We signed up our first few customers and got a big deposit from a major storage company that already has been mentioned in this stream that wants to get into the security business and wants to leverage our expertise, so maybe this is going to work, especially once we get the Gen2 monitoring software out the door next week. I’m waiting for the library whose sole book is “My Pet Goat” to sign on, just so I can chortle that we’re monitoring the security network for a library whose sole book is “My Pet Goat” ;).
]]>So the good news is that you got in and were able to make the changes … OTOH the bad news was you were able to get in and make changes. I assume you intend to change the passwords on the machines in the infrastructure – when you get a chance, of course.
]]>At least I now think I know the size and thread-count I need.
So, when you are commenting over here, you are playing hooky and avoiding your school work. That isn’t good, Kryten, no indeed. 😉
I worked with a couple of local non-profits reclaiming donated computer equipment for clients or their thrift shops, and passwords were always a problem. It usually meant re-formatting the hard drive or cannibalizing for parts because we couldn’t trace the equipment back to the original owner, or the owner forgot what it was. Having to get it from someone who sees a potential profit, is a hassle you don’t really need, Badtux.
]]>Also found out that the old Cisco ASA router/firewall that we inherited eats dnssec packets(!). Which is a pain given that several of the root servers now only accept dnssec connections due to recent attacks upon the DNS system. Will get that fixed as soon as I get the password out of the person who installed it — or else it will get trashed and replaced by a generic Linux whitebox with a couple of four-port NIC cards if the dude tries to hold us hostage :twisted:.
]]>A friend who’s family use several devices (desktop PC’s, laptop’s, tablet’s smart-phones etc.) Has a big problem with central data storage and backup. So I was asked what I thought of these new online cloud backup systems popping up all over. “Not much” I thought… was told that they were looking at a product called carbonite (never heard of it thinks I) Aha, I say. I said I’d look into it and get back to them.
I found that Carbonite have a free 15 day trial, but it’s US only (and people say China is bad!) So, I connect my VPN to the server in Chicago, and sign up with one of my Gmail acct’s. No worries… S/W is d/l and installed. I set it up and let it run a backup in my sandbox with a dummy user acc’t with some junk txt, mp3, avi, pdf and a couple other data file types, about 500MB worth. So I decided to have a look around and see what else is available as I’m not that impressed with this Carbonite app! I found a few including one called CrashPlan. They have a 30 day trial (US only of course), so I sign up again and I get asked if I am a Carbonite user. Hmmm… thinks I. So I click on the ‘Yes’ button, and I am informed that I can get a 12 mth free unlimited subscription by providing my carbonite e-mail/login name (nothing else). Curiouser, etc. 😆
And low and behold, I now have a free, 12mth Unlimited Storage/backup plan!
and on paper, CrashPlan is way better! They have Linux/Solaris & Mac versions of their app, and better features. 🙂 Anyway, now I have a year to play! 😉 😆
It’s called “CrashPlan+ Family Unlimited Plan” (normally $150/yr). They claim 448-bit file encryption, the others claim either 128 or 256-bit (I plan to test that out of course). 🙂
http://www.crashplan.com/consumer/compare.html
Life is weird. *shrug*
]]>And yeah, MRTG is in my standard toolkit. 🙂
I’m using this course, it’s not bad. Came with PDF’s and a lot of examples! 🙂
LinuxCBT Monitoring Edition
(Also using the Sitepoint video/eBook course/guides).
This one is next:
LinuxCBT NIDS Edition
I’m tossing up whether to get the CentOS 6 course… I probably should. Last ver I used was 5.3. It’s changed quite a bit from playing with it the past week.
I also have the Exim course. That’s changed a lot too! *SIGH* Ahhh well… 😉
Who said starting a Biz was easy? 😆
Good luck to us all (again!) 😉 😀
]]>BTW, writing new Nagios “sensors” is ridiculously easy, I wrote one that monitors the iSCSI targets on my iSCSI storage boxes (a bash script that just executes the storage CLI for each box and asks it for a list of targets and whether they’re still online and connected), as well as one that runs on the machines that have the initiators to check whether the initiators are still logged in (that’s touchier than you’d think with OpenIscsi, whose CLI was apparently written by someone who thought mdadm was too easy to use, LOL!). That flexibility the only reason I put up with Nagios, otherwise I’d use something much easier to configure.
I’m also using mrtg to monitor my switch ports, but at least it has a nice little script thingy that’ll generate config file snippets for you when you point it at a switch or server that has snmp enabled.
Dag nab it, now that you mentioned Nagios, I need to go finish implementing it for the new infrastructure. Curses! (Yes, the actual language I just used to myself was considerably more salty than that, little pitchers have big ears and my dad was ex-Navy 😉 ).
Ah, here’s a little Nagios sensor script, this one monitors an iSCSI link state on a proprietary storage box…
#!/bin/sh
PATH=/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
LINK1=`echo “interface display” | /usr/bin/storage-cli -h storage1e | /bin/grep ‘^link1’ | /usr/bin/head -1`
# Now get status info:
HEALTH=`echo “$LINK1” | /bin/grep “Healthy”`
if [ “$HEALTH” = “” ] ; then
# Not healthy
echo “FAILED: NO LINK: $LINK1 $PATH”
exit 2
else
echo “SUCCESS: $LINK1”
exit 0
fi
The laws are curious in a way. It’s illegal, for example, to charge someone extra (a fine) for paying late or after a certain time (say 7 days), but it is legal to offer a discount if you pay early (like having payment terms of 14 days, with a 5% discount to pay within 7 days). That doesn’t mean people can get away with not paying debs of course. 🙂 We do have laws for that! 😀 It’s also why all prices here are always RRP (Recommended Retail Price) as fixing a price is also illegal (mainly because our Common Law Rights, which cannot be abrogated, allow for Barter Trade). Of course, the Corp’s with deep pockets can find ways around it, but it’s usually not worth the effort or cost as some have found, especially when the skate too close to the line and get slapped by the Courts. In a Civil Court, the prosecutor only has to prove *intent* (mens rea) to 51% if no agreement between parties can be reached and the Court has to decide. In a Criminal Court, it’s the old Common Law ‘beyond a reasonable doubt’, whatever that means! 😉 (Well, it usually means who is the best *story teller* at the closing arguments (as in the USA), and whether the defendant is known, and how much the juror likes/dislikes them. *shrug* It’s one of the problems with the Adversarial System as opposed to the European style Inquisitorial System.
OK. So much for my much needed coffee break, back to school! 😀 I’m currently studying Nagios & NRPE. It’s really come a long way! it can even monitor remote dB (MySQL, PostgreSQL, etc). That’s new, and with me offloading MySQL, that will be useful. 🙂
]]>