Slow VPS Restarts

In my last blog post I mentioned about slow restarts. Well I’m wracking my brains over this one! A reboot takes about 5-10 minutes which is way too long. Looking at all the logs and even looking at bootchart, mysql does take a little while to warm up but nothing else is giving me a hint.

However when I send over the reboot command, putty stays open for a fairly long time before the “connection lost” message pops up. That’s a hint maybe.

Switching to the local VM image, this problem is also there. Another benefit of running the configuration locally is being able to watch the kernel messages during start and shutdown. On shutdown, it seems to stick on “Stopping System V Runlevel Compatibility”. A few Google searchs suggest it could be a Kernel update that has caused this…. but annoyingly after a few Ubuntu kernel upgrades, the situation hasn’t been resolved. But it’s not getting worse either!

I’m sure that the system is shutting down and starting up cleanly (pretty sure); I don’t have any qualms about corruption or dataloss.

Overall it’s not a massive problem. I do get nervous if the system will actually fire back up after a while but as long as the server does do that, I don’t think it’s a massive issue. I’ll keep plugging at it.

Admining the VPS

Still considered a Linux novice, I’ve had a lot of ups and downs with my VPS. I’ve learnt alot about securing a system however this has been a steep learning curve. Simply put, I could be happy with a shared hosting platform, but also, I wouldn’t.

The freedom of the VPS has allowed me to host just more then a website, but what I have learned along the way is far greater.

Unforseen circumstance has tirelessly taught that having a working backup and a plan is more important then looking at log files and sitting back and relaxing. I currently have a few errors to look into which I hope to fix by the weekend. (mysql seems to like failing occasionally, shutting itself down and requires manual restart)

I’ve also managed to image the live server on to a local VM for testing. ‘Testing’ describing numerous activities including patch upgrades (incase anything breaks), application configuration and also some pentesting.

I would ideally like to look into automatic off site backups, which wouldn’t be too difficult considering the server image isn’t too big at the moment (although my bandwidth would take a hit)

As regards to documentation; I’m not sure how deep to go into recording  changes made to the server, although this would be fairly useful.

Securing Home Routers – Keeping Your Data Safe

Routers are apart of everyday life. Anyone with an active home internet connection has one. It keeps a constant connection to the internet, it allows more then 1 computer to share the same internet connection, it blocks out bad traffic from entering your network, and can perform more sophisticated tasks; share files via FTP over the network and to the wider internet for example.
Your router is filled to the brim with technology but not all of it is safe, even though it might be helpful. Simply buying a router and connecting it up is not enough; like any device, it needs updates and maintenance to have it running well and safely.

All routers are different and it helps to log into your routers settings and familiarize yourself with the options available to you. Not everything you see will be apparent as to what they do so it’s worth noting these down and doing a bit of research yourself.
Additionally a general rule of thumb; if your not using a specific service or option in your router, disable it! Continue reading “Securing Home Routers – Keeping Your Data Safe”

Node-Red: The interesting world of API

The pi I have running at home had accumulated alot of updates. Anyone who owns a pi can tell you that a small collection of updates can take an exceedingly long time to complete. About 20 minutes into the upgrade, I noticed apt stalling on one particular package : node-red. Knowing that it’s not usually included in a standard installation, I did some digging and found something interesting.

Node-red is a graphical wiring program that allows you to do some cool things with different API’s. I mean, really interesting things.

Starting it up for the first time, it listened to port 1880 and told me to connect via a browser. What then arose was a brilliant piece of technology.

A scratch like interface with pastel coloured buttons and brief descriptions about their purpose filled the left colomn. Those are, as I understand, the nodes. Simply dragging and dropping these building blocks and linking them up felt seamless; some functional boxes for different languages such as html, xml and json. Switches to initialise case logic, splitters to manipulate the direction of data and in and out nodes for twitter implementation. Also for the pi, nodes to make use of gpio pins for muchly anything you can think of. This is for the makers. Brilliant.

To my surprise (and burden however), there’s not a great deal of documentation that I could find for this platform. There a few tutorials for the very basics but when it came to slightly more complex stuff, it’s almost non existant. Either way, I plugged on and crafted a twitter bot as an excersise; expanding on some of the basic tutorials on YouTube. My first small ‘flow’ was a program that pinged to a network address and recorded the time and latency in a text file. Pretty low grade but if I wanted to, I could expand to tweet myself a message if the ttl lapsed.

I’m still unsure of the language used in main function block, it looks like java (being objective) but I don’t know enough about it to know exactly. I would like to make my @awkwardbot_ a bit more intelligent but will need to dig deeper into this exciting framework.

SSH bruteforce; change in direction?

One thing that I like to do is read. Stephen King, probably makes up for the majority of fiction I’ve read. Closely followed by Andy McNab, Stieg Larsson and Dan Brown (in no particular order). I like non-fiction too but mainly in the sciences; our treasured Prof. Stephen Hawking (should be knighted), the great Carl Sagan and the inspirational Prof. Brian Cox. I’m sure there’s more unbeknownst yet to make it to my shelf.

However, there’s only really one 100% reliable news page that I have the occasional binge on. Found in  /var/auth.log, this page has it all. Drama, frustration, desperation, success, comedy. Strangely enough, I can genuinely associate these human emotions to this silly little file. Today I will talk about both comedy and perhaps some terror too.

I like to filter the news for most of the comedy.

sudo grep "Invalid user" /var/log/auth.log

Ethen, ftp, 1111, recruit, allison, xbian, uwot, support, hadoop, test, guest, admin, jonah (my fave) … the list literally goes on. Incredible to think that these bots or people have probably cracked open a server using those names before and have been successful? Maybe. Or maybe they are trying to think outside the box. I can literally spend a day trying to understand the reason behind those user names and still be clueless. Hilarious! Jonah.

But it’s the most obvious of them all that worries me. Admin, root, and pi. The latter being the most obtainable. Pi. The default username for a main linux flavour. And maye more.

It’s scary to think that easy to follow guides for home VPN’s, plex, cloud software, ftp, webserver (the list goes on..), may not always be security conscious and may not always instruct the user to change default username, let alone the password or enabling firewall. Lets hope, for their sake, time is spent to secure a home internet facing host and does not help to breach their home networks. Sobering.