Search results

@rds100: I wasn't aware of that. FYI to others, http://sgros.blogspot.com.au/2013/01/seagate-disk-smart-values.html @lbft Regular smart short tests are already run at 5:30AM every day :) I think I got base script of here or LET. It caught one of the drives pre-fail ages ago. My gut is...

The WD drive which breaks the HBA I have tested on a different backplane attached to a different port. Ive written that one off. I dont think its a problem with the HBA / port, mSAS cable or power (cable or backplane). None of the other ports on the backplane / mSAS cable / power have any issues...

A combination of I/O errors logged, and the drive marked as removed in mdam (after a reboot, the other faulty drive froze the kernel). I dont doubt the other drive is faulty, its throwing alot of IO errors and a few smartctl's and the kernel watchdog starts killing threads. I don't doubt that...

Ok, Guys. You people who deal with VPS & Dedicated server hardware must learn lots about hard drive failures (Spinning Rust Buckets, not speedy silicon). Any tips for recognizing failures before they happen? Just had two drives fail, partially / corrupt / unknown while maintaining a health...

Theres plenty of data to be found in these forums. Try this thread (I hope you arent post spamming, I can see you are the most recent replier in that thread which actually contains the data). Im pretty sure for most companies bitcoin payments would be no more than 10% at most, in our case it...

The one question I dont think anyone has asked yet is do you actually want to 'prevent' it yourself? Perhaps if you are a large enough company to be purchasing multiple 10Gbps uplinks to handle it yourself you can handle the cost of purchasing appliances (e.g Riorey) $XX,XXX ea or in-house...

Asyd looks interesting, they could however do with more in-depth information on their homepage - it all seems pretty high level and generic. In the end I ended up just doing using some bash scripting & some simple php for tracking it all in a database. Fortunately Zabbix our montoring system...

Just a quick update, heres some nginx config to do what I mentioned. I havent tested this as we are doing this in a different manner, but it should work. if ($ssl_protocol = "SSLv3") { set $SSL_POODLE "2"; } if ($http_user_agent !~ "MSIE [4-6]\.") { set $SSL_POODLE...

Unfortunately SSLv3 is the highest version of SSL supported in IE6. So by doing this you either restrict your site to IE7 or greater or do not provide SSL for IE6. In my books some SSL is better than no SSL even if said SSL is weakened due to this attack vector. The best things to do: -...

Perhaps the best approach would be to throw a forbidden error if a modern client (client != IE6) attempts to use SSL 3.0. I am tempted to try and write this in lua. Some SSL is better than no SSL, and IE6 supports at most SSL 3.0. From what I understand the extent of the vulnerability is that...

Ive never tried it. but just a plain old gre tunnel and when you setup the default route for the vpn just use the gre* interface instead of eth0. You will also need to reduce the MTU for each hop (you will need to do that no matter which method chosen).

Server to server wise just use a GRE/IPIP tunnel, far better than the overhead from multiple VPN's....

Honestly, atleast every 6-12 months you should be rebooting to perform updates to your kernel / modules anyway. There is usually major updates that require a restart anyway (e.g Debian's kernel FUSE interface changes this year). When ever I see uptimes of 180+ days, all I think of is the...

5 days after the outage a response is finally received asking if the server is still offline. A reminder why I will forever dislike OVH. Phone support (when you can actually get through) is the only way to get a response.

Nope, its OVH. I don't expect them to respond to a support ticket for at-least 24-hours. Total outage was just over 2-hours (less for our clients, since we moved everyone off permanent mitigation of course).

For the past hour and a half all IPs routed to the OVH VAC are offline (including permanently filtered IPs from professional use). Looking at the weathermap it seems like a Capacity issue. Issue affects RBX, SBG and GRA1 (atleast). -- Stuck on what do do? As posted on LET, here is a script...

As funny as @texteditor is probably trying to be its fairly true. Dont attract hate, or offer commercial services (blackmail) and you should be fairly fine. For everything else, there are plenty of companies offering protection as services. Alternately if you have budget, you can purchase...

Then its a a flood from compromised machines / botnet probably. Wordpress has had a custom UA for quite a while. https://github.com/WordPress/WordPress/blob/master/wp-includes/class-http.php#L121 Of course if the server is actually compromised that can be worked around, but for xmlrpc...

Honestly, at-least pingback attacks are easy to recognize & mitigate. Wordpress uses a recognizable User Agent so providing you have enough bandwidth you can just tank it.

CSF generally doesnt work at the application layer, you could probably make it work but there are other better solutions such as mod_security or probably wordpress plugins.