a couple RPi’s! Assuming I can get one without waiting 6 mths! Popular little beauties. 😀
OK. I have finished my SWOT, gone over everything, and am ready to order! Just waiting on clarification of a couple things with 2 of the hosters, and I am ready to go. 🙂
LOL I got my replies while I was writing this… (I started it an hour ago! I had a few more questions for one of them, and they answered within 5 min’s each time!)
So… I have just paid AU$92.75 for 3 Months hosting! And THAT is a load off my mind I can tell you!
Now… I just have to wait for my baby to arrive!! Oooooh… I am soooo nervous! (and it’s all my fault! They have to manually provision some of the stuff I DEMANDED! Demanded I tell you! (Well… asked politely actually… But they kep’t saying “Sure. No problem!” I mean… What is one supposed to do when they keep saying yes all the time to every stupid thing I wanted? *sigh* (Almost all of the others said no to at LEAST a couple things!) And they had the temerity to actually ask me questions! Nobody else did (except for the guy in Lithuania, and no, I didn’t go with him, but he was my 2nd choice in the end).
😆 I’ll post up the details later. I am exhausted! 🙂
Ciao! 😀 (my new host is in Italy! 😉 And they have been in Business since 1997, and have a huge client list (with some big EU companies on it!)
Since they are in Italy with big Eurozone clients, by the time Merkel is done you may be their biggest client. They certainly prefer payment in AU$ [or Reals or Rupees, for that matter] rather than Euros, and probably have an Australian bank if they are on top of the ‘Cyprus money grab’ [coming soon to Italy, Spain, Portugal, and possibly Ireland].
RaspberryΠ certainly have been shocked by the demand. They were looking at the school market and didn’t anticipate the tech consumer demand. They envisioned a hobby, and have become a decent sized hardware vendor. I will get one to use as a ‘Net terminal, so I can do some big stuff on the big box.
There are a lot of hobbyists out there. One of my office-mates builds robots as his hobby and enters them into various robotics contests and wants a Raspberry Pi to replace the more limited CPU he has in his current robot. The other just wants a Raspberry Pi because he’s a geek. My problem with the Raspberry Pi is that it relies on a binary blob of drivers. That is because it is based on the Broadcom BCM2835 SOC and Broadcom are a**holes. I know the guy in charge of Linux development for the nVidia Tegra line of SOC’s and their drivers are completely Open Source (as you would expect for someone whose name is in the Linux kernel who is now The Man). Hopefully at some point nVidia will gift the Raspberry Pi folks with a “C” model of their hardware that is based on their SOC :).
Bryan, I will certainly stash the 750Gb in case of future problems with the returned SSD. I have no use for a 750Gb rust-spinner for any of my other projects, they’re all based on booting off a small flash drive using my big Linux server for actual storage. My laptop goes everywhere with me though so is not capable of doing that (though it uses the big Linux server for its backups).
Kryten, my deal is that I have two iron-clad requirements: a) I need to have access to the data even if the original program is not available for whatever reason, and b) it needs to do snapshotting backups so that (within reason) I can restore a file that is accidentally deleted or corrupted from backups as of a time that it wasn’t corrupted or deleted. I trust my backup system because I wrote it (note that I’ve written not one, but *two* commercial backup systems in the past, though the current system doesn’t use code from either of those). I have looked at pretty much every commercial backup system on the planet for Windows, and I trust very few of them because they violate requirement (a). Oddly enough, hoary old Windows Backup comes closest to meeting the requirements of (a), since it stores files basically as-is except compressed, but I decided on a rsync-based system because my snapshotting backup filesystem (ZFS) does its own compression and de-duplication and there was no need to duplicate what it does at the backup program level, that just makes things slower. I know how to make a system image via a live USB stick but dislike taking my laptop offline to do things like that since it’s my primary desktop computer (my big server usually doesn’t even have a monitor attached to it, I use IPMI KVM-over-LAN to access its console when necessary). The Windows functionality for creating a system image while online is utter rubbish so that doesn’t help me alas.
Kryten, ESXi works amazingly well but the licensing is ridiculous. I don’t see how any ISP could make money selling ESXi-based cloud when the functionality of, e.g., moving virtual machines from one server to another, is built into libvirt for free for both KVM and Xen. I know why companies use ESXi — it’s far more stable than KVM and Xen for small-scale deployments, I’ve had no (zero) issues running our corporate infrastructure on ESXi while a certain number of problems with KVM even on the stable Centos 6.4 platform (mostly with libvirt locking up when doing migrations in certain cases, solved by migrating the VM’s to another server and restarting libvirt), and cost isn’t really a big issue for ESXi in an internal corporate deployment since it saves so much power and space compared to running discrete servers — but ISP’s run on razor-thin margins. Just don’t see it…
I thought of you yesterday when M$ dumped its monthly updates on the world. It’s a real pain updating two on Win7, one on WinXP, and then two virtual WinXPs.
It is hard to think about improvements to a product that you can’t keep in stock, but it would be a great vehicle for nVidia to be associated with. Given the demand, you could certainly make money on a razor thin margin.
I assume that the lack of a decent backup program is part of their push to get people to move to the cloud and rent their applications from M$, as they did with Outlook and their Calendar function.
Bryan, Microsoft’s lack of a decent backup program long predates any cloud move, and is totes based on their lack of understanding of what actual customers want and need. Personally I think any programmer who goes to work for a computer company should be forced to spend at least one day per month doing nothing but taking customer support calls. Same goes with all the “program managers” and executives. After the first five hours, their initial reaction will have to be “this fuggin’ sucks”. Their second reaction will be, “how can I make it so that these idiots won’t call me with the same stupid questions a year from now?” Their third reaction will be “gah, our customers are idiots, we have to design our software to be operable by idiots or we’ll be stuck answering the same stupid questions every month for the rest of our career!” And the software will improve. Alas, computer companies isolate their programmers from actual customers. And marketing too. Marketing, specifically product managers, need to be assigned to those support calls at least one day per month too. Maybe then they’ll start focusing on what customers need, rather than on bullshit marketing checklists.
But it ain’t gonna happen in the company that the Dweeb built. So it goes.
BTW, I modestly believe that the reason I am good at designing great software is that I *did* put in my time in customer support. Three years of that, in fact. Plus have done actual IT so know what I want and need on that front, which is why a backup program that I designed in 1999 is still being sold today — I’d been a network admin, so I *knew* what I wanted. The technology of the day was not, alas, up to achieving my Holy Grail, which was basically Time Machine on steroids (a decade before Apple did it!), but we got as close as we could given the limitations of the available technology, and the current owners of that software have taken it even closer.
But again, programmers at the company that The Dweeb built would *never* get their hands dirty, like, doing actual IT work. Why, that might derail their career path or something! So it goes.
Oh yeah, the update dump: ROFL! And Microsoft wonders why network admins hold off on installing security patches, thereby making their networks easy prey for hackers? Yay Microsoft!
One of the most annoying things I encountered writing custom software was how resistant managers were to letting me talk to the people who would actually be using it. It is a lot easier to change things before you have thousand of lines of code put together. The users also know what the input looks like, and what the output should look like, as well as the intermediate reports that they need to do their job.
Most managers do understand that the reports they receive are usually summaries of much more detailed reports that are often required for tax and/or legal reasons.
If you do all of your work on a network and the admin takes care of the details, like backing up, you are not apt to understand the importance of good software to do the job. You are also unlikely to understand what a total PITA it is have to start at the beginning and repatch the OS after crash, and then reinstall all of the applications and patch them. M$ doesn’t know or care because they have pushed off almost all of the support to the hardware guys with the OEM licenses. With their current employment practices, no one is around long enough to care what crap gets pushed out the door, because they know they will be following the software ‘out the door.’
Thought it was about time for an update. 🙂
As I mentioned to Bryan in an eMail, I have my VPS now. The Hosting deal I have is with an Italian company called Prometeus. The deal I wanted they are out of but are getting new servers next week and they should be online in 2 weeks, then they will migrate me over. 🙂 They have two provisioning limits. 50% on Biz servers, 75% on lower hosting (non biz), which is still better than most providers!
http://www.prometeus.net/sito/KVM-VPS
The plan I have now is called KVM9, the one I will be moving to is the KVMSSD9 plan. Eventually, when it’s warranted, I’ll move to one of the hig-end BIZ plans. :)
As well as this, I have a MYSQL Offload server. (I’s a dedicated server they have specifically created to run MySQL with very high performance (and is one less thing I will need to worry about!) I am paying $6 / yr for that! (Seriously! They gave me a discount.)
It run’s Percona 5.6 and it’s provisioned with 4GB RAM, 5GB SSD (and I can increase that for 1 GB @$3 / yr or 3 GB @ $7.50 / yr; plus unlimited bandwidth.
They are only charging me US$13 / mth for the 20GB offsitebackup w/ R1Soft CDP Backup + the R1Soft CDP Agent license so I can manage it and do my own backups whenever I want. Also $30 / Qtr for the DirectAdmin CP + CustomBuild + Installatron and a few other addons.
I’ve installed CentOS 6.3 x86_64 (actually, I did it twice. The first time I accidentally did the full Desktop install instead of the basic server install. I was thinking about my CentOS setup here. That’s what I get for doing it at 1AM!) 😉
I am finding that VNC is a real PITA! Slow as a wet week! I plan to install X-11 and run my X-term. It’s a lot faster! I plan to run Xmanager Enterprise 4, I came across a 60% off deal in Feb and got a license. I’ve tested it,a nd it’s very fast. 🙂
http://www.netsarang.com/products/xme_overview.html
Thanks for the eMails Bryan (and no worries about delays, I know you are busy m8!) 😀
I forgot to mention… If anyone wants to get an excellent Backup/ recovery/ HDD imaging/ HDD cloning software at a good discount, Farstone have a 60% off promo deal. I use their software (as well as Paragon above) and they are excellent!
http://www.farstone.com/promotions/email/promotions-2013-04-03.html
Now you can play with these toys until the next collection arrives. Getting software up and running is a pain because we have all done it so often that we don’t give it the attention it deserves. I hate it when I have to re-run an install because I clicked once too often in anticipation of what was going to happen, and they changed the sequence on me.
It is starting to get real, and that is always a good feeling – progress at last.
Have fun… 😉
Oh yeah! 😀 I’m having terrible flashbacks to 08-09 and all the problems I had getting the LM VPS up & running with Joomla! 1.5 (which you helped me test out, thanks much!) Still… I am hoping this new VPS which is much better provisioned, and the fact that the Joomla! developers were finally forced to eat crow and *LISTEN* and have fixed much of the Joomla inherent and ridiculous faults! Still, v3 has changed a lot since 1.5, so I have a bit of a learning curve. Actually, everything has changed. CentOS 6.3, the KVM VPS (which I have read much about, but never actually used), new DA… etc! And I will be using WP for the blog *SIGH*! I do much prefer Drupal (and I did create a couple Drupal themes for my blog), but I need to get some serious WP experience because many people use it. 🙂
Shouldn’t bee too bad. I’ve been preparing for months, and have signed up with several sites that are *experts* in the various areas I’ll need help on. I made sure they all have active 7 useful (and friendly!) user support communities, and that their products are ‘best-in-class’ (especially so as some of the subscriptions were expensive). Such as: GraphicRiver, iStockphoto & WeGraphics (royalty free photo’s & artwork, templates, themes, mock-ups, PS brush & action sets, fonts, icon’s etc, etc), the Shock group (DesignShock, Grid Layout Shock, IconShock, jQuery Slider Shock, ThemeShock, WebDesignShock) Heh… They had a deal on an Easter special for a 1-off US$149 payment for lifetime access to all their sites & products, including full unlimited commercial usage. A great deal.) JoomlArt, Compojoom & YOOtheme, and others. 🙂
My plan is to get the blog up, then some test/demo sites and get used to it all again. Then setup my commercial site. 🙂
Thanks again! Good luck to us all. 😀
So, I should be ready to go.
Good luck w/ the WordPress, Kryten. WordPress is great if you’re happy with the way it’s shipped. But once you want to do something that’s not supported by WP’s theming engine you’re in for a world of hurt, one of which is that updates will break your fixes that let you do what you want, rather than what WordPress wants. Compared to the infinite flexibility of Drupal it’s a PITA. On the other hand, if *all* you want is a simple blog that looks like a WordPress blog rather than like what you want it to look like, it’s great.
Yes, been there, done that. My Jeep club wanted a new web site that was more flexible than their old hand-hacked 90s-vintage one (the hand-hacker retired anyhow) but looked similar. Their old site’s format was easily templatable — by something other than WordPress. Hacking WordPress to be able to handle something that even approximated the old site (it doesn’t, really, but close enough for gratis work, if ya know what I mean) was a PITA involving deep dives into huge glops of inscrutable PHP (which is only a few steps above Perl on the readability curve). On the other hand, it was hella better than hacking it in Joomla like our other tech guy, Stu, wanted. Joomla bites so bad that I’d still be stuck in Jell (like Hell, except sticky instead of hot). And it lets our tech-phobe club officers post updates themselves rather than requiring webmaster intervention, which was my whole goal in the first place — that the webmaster merely take care of the infrastructure, rather than have to update the content too.
What I want is something as easy to use as WordPress, and as flexible as Drupal. That, alas, appears to be asking for something hard. Sigh!
What I want is something as easy to use as WordPress, and as flexible as Drupal. That, alas, appears to be asking for something hard.
Yeah! I agree with that. Thing with Drupal is that it started out as just a blogging engine, but they decided to turn it into more of a CMS with a blog component. *shrug*
Looks like I’ll have WP 3.5 installed. Wonder how many of my plugins will be incompatible?! I’ve tried to stick with jQuery based plugs, so hopefully that will minimise problems.
I just found out that my host, Prometeus, just spent a big bundle on buying a couple of Hitachi Unified Storage (HUS) 150 rack systems. One with 260 400GB MLC SAS SSD’s, and the other with SSD’s & SAS 15k RPM HDD’s. Apparently they can hold up to 960 SSD’s! I had a look at the HDS site, and I am actually impressed. Especially that given the massive storage capacity, they are reasonably compact. 🙂 Can’t wait until they get the SSD one installed and running and I get migrated over! 😉 😆 One think I like about Prometeus… I get at least 1 eMail a day with constant updates on provisioning/expansion progress, faults, outages, promotions, etc. None have affected me yet (and the stat’s on my server say that it’s been up 174 days, since it was first started). Nice to know! 😀
I’d much rather be using Perl than PHP because it’s more stable and secure now. But it’s just not possible these days. 🙂 I just updated my Zend Studio to 10.0.1, and my CakePHP subscription, and have just installed my PHP IDE of choice (CodeLobster, it works very well with Zend). And d/l the latest phpMyAdmin, phpMyBackupPro & phpDocumentor!
I am really annoyed at one of my s/w suppliers I’ve been using for years! They have changed the way the licensing/registration works on the latest versions. When my HDD, GFX card & PSU died last week and I had to reinstall Windoze, but the CD for the XP that was installed had read errors, so i used another (I have several). Now none of their s/w would authenticate because they are already licensed to the previous Win + H/W ID which has now changed!! I sent a request to support 4 days ago (and I have a Priority Support account I paid for), and haven’t heard a peep!! They better fix it, or they will be the FIRST review I do… and it won’t be pretty! And I’ll make sure it get’s posted to FB, G+, Twitter and every other social engine and online s/w review site out there!
I told them (via eMail) that if they spent half as much effort making their products better for their PAYING customers and much less on a pointless & useless attempt to make them crack proof, they’d save a fortune and have more happy paying customers, especially since the crackers are laughing, and the paying customers are getting ripped off and bloody annoyed! Morons.
Meeeah!
Updating WP is a PITA. I have a file compare utility so I can find out what code has changed so I don’t have to FTP a lot of identical files, and I have to ‘fix’ so changes to I made to existing files to, for instance, allow people in comments to use more than the regular HTML codes allowed in the vanilla version.
Just running the file compare saves a lot of aggravation. It would be nice if they offered ‘update versions’ that only contained the the files that were changed or altered, but I produce my own. Still, it seems to be more stable and easier to use than other systems, and I like the template.
WordPress — stable and easy to use, yep. Flexible, nope — only within its own strict limits and only with much hackery when you update to a new version, as you discovered.
Drupal has an amazing amount of add-on features and functions. Basically anything you want a web site to do, Drupal has something that’ll do it, whether you’re talking blog, forums, publishing large documents, whatever. The downside for that is enormous complexity. Still, it’s my favorite CMS for many reasons (just one that’s overkill for anything I’m trying to do, thus why my Jeep club is running WordPress!).
HDS makes some great gear. Unfortunately it’s also priced like it’s made out of gold. We could never afford HDS gear at my prior employer. Yet we had an EMC storage array. That tells you something about how $$$ HDS gear is ;).
The problem with WordPress is that they don’t have any way except hacking to make even minor changes. They have a separate file now that you can use for your hacks, but it doesn’t work to modify what I want modified. It is a pain in the neck. I still can’t find the point in the code that requires a minimum of 15 characters for a comment. It is truly annoying, but I live with it because Blogger kept breaking on me, and then they wiped me out on the switch to version 2.0. I really hate that. At least I can test the new versions of WordPerfect on my backup site before loading them on my main site.
Question is the world ready for IPv6? I can convert over and get a permanent IP address on IPv6, but there is concern that many ISPs can’t work with it yet. Opinions?
I have IPv6 running on both my web site and at home, but at work if you had an IPv6 address it would be one of those “can’t get there from here” deals until I can get a new router deployed there. The deal being that routers last a long time — this one was bought in 2007 and still works fine otherwise — and back in the mid ‘oughts when a buncha routers were bought due to gigabit Ethernet becoming cheap, IPv6 wasn’t on the roadmap for Cisco and friends. So it simply won’t route IPv6, period. Most of the el-cheapo home routers (and even some of the more expensive ones) won’t route IPv6 correctly either. My Apple Airport Extreme will, but it was a $$$ router when I bought it, and Apple generally gets sh*t right…
I thought that the move might be premature. The problem is that if I switch, I can’t go back. Eventually people would be able to reach the blog, but eventually we will all die, so it probably isn’t a good idea in the immediate future.
The hosting company wasn’t pushing the concept, they just let people know it was available. They sounded cautionary, and tend to be conservative. They offer the latest bells and whistles, but don’t recommend that anyone use them if what they have is working.
My hosting company allows having both an IPv6 and an IPv4 address at the same time, so I have everything giving out both A and AAAA records (IPv4 and IPV6 DNS records) so that if your router *does* support IPv6, you’ll get the AAAA record and reach it there. But yeah, IPv6 just isn’t there yet for most of the home routers and a surprising percentage of business routers. The amount of actual IPv6 traffic that I get is miniscule.
IPv6 is a bit of a Catch-22 Bryan. When I was looking for Hosting, I saw that many were offering IPv6 for free (or a block for a very low price), but prices on IPv4 are getting more expensive. I read in several places where they expect that by the end of the year, IPv4 addy’s will cost a fortune, if you can get one. Most VPN providers don’t give you a private IPv4 anymore (unless you are prepared to pay a premium), they use DHCP now. That’s one of the problems I had. I had to find a Host that would give me at least 2 dedicated IPv4’s for a reasonable price as DA requires them. With Prometeus, I have 4 dedicated IPv4, and a /112 block of IPV6. Luckily, my router here supports IPv6, and Windoze has supported it since XP (amazingly!) 😆
So, from what I’ve read… there is a BIG push by IANA and the RIR’s to get IPv6 accepted pronto! IANA announced in Jan 2011 that it had exhausted it’s free pool of IPv4 addy’s, so companies have known for some time now (in fact, it was first announced in the 80’s, which is why IPv6 was developed in the first place). Th exhaustion of available IPv4 addy’s is being accelerated mainly due to the accelerated take up of Internet aware mobile devices. It’s going to get interesting! 😉 😀
Yeah Badtux that HUS 150 is expensive, and a serious beast!! The full config (3 racks) weighs 981 kg (almost a ton) and uses up to 14.5 KW (when using 15k RPM 3.5″ drives), less with SSD’s of course. Hitachi calls them their ‘Most eco-friendly mid-range storage system ever’! LOL One thing they did do is reduce the battery capacity by 2/3 by using 32GB high-speed flash memory for primary cache! That’s expensive right there! The back-end bandwidth is impressive too, up to 19.2GB/s.
Hitachi Unified Storage 150
Well, I guess Prometeus must be making money if they can afford those beasts! And the fact that they never oversell or over load the servers (as I said, Biz systems are provisioned to 50%, others are 75%) and they have been in business since ’97. All reasons I chose them. 🙂
Badtux, I don’t know if you’d be interested in this…
StackSocial do some great deals on Mac products now and then. they currently have one of their ‘Name Your Own Price’ deals going on 10 Mac products worth $399 (RRP). They put 10% of whatever you choose to pay towards a charity (they have 3 you can choose from). Anyway, might be worth a look. 🙂
The Name Your Own Price Mac Bundle 2.0
Obviously IPv4 is going away and IPv6 is the reality, but if the routers won’t find the place, it doesn’t do me much good. Some of the non-commenting lurkers are still on dial-up because there is no broadband available [in one case I know a mountain prevents the possibility of satellite], or it is too expensive.
I’ll wait.
Kryten, the only thing I use my Mac for nowadays is music, though if I had to travel I’d take the Mac rather than the Windows laptop simply because the Mac is so much more portable.
The core problem with IPv6 is that the IETF decided to re-write IPv4 from scratch, thus creating a dual-stack problem, rather than simply extending the IPv4 address space. They decided DHCP was passe’ so designed it to rely on router advertisements instead, gave it no provisions for NAT, and they decided its address space should be entirely separate from IPv4 so didn’t simply tack bits on at the beginning. When you write programs that use IPv6, you have to use an entirely different set of subroutines for anything dealing with opening sockets or listening to sockets. When you firewall IPv6, you have to use a completely different set of firewall rules that operate on IPv6’s fundamentally different principles rather than use the same firewall rules you use for IPv4. It’s completely nuts, but that’s what happens when you have a bunch of academics with no real-world experience doing stuff. Of course, they could not conceive of the commercial Internet when they were doing all of this, they figured, eh, we do a Day Zero with a few hundred universities and big businesses to convert them all to IPv6 in one fell swoop as was done for IPv4. Reality sorta bit them, heh. But if we had an IPv4.64 that was exactly like IPv4 except with bigger addresses, we’d already be past all this address space exhaustion BS and be back to talking about the Year 2038 problem…
OK, now I see my problem – I assumed a rational response that would be easy to implement, like Y2K, just add two leading digits, which would be zeroes for IPv4 addresses. I dealt almost exclusively with intranets, so it never occurred to me that they would rewrite everything. That is such a total PITA. it would be like switching to YYYYMMDD from MMDDYY to fix Y2K.
Yeah, I’ll stay with IPv4 until I can’t.
Setting up this VPS is definitely reminding me of LM!! So far, the only great thing about this is the speed! LOL (I did a ‘yum update’ after a fresh minimal install of CentOS 6.4, and it updated/installed 96 packages totaling 121 MB in 13 sec’s!) I guess I’m happy with that! 😉 😀
I suspect that at least the 2 dedicated IPv4 for DA I am supposed to have, aren’t! I’ve sent a ticket to verify. These guys must have deep pockets, they own 3 entire IPv4 blocks (the one’s I have been allocated from are in the 37.0.0.0 – 37.255.255.255 block).
I may just have to move my domain management/registry to them! I wanted to keep them here (in Aus) for a few reasons, but if it makes all this easier… *shrug*!
And have I mentioned that VNC SUCKS!
(I feel a tad better now)! 😉 😆
I think I may need most disk space sooner than I expected (though I will get an extra 10 GiB when I’m migrated to the SSD server).
This is my current partition scheme:
———————————————————
Server has 50 GiB HDD (will be 60 GiB soon)
OS: CentOS 6.3 x86_64
/boot 50 MiB
swap 4 GiB — 2 x RAM (2 GiB)
/tmp 1 GiB — Mount /tmp with noexec,nosuid in /etc/fstab
/ 5 GiB
/var 5 GiB — Logs and databases stored here on Redhat/CentOS/Fedora
/usr 5 GiB — DA data, source code, MySQL backups with CustomBuild option
/home 30 GiB — Roughly 60% for user data (including Dovecot eMail). Will be 40 GiB when migrated to SSD. Mount with nosuid in /etc/fstab
Note: MySQL databases will be hosted on their own server, but backups will be stored locally.
———————————————————
I may increase /tmp to 2 GiB. See how it goes (will be easy and fast to mess around with the partitions due to the excellent R1Soft backup s/w).
Ah well… back to it!
You’ll want 100Mb minimum for /boot, Kryten, and I usually allocate 200mb. The 2.6.32 kernel is seriously fat and the initrd that Centos builds is pretty fat too. As in, I just checked my /boot directory on one of my virtual machines on my infrastructure and I have three 14mb initrd files, two 4mb kernels, and two 2mb map files, for a total of 54mb. And that’s without a kdump initrd, if I had kdump configured that’d be another 20mb initrd file. When you do a ‘yum update’ it doesn’t erase the old it just adds a new, up to three kernels, and if you don’t have space for that then Bad Things Happen. Believe me. I’m running a flock of these Centos machines, I know.
In general nowadays for Centos aside from /boot I allocate the rest as logical volumes. Leave 20% free at the end so you can make snapshots to do time-consistent backups (one of those tricks they don’t tell you about in the Red Hat manual). On Fedora 18 you can do snapshots at the btrfs level, but I don’t trust btrfs inside virtual machines, its trees get entirely scrambled if there is a power outage due to the out of order execution of iops caused by the VM infrastructure, whereas hoary old ext3/ext4 with their fixed allocation of resources tend to at least be mountable after a power outage, unlike btrfs or (to lesser extent) xfs, both of which expect that disks don’t lie (that is, if you do a write and the disk says it’s been written, it darn well got written). Well, the only way to get decent performance for VM’s is for disks to lie. You do the math :).
Example of using LVM to do point-in-time backups of a filesystem to a backup NFS share:
Lines from /etc/fstab:
/dev/storage1_diskgroup_0/esxnfs_snap /snapshot/esxnfs xfs defaults,ro,noauto,nouuid 0 0
storage2:/backups/esxnfs /import/esxnfs nfs defaults,noauto 0 0
Backup script to back up a snapshot of a VM directory:
#!/bin/sh
# Back up snapshot of the esx nfs file shares.
umount /snapshot/esxnfs
lvremove -f /dev/storage1_diskgroup_0/esxnfs_snap
lvcreate -L 100G -n esxnfs_snap -s storage1_diskgroup_0/esxnfs
mount /import/esxnfs >/dev/null 2>&1
mount /snapshot/esxnfs
cd /snapshot/esxnfs
if [ -d biblios.foo.com ] ; then
if [ -d /import/esxnfs/biblios.foo.com ] ; then
rsync -av * /import/esxnfs
fi
fi
cd /
umount /snapshot/esxnfs
lvremove -f /dev/storage1_diskgroup_0/esxnfs_snap
Gaaaaaah!!
VNC!!!
No screen buffer! And no scroll bars!! Sure… it has a ‘record’ function… But when you are doing a huge build of dozens of source tarballs (including Apache, PHP, MySQL… etc.) that’s gonna be one HUGE file!! THis system is real fast, and it just took DA just over a half hour to modify code and compile! And now… I have no idea what the DA server PWD is, cause stupid VNC won’t let me look back 3 damned lines! Arrrrrrgh!
Sorry Badtux! Didn’t see your posts. (and I’m a tad annoyed just at the moment!)
Yeah, I already decided to increase /boot after seeing little space left. I made it 150 MiB.
All the backups (except MySQL for now) are handled by R1Soft and on dedicated “local” & offsite servers, and I have one locally here. Backup’s are full daily, then hourly incremental, and then a full weekly. DA keeps a real-time backup whenever data is created/modified, which can be sent offsite (here for now).
Thanks for the help, and the script. 🙂 Could prove quite useful! 🙂
Oh! and the logs are useless as they all reached their limits about half way through the build. *sigh*
Haha! Me = 1! VNC = 0! Happy Dance!
Pays to be a hacker! I managed to hack the buffer and get the data. Phew. That was lucky.
Well, after all that… and it being after 3AM…
It’s: Yawwwwn… Sleepy time!
G’night all… I guess I’ll see what havoc awaits me when I get up… after a couple strong coffee’s that is! 😉 😀
No one does any decent work before midnight, Kryten – the vibes are wrong and the caffeine level isn’t high enough.
Ah for the days of the main frame core dumps as the only sure way of debugging almost anything other than syntax errors. Sitting there with a hilighter and that stack of hex. Good times 😈
I over-sized my boot partition because I keep thinking about trying another flavor of -IX and I had an empty terabyte of disk to play with.
We both had a good day, as the 3.51 loaded without apparent problems, and the hacks seem to be in place.
Yeah, it is always good to be able to bypass the ‘safe-guards’ on occasion to get stuff done.
Kryten, are you using UltraVNC? It’s the only decent VNC client for Windoze.
I personally don’t run a GUI on Linux VM’s because it’s nothing but trouble, as you found out with your VNC experiences. I ssh in via my favorite ssh client and do things that way. Yes there are nice GUI configuration tools for most things on Linux now, but I prefer hacking the raw config files with /bin/vi :twisted:. On Windows there isn’t a choice since that’s what KVM’s console is on older versions of KVM (the newer versions have Spice, which is still bad but not as bad as KVM), but I use the GUI just long enough to enable remote desktop support, then use Windows RDP from thence onward.
Sounds like both of you had a better day than me. I am working on a database script and while tests were running (which take a while with 20 million records), I was migrating Linux virtual machines from my ESXi infrastructure to my KVM infrastructure. For Centos 6 VM’s that’s pretty painless, the VM’s Just Work once booted under KVM (assuming you’re running the stock kernels, which have pvops support). The problem was that my KVM infrastructure kept falling over. Which baffled me. Finally I realized that the problem was that one of my switches did not have jumbo packets enabled. I fixed that, and things got slightly better. Then one of my storage servers started being unresponsive. I went in and found that it was getting lots of mptsas bus resets that would hang the entire SAS subsystem until done. Finally the RAID kicked out the bad drive so I grabbed it out and put a good drive in and started the RAID rebuilding, and carried the bad drive over to my desktop computer (which runs Centos 6.4) to see what was wrong with it. I pushed it into the hotswap bay and… my computer gave the Three Blinky Keyboard Lights Of Death! Which of course disrupted one of my 20,000,000 record database test runs! I handed it to my officemate who then plugged it into *his* computer, and it promptly did nothing at all except whine that it couldn’t do anything. Amazing that one drive can cause such havoc on a SAS bus!
So once that was resolved, I checked the jumbo packet situation again and found that one of my compute servers was not responding to jumbo pings. So I fixed the config file that I’d forgotten to put a MTU=9000 in and restarted networking, and it refused to give it a 9000 MTU! I said F it and migrated all the VM’s to another compute server (I love NOT having to pay someone for hot-migration capability with KVM!), and rebooted that compute server. It came back up with proper 9000 MTU on the storage network (which is 10 gigabit thanks to an eBay find on my part :twisted:).
So finally I got the last VM migrated that I was going to migrate today, which happened to be the engineering WWW server. So I logged in to the Wiki to document the changes I ‘d made today. Or tried to, I should say! It wouldn’t let me log in! Finally much searching brought me to the conclusion that it was not creating session objects for some reason. But why?! They said “permissions” but I hadn’t changed any permissions when I ran vmkfstool -i to copy out the snapshot of the VM, then qemu-img to convert it to qed format! While I was looking at the www logfiles (which were utterly useless), I noticed that the time was a day in the future for some reason. So while trying to figure it out, I ran ntpdate to fix the date/time, and clock -w to save it, then restarted ntpd (which won’t handle big time differences). Then I realized: My cookies were being PRE-EXPIRED!. And then I logged in to the Wiki just fine, since my clock was now right :).
So I left another test run going, and went home. Staying at the office any longer would have been a bad idea, because with my luck today, something *else* would have gone wrong!
Ouch!
Sorry for sucking out so much of the luck available from the computer gods, Badtux. I’ve had a few days when almost nothing seemed to work, but I don’t remember ever having one that bad.
OUch is right! Sounds like you inherited the week-from-hell that I had!
Well, as we all know my friends, living in the *IT World* is never easy, and often a PITA! And anyone who say’s different, has obviously never worked there! But the pleasure comes from winning out at the end and beating the damned machines and the double-damned programmers! 😈 Yeah… one of the best high’s there is (if often an exhausted high!) 😆
Yeah, I tried UltraVNC and even the commercial RealVNC Viewer Plus. But they wouldn’t connect properly to the SolusVM, and I had to use the built in Java client (which I think is TightVNC). Anyway… all in the past now!! Now that I have SSL/SSH running, I’m using my old faithful SecureCRT! Now problems with that, been using it for years. 🙂
PS. How do you all like my little kitty pic’s 😉 😀 I’ve been uploading a bunch I’ve had for ages to my MediaFire acc’t to test it out. I’ll need a couple volunteers soon to test the file system to see how painless it is for others (it works fine for me, but as the Admin, everything works). One of the nice features (on paper anyway) is that MF allows people to scale the images before d/l. Those above are half size). 🙂
OK. So back to it mateys! Good luck Badtux. 🙂
Well, Bryan, everything was working at the end of the day. Thus why I left. Never tempt the computer gods :twisted:.
Kryten, I’m seriously surprised that UltraVNC didn’t work. It definitely has worked on everything I’ve tried it on. Just goes to show how f’d up the VNC protocol is, there are a half dozen variants arbitrarily different (Apple’s being the worst violator, but there’s plenty of others) and making one client work with all of’em is… painfully difficult, apparently.
So now you’re going to compete with ICHC, Kryten? Well, there can never be too many cat pictures on the ‘Net as that’s what it was created for, as everyone knows 😈
It is always a good plan to leave when it’s finally working after a series of problems, Badtux, because we know that if we do anything else, it will break again. Been there, and done that. Some days it certainly seems like you are personally breaking things just by being present.
BTW, got the 10G networking going. Did a ‘dd’ of a file on the NFS share to a virtual machine on the compute server. Got over 500 megabytes per second thruput — in a virtual machine mounting a NFS server via a paravirtual network device. Yeah, baby! Mo power! :twisted:.
I have one more server left to add to the 10G network, I scored a transceiver off of eBay and it should be here this upcoming week… but this new infrastructure is gonna *scream*!
Hi guys 🙂
Way to go badtux. 🙂
I’m back as school. *sigh* 😉 I figure, if I am going to do this properly, i beed some refreshers and updates. Seems everything has changed a lot the past few years and I am out of date! I still have some good luck it seems. I scored free access for a month to Sitepoint (one of the best IT resources on the ‘net, and usually expensive!) So, I’ll be busy d/l everything I can for the nest few weeks! 😆
“Due to our collaboration with Inky Deals, you’ll have a month’s free access to the courses, including all 34 video tutorials, articles, eBooks, and file downloads – as well as the chance to share your knowledge and experience within the course’s own community.”
I bought a bunch of artwork & frameworks etc from Inky Deals. They also had a great deal on a great Admin template & mod’s for WP 3.5 that the reviews say is a “must have”. I grabbed this deal as well (and scored an extra 10% discount with a promo code I found) GIYF! 😉
http://www.inkydeals.com/deal/full-design-library/
I also grabbed these Rockable Premium WordPress Themes With Developer License (usually $447) for AU$25. 🙂 I like the Rockable framework and the themes are very well documented and look good. Plus the Dev license means I can remove their labeling & sell them under my brand (if I want) and customize them any way I want.
http://www.inkydeals.com/deal/premium-rockable-themes/
I grabbed a few other deal from them also. Basically, I got over $3k worth of royalty-free, copywrite-free design kits & elements etc. for less than $100. It will save me a lot of time getting my sites up, and creating my portfolio. In total, it was almost 7GB of professional resources to d/l. Not a bad deal. 🙂
I may need to get another external HDD. I only have my little Buffalo NAS with 4 x 2GB in RAID 5 (6 isn’t an option on the smaller NAS), and it’s half full! 😉 😆
Nahhh Bryan! Nobody could compete with ICHC! 😉 😀 I just like kitties! (How do you like the Jihad kitty I found)? I wonder how many fingers the guy who dressed that cat up lost? Some people are crazy! 😆
Damned typo’s! *sigh*
Nah Kryten, some cats are just that mellow.
My personal home server is a 12-disk 2-U Xeon rack-mount storage server. Moh powah :twisted:. The downside is that it uses 270 watts of power. Plus it’s built with scrap-heap parts, so while I have a 6Gb/sec SAS2 controller for example, I only have a 3Gb/sec SAS1 backplane so I have to be careful what slots I stick my 3tb drives into, plus one of the sockets on the motherboard is bad so I can only have one CPU. One of these days I need to buy a non-scrap-heap storage server to take its place, but just the chassis, motherboard, and backplane is $2K and money is tight at the moment thanks to bloody COBRA health insurance fees and self-employment taxes (SIGH! Only in America are you penalized for making money by working rather than by leeching off the work of others!).
I can get along with what I have because the local bandwidth providers won’t even lease what you would want for anything faster. We have fiber all over the place, including not 50 feet from when I’m sitting, but you can’t buy it. The Cable Company and the Phone Company have a lock on the resources and they don’t intend to have any competition. I ran into that when I was helping a friend who wanted to set up a dial-up ISP. He couldn’t buy the bandwidth.
People keeping talking about 4G and we are lucking to find 3G availability, but they sell the phones and pads that use, and really need, 4G. Maybe in another decade …
Kryten, my neighbor has his cats on ropes outside, so it is all a matter of early training and temperament. I’ve seen videos of behind the scenes at cat shows, and those cats put up with baths and blow-drying. I wouldn’t do that to a cat, but some people do it. OTOH, if it was one the ferals, they would figure out how to detonate it … 👿
Yeah, Badtux, that 15.62% on every dollar plus income tax really sucks when hedge fund managers have been skating with a total tax bill of 15%. At least that went up, but I think all income should be treated equally. There is really no need to differentiate.
They couldn’t get away with it here. the Lib’s tried it and ended p in court so fast, everyone was amazed! We have very strong anti-discrimination & anti-competitive laws here, and the civil court’s take them very seriously. It’s actually one of the main reasons we got the GST (the ‘S’ for ‘Services” part). ‘Consultants’ were getting away with near murder (legally), now they have to pay the same 10% tax as everyone else. The deal was that the Gov was *supposed* to do away with the 21% sales tax, and the PAYE (payroll) tax… anyone who actually thought THAT was gonna happen was a blind moron!
The laws are curious in a way. It’s illegal, for example, to charge someone extra (a fine) for paying late or after a certain time (say 7 days), but it is legal to offer a discount if you pay early (like having payment terms of 14 days, with a 5% discount to pay within 7 days). That doesn’t mean people can get away with not paying debs of course. 🙂 We do have laws for that! 😀 It’s also why all prices here are always RRP (Recommended Retail Price) as fixing a price is also illegal (mainly because our Common Law Rights, which cannot be abrogated, allow for Barter Trade). Of course, the Corp’s with deep pockets can find ways around it, but it’s usually not worth the effort or cost as some have found, especially when the skate too close to the line and get slapped by the Courts. In a Civil Court, the prosecutor only has to prove *intent* (mens rea) to 51% if no agreement between parties can be reached and the Court has to decide. In a Criminal Court, it’s the old Common Law ‘beyond a reasonable doubt’, whatever that means! 😉 (Well, it usually means who is the best *story teller* at the closing arguments (as in the USA), and whether the defendant is known, and how much the juror likes/dislikes them. *shrug* It’s one of the problems with the Adversarial System as opposed to the European style Inquisitorial System.
OK. So much for my much needed coffee break, back to school! 😀 I’m currently studying Nagios & NRPE. It’s really come a long way! it can even monitor remote dB (MySQL, PostgreSQL, etc). That’s new, and with me offloading MySQL, that will be useful. 🙂
Oh you have my sympathies when it comes to Nagios, Kryten. The problem with Nagios is scale-out. Every single server and service that you add to the system requires yet another trip to the Nagios config files, and woe to thee if you haven’t been in there lately. Plus those inscrutable config files quickly grow to the size of a small novel for any reasonably sized network. I need to revisit Nagios for my new IT infrastructure (it’s currently only monitoring Engineering infrastructure because that’s where I implemented it at the old company).
BTW, writing new Nagios “sensors” is ridiculously easy, I wrote one that monitors the iSCSI targets on my iSCSI storage boxes (a bash script that just executes the storage CLI for each box and asks it for a list of targets and whether they’re still online and connected), as well as one that runs on the machines that have the initiators to check whether the initiators are still logged in (that’s touchier than you’d think with OpenIscsi, whose CLI was apparently written by someone who thought mdadm was too easy to use, LOL!). That flexibility the only reason I put up with Nagios, otherwise I’d use something much easier to configure.
I’m also using mrtg to monitor my switch ports, but at least it has a nice little script thingy that’ll generate config file snippets for you when you point it at a switch or server that has snmp enabled.
Dag nab it, now that you mentioned Nagios, I need to go finish implementing it for the new infrastructure. Curses! (Yes, the actual language I just used to myself was considerably more salty than that, little pitchers have big ears and my dad was ex-Navy 😉 ).
Ah, here’s a little Nagios sensor script, this one monitors an iSCSI link state on a proprietary storage box…
#!/bin/sh
PATH=/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
LINK1=`echo “interface display” | /usr/bin/storage-cli -h storage1e | /bin/grep ‘^link1’ | /usr/bin/head -1`
# Now get status info:
HEALTH=`echo “$LINK1” | /bin/grep “Healthy”`
if [ “$HEALTH” = “” ] ; then
# Not healthy
echo “FAILED: NO LINK: $LINK1 $PATH”
exit 2
else
echo “SUCCESS: $LINK1”
exit 0
fi
LOL Yeah, I know. I used Nagios for the LM project a few years ago. I didn’t want to use it… But it is the best (open source) tool out there for my needs. 🙂 I really like the reporting features (and extensive monitoring of course, else pretty reports would be less than useless!) 😉 🙂
And yeah, MRTG is in my standard toolkit. 🙂
I’m using this course, it’s not bad. Came with PDF’s and a lot of examples! 🙂
LinuxCBT Monitoring Edition
(Also using the Sitepoint video/eBook course/guides).
This one is next:
LinuxCBT NIDS Edition
I’m tossing up whether to get the CentOS 6 course… I probably should. Last ver I used was 5.3. It’s changed quite a bit from playing with it the past week.
I also have the Exim course. That’s changed a lot too! *SIGH* Ahhh well… 😉
Who said starting a Biz was easy? 😆
Good luck to us all (again!) 😉 😀
BTW, if you are interested, Sitepoint have a 50% off deal on all books & courses ($97). But it ends soon.
https://learnable.com/sitepoint
You know… Life is just weird sometimes. 😐
A friend who’s family use several devices (desktop PC’s, laptop’s, tablet’s smart-phones etc.) Has a big problem with central data storage and backup. So I was asked what I thought of these new online cloud backup systems popping up all over. “Not much” I thought… was told that they were looking at a product called carbonite (never heard of it thinks I) Aha, I say. I said I’d look into it and get back to them.
I found that Carbonite have a free 15 day trial, but it’s US only (and people say China is bad!) So, I connect my VPN to the server in Chicago, and sign up with one of my Gmail acct’s. No worries… S/W is d/l and installed. I set it up and let it run a backup in my sandbox with a dummy user acc’t with some junk txt, mp3, avi, pdf and a couple other data file types, about 500MB worth. So I decided to have a look around and see what else is available as I’m not that impressed with this Carbonite app! I found a few including one called CrashPlan. They have a 30 day trial (US only of course), so I sign up again and I get asked if I am a Carbonite user. Hmmm… thinks I. So I click on the ‘Yes’ button, and I am informed that I can get a 12 mth free unlimited subscription by providing my carbonite e-mail/login name (nothing else). Curiouser, etc. 😆
And low and behold, I now have a free, 12mth Unlimited Storage/backup plan!
and on paper, CrashPlan is way better! They have Linux/Solaris & Mac versions of their app, and better features. 🙂 Anyway, now I have a year to play! 😉 😆
It’s called “CrashPlan+ Family Unlimited Plan” (normally $150/yr). They claim 448-bit file encryption, the others claim either 128 or 256-bit (I plan to test that out of course). 🙂
http://www.crashplan.com/consumer/compare.html
Life is weird. *shrug*
Kryten, I’m the guy who would be teaching those courses, if I was between jobs and needing something to do that is, otherwise I’m too busy living those courses :twisted:. Yah, I spent all day today getting Nagios to monitor some things on my new infrastructure, as well as cleaning up some database issues and running more tests of the application. I don’t think we’ll get it clean enough this week to release, but next week… could be.
Also found out that the old Cisco ASA router/firewall that we inherited eats dnssec packets(!). Which is a pain given that several of the root servers now only accept dnssec connections due to recent attacks upon the DNS system. Will get that fixed as soon as I get the password out of the person who installed it — or else it will get trashed and replaced by a generic Linux whitebox with a couple of four-port NIC cards if the dude tries to hold us hostage :twisted:.
You guys get to do interesting things with interesting problems while I’m running around trying to locate stainless steel thrust head screws to fit the stems of Sterling bathtub faucets. The people who make the replacement handles don’t include the screws, advising you to reuse the old screws – the screws you had to drill out to get the original handles off so you could replace the leaky stems.
At least I now think I know the size and thread-count I need.
So, when you are commenting over here, you are playing hooky and avoiding your school work. That isn’t good, Kryten, no indeed. 😉
I worked with a couple of local non-profits reclaiming donated computer equipment for clients or their thrift shops, and passwords were always a problem. It usually meant re-formatting the hard drive or cannibalizing for parts because we couldn’t trace the equipment back to the original owner, or the owner forgot what it was. Having to get it from someone who sees a potential profit, is a hassle you don’t really need, Badtux.
Well, I guessed the password for the firewall/router based on other passwords for other machines in the infrastructure, so all is well :twisted:. He never did get back to me with that password, but that’s okay, I got in, disabled the dns packet inspection, and presto dnssec works right. Yay :).
So the good news is that you got in and were able to make the changes … OTOH the bad news was you were able to get in and make changes. I assume you intend to change the passwords on the machines in the infrastructure – when you get a chance, of course.
Well, you have to be on the inside of the firewall to exploit any of these passwords, and need to be in possession of a list of the other passwords to guess the firewall password (which isn’t one of the other passwords but follows the same pattern), so I’m not in too big a rush. I have to say that I’m quite disappointed in our IT consultant though, he’s been silent as a tomb since finding out that I guessed the password and did the firewall rule change without his help.
We signed up our first few customers and got a big deposit from a major storage company that already has been mentioned in this stream that wants to get into the security business and wants to leverage our expertise, so maybe this is going to work, especially once we get the Gen2 monitoring software out the door next week. I’m waiting for the library whose sole book is “My Pet Goat” to sign on, just so I can chortle that we’re monitoring the security network for a library whose sole book is “My Pet Goat” ;).