System Administration
cPanel Brute Force Protection – regaining access
cPanel comes with a great feature called brute force protection. The problem is, if you mis-type your password 5x in a row or if you have multiple people in the office, like we do, that try to get into various services and they combine to have 5 missed passwords in a row (ssh, mail, and whm logins all quality) then you will lock yourself out of your system. Here are some tips & tricks that will help you regain access. Gaining Initial Access The easiest and quite possibly ONLY way to get back into your system is by logging in from a different IP address. Sometimes you can do this by re-initializing your modem/router if you are on a DHCP assigned address from your ISP. This is usually the case for residential service from DSL companies like AT&T (no other ...
Setting Up Raid 1 On Ubuntu 10.04
The following has been distilled from https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html and revised to match our operating process. Partitioning Follow the installation steps until you get to the Partition disks step, then: Select Manual as the partition method. Select the first hard drive, and agree to "Create a new empty partition table on this device?". Repeat this step for the second drive. Select the "FREE SPACE" on the first drive then select "Create a new partition". Next, select the Size of the partition. This partition will be the swap partition, and a general rule for swap size is twice that of RAM. Enter the partition size, then choose Primary, then Beginning. Select the "Use as:" line at the top. By default this is "Ext4 journaling file system", change that to "physical volume for RAID" then "Done setting up partition". For the / partition once again select ...
Linux mdadm tips & tricks
RAID arrays are an important part of any mission critical enterprise architecture. When we talk RAID here we are talking mirrored RAID, or mirrored and striped RAID, not simply striping which gives you a larger drive from several smaller drives. While that may be great for some home or desktop applications, for a enterprise application that simply doubles your changes of a failed system. We often spec out RAID 1 or higher mirrored systems with RAID 1+0 being the most common (mirrored and striped) so that you increase access performance AND keep the system up if a single drive fails (on a 3 drive RAID 1+0 configuration). Along the way we've learned some tips & tricks that may help you out. To start with we'll post some info on Linux RAID and eventually expand this article to include Windows information. Fake v. Real Raid One thing ...
0 Comment | Posted in System Administration,Tips & Tricks,Ubuntu,blog
July 30, 2010
Ubuntu – No Audio When Playing Videos
I recently tried to play a video on Ubuntu 10.04, but got no audio because of missing a Windows Media Audio codec. My video player tried to automatically find a suitable plugin and failed. So here’s how I fixed it by hand. Step One: Update mplayer The version of mplayer that comes with Ubuntu is behind the times. But that’s easy to fix. $ sudo add-apt-repository ppa:rvm/mplayer $ sudo apt-get update $ sudo apt-get upgrade mplayer Bam. Done. Also why not install smplayer while you’re at it—has a much better interface in my opinion. *Note:* If you prefer to use something else like vlc then upgrading may not be necessary. Check the documentation for your preferred movie player to see about its WMA support. Step Two: Discover the ...
0 Comment | Posted in Desktop Apps,Ubuntu,blog,desktop computing
July 07, 2010
Cyber Sprocket IP Blacklist
The following IP addresses have been blacklisted on our servers due to excessive break-in attempts. If your internet service provider (ISP) or internet presence provider/web host (IPP) is on this list your servers (or desktop computer) will not be able to access any of the Cyber Sprocket servers or the servers we manage for our clients. If your IP address is on this list and you wish to be removed send us a request via the Contact Us form requesting access to our servers, the reason for your access request, and the specific IP address that you want to use to talk to our servers. Each whitelist request will be considered on a case-by-case basis. We also recommend that you contact your ISP/IPP and ask them to deal with the hackers that ...
0 Comment | Posted in Security,System Administration,blog
June 30, 2010
Changing Network Device Priorities In Vista
My Windows Vista laptop has a strong desire to always connect to the wireless network, even when I'm connected-by-wire at the office. This is due to the fact that most Windows laptops are setup to use the wireless connection first if there is a wireless signal available. While I was always able to quickly find this setting in Windows/XP, on Windows Vista it is hidden away in a "advanced menu". For some reason I always forget how to find it, thus this blog post serves as my own memory kit. How To Change Network Priorities In Vista Go to your mange networks settings. I like to get there by right-clicking the network icon in the systray & selecting "manage networks". You can also go to the start menu, control panel, network connections Hold down the ALT key, release then click "Advanced Settings..." within a ...
0 Comment | Posted in Windows,blog,desktop computing
June 22, 2010
WordPress – Sharing A Base Class Amongst Plugins
Introduction The new series of MoneyPress plugins that is coming out in the next month is going to be based on a common foundation. This allows us to maintain consistency, share new features across the product line, and provide an improved quality product that gets out to the consumer. However, during the migration to this new shared platform we uncovered some problem areas deep within the bowels of WordPress. Yes, even with the recently released 3.0 version. However we don't blame this on WordPress. Far from it. WordPress is a well engineered application, it's only fault is being tied into archaic versions of PHP... which means anything prior to PHP 5.3 when namespaces were finally introduced. There is a reason many languages have had namespaces for years, but that is a discussion for another post. One of the more nagging problems was ...
0 Comment | Posted in PHP,Programming Languages,System Administration,Wordpress,applications,blog
June 20, 2010
Using Find To Help Manage Files On Linux
We found a system administration problem on a server today that was being caused by incorrect directory permissions. Any email that passes through the server-wide spam filter was not going through because of permissions on the /home/<domaindir-here>/etc directory. That directory needs to be owned by mail. Here is a quick way to update those directories: [root@host:home]# cd /home The find command only lists directories (much, much faster if you know you only need a certain file type like ‘d’), up to 2 levels deep (. = current directory = level 1), and matching the name etc… [root@host:home]# chgrp mail `find /home -maxdepth 2 -type d -name etc` Now we pass find as a variable list to the ls command to see what we touched. The ‘d’ on ls also restricts it to directory level output only, so we don’t descend into those ...
0 Comment | Posted in System Administration,blog,files
June 18, 2010
Windows XP – Resolving Aquiring Network Address Problems
After spending nearly a week on & off removing a virus from a notebook computer, we are down to one last task... getting the network services back online. Here are some notes about how to get around this problem and the ever-present "acquiring network address" that never is acquired. Resetting Windows Network Stacks To reset the Windows/XP TCP/IP stack use this command from the command shell: netsh int ip reset reset.log To reset the Windows/XP Socket layer, use this command from the command shell: netsh winsock reset catalog Check For Rootkits Turns out the virus installed a rootkit. These are special files hidden by the operating system that change how the base OS works. That makes them hard to detect & remove with normal spyware. TDSS rootkit by Kapersky Labs helps fix that: Download install and run TDSS rootkit removing tool - get it here: http://support.kaspersky.com/downloads/utils/tdsskiller.zip In our case the file c:\WINDOWS\system32\DRIVERS\isapnp.sys was compromised. You ...
0 Comment | Posted in blog,desktop computing
June 09, 2010
HTTP Errors When Uploading/Connecting in WordPress
Having problems browsing themes, uploading plug-ins, or doing just about anything that "talks" to the outside world via Wordpress? We have had a development server buried deep in our network behind several routers and firewalls that had a similar problem. Whenever we'd log into the dashboard we'd get various timeout error messages on each of the news sections. We'd not get our automatic update messages whenever there was a plugin update or a Wordpress update (3.0 is coming soon!). Well it turns out that we needed to fix 2 things to help speed up the network connection. Fix #1 - DNS Resolution We run this particular development box on Linux. That meant updating our /etc/resolv.conf file to talk directly to the DNS servers. If you use DHCP configuration or go through a router this file is often ...
0 Comment | Posted in Networking Utilities,PHP,System Administration,Wordpress,applications,blog
June 03, 2010
Upgrading Logwatch on CentOS 5
Introduction I finally got tired at looking at the thousand-plus line daily reports coming to my inbox from Logwatch every evening. Don't get me wrong, I love logwatch. It helps me keep an eye on my servers without having to scrutinize every log file. If you aren't using logwatch on your Linux boxes I strongly suggest you look into it and turn on this very valuable service. Most Linux distros come with this pre-installed. The problem is that on CentOS the version of logwatch that comes with the system was last updated in 2006. The logwatch project itself, however, was updated just a few months ago. As of this writing the version running on CentOS 5 is 7.3 (released 03/24/06) and the version on the logwatch SourceForge site is 7.3.6 (updated March 2010). In this latest version there are a log of nice updates to the scripts that ...
0 Comment | Posted in Networking Utilities,Security,System Administration,Tips & Tricks,applications,blog
May 31, 2010
Upgrading Redmine From 8.6 to 9.3
After more than a year of using Redmine to help us manage our projects it was time to upgrade. Redmine helps us manage our bug lists, wish lists, and to do lists. It helps us communicate with our clients effectively and efficiently using a web based media in a consistent format that is easy to use for both our developers and our clients. However, during the past year there have been several changes including the significant upgrades that came out in v9.x some months back. Our busy schedule kept us from upgrading as each new release came out, and sadly we had fallen far behind. This past weekend we decided it was time to upgrade. The notes below record some of the problems we ran into and outlines how we resolved them. If ...
0 Comment | Posted in Project Management,Redmine,Task Management,Web Apps,applications,blog
April 25, 2010
Setting Up Stunnel On Linux
Intro This article was written while getting SMTP authentication working with AT&T Business Class DSL services. The SMTP service requires authentication via a secure connection on port 465. Other articles will get into further details, this article's focus is on the stunnel part of the equation, which we use to wrap the standard sendmail/SMTP configuration. In This Article An example stunnel config file for talking to AT&T SMTP servers on port 465 (SMTPS) Testing the connection to AT&T SMTPS is working via telnet Getting stunnel running on system boot. Our Environment CentOS release 5.2 stunnel 4.15-2 We assume you have stunnel and telnet installed. If not, research the yum install commands for CentOS. You will also need superuser access to update the running services on your box. Setting up stunnel Stunnel will allow you to listen for data connections on a local port and redirect that traffic through an SSH wrapper to another system. In our case we are using ...
0 Comment | Posted in Networking Utilities,applications,blog
April 05, 2010
Finding Which Linux Packages Provide Which Files
There have been multiple situations where I find out that I need a particular file to continue with something I am doing. Most of the time this happens when I am compiling a program. I will be missing a library, or header file, or something. So I end up on search engines looking for whatever package I need to ‘apt-get install’. Well it turns out there is a command line tool that will tell you this information, on systems use Apt, that is. Enter ‘apt-file’. I use Ubuntu, and it doesn’t come with that platform by default. Or at least not on 10.04 then I’m using. But you should know how to get it. A simple ‘apt-get install apt-file’. Once you have it installed, you will have to update the cache it uses for searching. I was prompted to do this automatically, but if you ...
0 Comment | Posted in System Administration,Tips & Tricks,blog,files
April 05, 2010
Using Subdomains With Localhost
I do a lot of development work locally, running apache2, mysql, postgres, and any number of other things on my personal computer so that I can do my work. This offers me a lot of benefits: it's faster, it doesn't rely on an Internet connection, and it allows me to have complete control over my environment. There are some drawbacks to this though. Generally, you end up with many different projects and with each one comes a new directory, so after a while you have dozens of sites that look like http://localhost/somesitehere/. This by itself can cause some issues. First of all, now none of your files are running directly off of the document root which often causes some issues with badly written software. Secondly, it confuses the hell out of firefox's password manager because it's host based. It also looks kind of ugly having to put in all those different ...
