@johnhooks said:

@travisdh1 said:

I'm not forgetting some basic principal of file servers here am I? That means they had write access to other folders, that were not their own!

I haven't had a chance to read the article, but wouldn't have setting the sticky bit just solved this problem (not write access but editing other files by other users)?

Not that they should have write access to other folders at all, but for all the more work chmod +s is I would think that would have been done.

Assuming the file server was on Linux that is.

Right. We have no information on which hosting company and what platform(s) they use are yet. Might be a month or two, but we'll find out eventually.

@Minion-Queen said:

Morning everyone. TIGF!

We have 4 out of 9 people in the building this morning. Apparently most are getting a head start on the weekend.

@scottalanmiller said:

That's' crazy. Do we know who the provider was?

Nope. I mentioned it in the comments section. Knowing how Krebs normally operates he'll probably give whoever the hosting company is some time to get their security fixed before publicly announcing which company it is.

@johnhooks said:

Still waiting for a real web interface for it.

This is open source. Lookup the database details and write yourself one......

Not that I think you actually have the time to do it, but it's a nice thought that it's possible.

Krebs on Security

"She said the hosting service told her that the malware also disrupted operations for other customers on the same server."

I'm not forgetting some basic principal of file servers here am I? That means they had write access to other folders, that were not their own!

@Dashrender said:

OK @travisdh1 , but I was looking more from a configuration side of things, not SPOF.

Scott generally speaks out about users having vendors do the hardware setup of a server. The vendor probably won't make the settings setups decisions that you want/need.

Considering some of the things I've seen come from manufacturer that's the right conclusion. In this case tho, you're specifying how much CPU, RAM, HD/SSD, etc you want and all they do is setup the StarWinds VSAN for you. Is it better for you to do it yourself? Probably. In this case I'd actually consider it, assuming someone from StarWind is actually doing the configuration.

@Dashrender said:

@original_anvil said:

@garak0410 said:

We are running production VM's on that aging (but licensed) PowerEdge 2900. Do I need replacing that as my priority or perhaps look at the Starwind solution first?

Actually two options here:
StarWind Virtual SAN, which is software only
https://www.starwindsoftware.com/starwind-virtual-san
StarWind HyperConverged Platform, which is the bundle of the Dell hardware, storage and hypervisor. https://www.starwindsoftware.com/starwind-hyperconverged-appliance

Actually in my opinion giving a try to the second option is way much better idea since you are still considering geеting the Xbyte as an option, and xByte is actually out partners So as the result you`ll get the fully functional system, not just the part of it.

Does it come pre built? I thought that was generally frowned upon around here?

It is frowned upon, but not because of the pre-built bit I don't think. I think it's that most pre-built kit has SPOF somewhere and is sold as HA when it's not. Just be sure you're getting what you need instead of what a sales guy want's to sell you.

@scottalanmiller said:

@dafyre said:

@scottalanmiller said:

OpenVMS, now that's good stuff.

Not over telnet, ha ha ha.

It has OpenSSH. If you had only telnet, someone decided to just leave it wide open. VMS Admins are hard to find and always were.

I didn't take well to OpenVMS, mostly because near the end of my time there in 2002 they tossed it at me. Gotta love the, you know UNIX, so you already know everything you need to know about OpenVMS attitude. Couldn't have set me up to fail any better, and I was too young to know what was going down.

@scottalanmiller said:

@travisdh1 said:

@mlnews said:

IA32 is dead.

Now if we hadn't had the resurrection of 32-bit hardware via low cost ARM/MIPS processors, we'd be in a 64 bit world finally (well, mostly, don't get me started on the different architecture designs and exactly what is actual 64 bit inside a CPU.)

Yes, but ARM and MIPS aren't related to IA32. And we are mostly on 64bit ARM outside of cell phones now. The Chomebooks and tablets and Fire TVs and Remix OS Mini for example are all 64bit ARM and the ARM servers coming are all 64bit. Even in the ARM world, 32bit is dying quickly.

In the MIPS world, we've been on 64bit since the early 1990s when the Nintendo 64 came out on 64bit MIP hardware.

MIPS via IRIX was my first corporate experience as a UNIX admin. So yep, I remember the first real 64 bit chips (1997-2002). So long as we all get rid of 32bit ARM chips by around 2038, I was thinking that date was 2024. I don't imagine my RaspberriPis will still be functional by 2038.

@mlnews said:

IA32 is dead.

Now if we hadn't had the resurrection of 32-bit hardware via low cost ARM/MIPS processors, we'd be in a 64 bit world finally (well, mostly, don't get me started on the different architecture designs and exactly what is actual 64 bit inside a CPU.)

@johnhooks said:

@quicky2g said:

Really liking glances.

My Ubuntu install:

sudo apt-get install python-pip build-essential python-dev
sudo pip install --upgrade glances
sudo pip install bottle

Optional for hardware sensors:

sudo apt-get install lm-sensors
sudo pip install PySensors

Just running "glances" at cli got me the interface. Web server worked like this:

sudo glances -w -B 10.1.1.1

Worked at http://10.1.1.1:61208

Ran a few simultaneous web server instances in the background for local network and Hamachi:

sudo glances -w -B 10.1.1.1 &
sudo glances -w -B 25.25.25.25 &

Definitely going into rc.local now.

Anyone get https working?

That's really nice. I've never used the web version before, just the cli.

Just shows how little I've actually dug into it beyond running sensor-config first, I didn't realize it had another display available. The command line version works so well, and it made so I wasn't jumping between top, iftop and iotop all the time. I was a happy geek.

@scottalanmiller Have you tried glances yet? Just curious.

@Minion-Queen said:

Waiting on the website..... yeah yeah I know I need about 20 more hours in every day

Where's an experimental physicist who's built a time machine? Why do I have a feeling we all feel the same way!?

Can we sign up yet, or are we waiting for the website?

@scottalanmiller said:

We now have XO running on our Scale cluster

Your using XO to manage the Xen or XenServer installs on the HP servers, right? Wonder how compatible XO would be with Scale, if at all.

@quicky2g said:

@dafyre said:

@quicky2g said:

Some "not so standard" useful IP address stuff:

ip addr show eth0
ip -s link show eth0

Supposedly, those are the new standards, ha ha ha.

Muscle memory has me stuck on

ifconfig

Only the people here will understand how many times I've typed ifconfig instead of ipconfig, or ipconfig instead of ifconfig. So annoying (yes, I annoy myself.)

@JaredBusch said:

@DustinB3403 said:

That is not a favorite, I try to avoid rebooting my systems if they don't absolutely need it.

I reboot pretty much everything, including the bare metal hypervisor, at least every other month.

Even once a month, I'd not consider it a favorite. A necessary evil, yes. Gotta keep the hardware in check. Glances, screen, sudo, wget, and crtl+r(history search) get used almost every time I hit a server. So minimum of 3 times a day.

@Dashrender said:

My only question about that setup is, will it have the IOPs he needs?

Great question. Have the results from that DPACK been posted yet?

In addition to the 3 you listed.
glances - the shell system monitor to use, everything including temp sensors if configured. Replaced htop, iftop, and iotop for me.
screen - because it's just handy to be able to leave programs running and logout at the same time.

@coliver said:

@Minion-Queen said:

Roads seem good here, not on them or going anywhere but traffic is moving well.

Normally they are pretty decent... but it looks like our plow drivers were caught with their pants down. Normally I see two on my way into work this morning I didn't see any and the roads were in bad shape. Although I am leaving 30 minutes earlier then I did last winter so that may have something to do with it.

Roads were fine here this morning. The people driving on them were not... My 35 minute drive turned into over an hour thanks to everyone going 30mph. It's winter, I get it, I left 15 minutes earlier than normal and arrived at the office 10 minutes latter than I should. People are so much fun to work with that I decided inanimate idiot-savants were the easier.