End-Of-Month actions
The usual monthly maintenance. There is little time to fulfill it all, and some updates need to be installed as well, so the big bunch will be done later this week.
First: the mal statistics for August:
PMAS statistics for August
Total messages : 4906 = 100.0 o/o
DNS Blacklisted : 3325 = 67.7 o/onbsp;(Files: 33)
Relay attempts : 82 = nbsp;1.6 o/o (Files: 33)
Processed by PMAS : 1499 = 30.5 o/o (Files:nbsp;33)
Discarded : 249 = 16.6 o/o (processed), 5.0 o/o (all)
Quarantained : 322 = 21.4 o/o (processed), 6.5 o/o (all)
Delivered : 928 = 61.9 o/o (processed), 18.9 o/o (all)
The main activity tonight has been the archiving of operator and service logfiles. Well, that’s actually most of the work. But some check on the system health needs to be done some time soon, since the sysgen parameters have changed a few weeks ago (well, a few months ago, in fact). But as the system seems to run nicely, for it’s size, there is no reason why it couldn’t be extended some tome more.
01-Jul-2009
Monthly maintenance
Scanned the system logs every day (well, almost) and apart from the usual attempted FTP and HTTP abuse, it all seems rather silent. The spam filter works silently as well:
PMAS statistics for Jun
Total messages : 4823 = 100.0 o/o
DNS Blacklisted : 3006 = 62.3 o/o (Files: 30)
Relay attempts : 119 = 2.4 o/o (Files: 29)
Processed by PMAS : 1698 = 35.2 o/o (Files: 30)
Discarded : 453 = 26.6 o/o (processed), 9.3 o/o (all)
Quarantained : 415 = 24.4 o/o (processed), 8.6 o/o (all)
Delivered : 830 = 48.8 o/o (processed), 17.2 o/o (all)
All operator and all server’s logfiles have been archived (for later analysis).
New switch
A new switch has been ordered to replace the very cheap and now failing one. I found a fine alternative in the CISCO SLM2008: a relatively chep managed switch that allows me to separate traffic in VLAN’s, and fix ports to a particular setting; plus it can handle Gigabit Ethernet – handy for local data transfer. I’ll need a GB NIC in the main server – and I’m not sure it will be that easy to get for Alpha’s basic PCI bus. But the switch will be put into place soon – I hope to install it next weekend – or the one after.
And hopefully, it’ll will prevent Frame Check Errors, that still appear in the operator log – but far less than a few days ago.
I’m thinking of obtaining a new router/firewall as well, with some extra features, like VPN and VoIP. But I’m still looking around. A collegue as recommended Draytec, and it seems to fit. Just ask my provider if they support it.
New software
There is new software I’ll install within a few weeks: the new PHP – and that means, a new PHPWASD to get around a confirmed bug; at least, when the source code is now available; the last time viewed the kit contained the previous version (mind – I’m still running the beta! ). Another new vesrion of WordPress has been around for a few week now (2.8) and I just saw the beta of 2.8.2 just became available. I may wait a few weeks before this version is installed.
A new version of Mark Daniel’s VWCMS – VMS/WASD Content Management System – has become available as well, I’ll still need to setup the main page using that software. And version 10 of WASD – including WebDAV – is available in beta as well. That one will get into action once offficial; or, if the beta is as stable as this version, I may think of running it – in produc tion, although mark does not recommend it (for obvious reasons).
04-May-2009
Monthly maintanance
First, it’s time to get the mail statistics of last month:
PMAS statistics for April
Total messages : 5125 = 100.0 o/o
DNS Blacklisted : 3672 = 71.6 o/o (Files: 31)
Relay attempts : 121 = 2.3 o/o (Files: 30)
Processed by PMAS : 1332 = 25.9 o/o (Files: 31)
Discarded : 348 = 26.1 o/o (processed), 6.7 o/o (all)
Quarantained : 431 = 32.3 o/o (processed), 8.4 o/o (all)
Delivered : 553 = 41.5 o/o (processed), 10.7 o/o (all)
Logfiles have been checked and archived.
Just the ususal assumption that Diana is a Linux or Windows box: All these packages that seem to be a foothold to abuse the system; Mail packages (does anyone – that take the Internet access seriously – run these packages over a non-encrypted connection. These packages should check whether they have been accessed over a secured socket!).
Ubuntu trouble
Well, not exactly Ubuntu, but a weird thing happened on the Ubunto installation on Aphrodite: Firefox doesn’t work. That is: I lost all history and bookmarks; new history and bookmarks are not added. Accessing sites is fine if plain links are followed, but buttons don’t work properly. I launched Wireshark to see whether the requests are sent, it seems they are but the result is nada, nope,nothing: Firefox is waiting for the result to come. Not even a timeout occurs.
Re-installation doesn’t change a thing. Upgrade Ubunto 8.04 to 8.10 doesn’t change a thing.
But a new installation or 8.04 from the DVD – and applying all updates – gives a goor working Firefox. The only problem with this is that I have to re-install quite a number of packages…
It shouldn’t be needed, though.
New laptop delayed
Demeter, the company laptop, is due for replacement – and a mobile workstation has been requested. Not a plainnnew one, but one used for a few months by a collegue. However, they are not eager to hand them over, because they would need to do re-installation of all their stuff – they say. I’ll just have to wait…
01-Apr-2009
System Management
A new month means checking things and clearing older files.
Mail statistics
PMAS statistics for March
Total messages : 3680 = 100.0 o/o
DNS Blacklisted : 2520 = 68.4 o/o (Files: 31)
Relay attempts : 123 = 3.3 o/o (Files: 31)
Processed by PMAS : 1037 = 28.1 o/o (Files: 31)
Discarded : 295 = 28.4 o/o (processed), 8.0 o/o (all)
Quarantained : 326 = 31.4 o/o (processed), 8.8 o/o (all)
Delivered : 416 = 40.1 o/o (processed), 11.3 o/o (all)
The relative high number of releay attempts is spread over the month, with a max of 17 on the 4th – weirdly enough quite a number stating to be form support@microsoft.com. As usual there are the yahoo.tw addresses, I’ve seen them more trying to relay over my server. Not that it works 🙂
Other maintenance
Of course, I archived the logfiles.
Patches have been downloaded, but installation will have to wait some time. This weekend has already been reserved, none of them is that urgent that an installation ASAP is required. The VMS system is working well over three months:
OpenVMS V8.3 on node DIANA 1-APR-2009 22:20:04.71 Uptime 98 00:36:36
so it’s hard to imagine that a fortnight extra would do any harm…
April joke?
would be another Big Bang on the nasty Conficker virus, sending out massive amounts of SPAM. But up to this moment (20:30 UTC), at least my server didn’t notice much since midnight:
PMAS statistics for April
Total messages : 125 = 100.0 o/o
DNS Blacklisted : 77 = 61.6 o/o (Files: 1)
Relay attempts : 17 = 13.6 o/o (Files: 1)
Processed by PMAS : 31 = 24.8 o/o (Files: 1)
Discarded : 8 = 25.8 o/o (processed), 6.4 o/o (all)
Quarantained : 7 = 22.5 o/o (processed), 5.6 o/o (all)
Delivered : 16 = 51.6 o/o (processed), 12.8 o/o (all)
It could of course change in the next four hours, but my suspicion it’s one of those jokes.
(But checking a newspaper site on the subject a few moments ago, the Java application crashed and the server became unvailable:
Service Temporarily Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
Well, I tried but it didn’t help very much …
I may have trouble with PHP at times, but not as drastic as this 🙂
WASD problem
Something weird is going on with WASD.
I have seven services active. So in a list of services, I would expect to show seven as well. But after some time, the number of entries increases with the same number: 14, 21…up to over 100. At that time I usually restart the server so the list counts 7 services.
It seems I’m the only one that encounters the problem – and I’m trying to find out what causes the behaviour. It might be the PHP or Python engine??
It’s not fatal, at least, I think.
01-Feb-2009
Monthly maintenance
New month = archive last month’s logs. But first get some stats.
Mail, for instance.
PMAS statistics for January
Total messages : 3371 = 100.0 o/o
DNS Blacklisted : 2228 = 66.0 o/o (Files: 31)
Relay attempts : 110 = 3.2 o/o (Files: 31)
Processed by PMAS : 1033 = 30.6 o/o (Files: 31)
Discarded : 326 = 31.5 o/o (processed),& 9.6 o/o (all)
Quarantained : 241 = 23.3 o/o (processed), 7.1 o/o (all)
Delivered : 466 = 45.1 o/o (processed),& 13.8 o/o (all)
Not much of a surprise, expect the amount of relay attempts. Quite a lot this month: On 12th of january, the majority of requests came from one address (190.28.174.170) and WHOS information shows it’s located in Colombia:
$ whois 190.28.174.170
----Server: whois.arin.net [AMERICAS] redirects to whois.lacnic.net
----Server: whois.lacnic.net [LATIN AMERICA] response for 190.28.174.170
% Joint Whois - whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries
% LACNIC resource: whois.lacnic.net
% Copyright LACNIC lacnic.net
% The data below is provided for information purposes
% and to assist persons in obtaining information about or
% related to AS and IP numbers registrations
% By submitting a whois query, you agree to use this data
% only for lawful purposes.
% 2009-02-01 18:39:58 (BRST -02:00)
inetnum: 190.28/16
status: allocated
owner: EPM Telecomunicaciones S.A. E.S.P.
ownerid: CO-EPME1-LACNIC
responsible: Administrador EPMNET
address: Carrera 77 39b-16, -, -
address: 940 - Medellin - CO
country: CO
phone: +57 4 4152280 []
owner-c: YGO2
tech-c: YGO2
abuse-c: YGO2
inetrev: 190.28/16
nserver: LAUTA.UNE.NET.CO
nsstat: 20090130 AA
nslastaa: 20090130
nserver: BIRLOCHA.UNE.NET.CO
nsstat: 20090130 AA
nslastaa: 20090130
created: 20070102
changed: 20070102
All requests seem to refer to one domain: cyrilscott.com, but somewhat different users.
The other bigger one comes from a presumed Hotmail address, but the server resides in Taiwan and has nothing to do with Hotmail;All attempts on 22-Jan:
$ whois 118.167.137.77
----Server: whois.arin.net [AMERICAS] redirects to whois.apnic.net
----Server: whois.apnic.net [ASIA PACIFIC] response for 118.167.137.77
% [whois.apnic.net node-1]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 118.160.0.0 - 118.167.255.255
netname: HINET-NET
country: TW
descr: CHTD, Chunghwa Telecom Co.,Ltd.
descr: DataBldg.6F, No.21, Sec.21, Hsin-Yi Rd.
descr: Taipei Taiwan 100
admin-c: HN27-AP
tech-c: HN28-AP
status: ALLOCATED PORTABLE
mnt-by: MAINT-TW-TWNIC
mnt-lower: MAINT-TW-TWNIC
mnt-routes: MAINT-TW-TWNIC
changed: hm-changed@apnic.net 20071004
source: APNIC
IE8.0 trouble
On the alternate system I installed the beta of InternetExplorer 8. It does work but as it turned out, McAfee securityy center seems to rely on specific code and didn’t show up – as was noted on their support site. Now I have RC1 installed and that problem is now gone. But it seems this has some other issues: The Trips,Tracks, and Travels blog refuses to show the header image; login problems with both blogs appear once in a while – That is: the sysblog login works fine but the TTT-one doesn’t.
However, now working on the Ubuntu installtion (using Foirefox 3.0.5) both seem to work fine. Except for autosave, but again that seems to be a PHP issue.
Not so for PHPMyAdmin that still fails dramatically. But that surely has to do with PHP 5.0 running MySQL4.0 engine.
Other trouble
Editing has some nasty issues: Linebreaks etcetera that don’t show on the right spots, so the view can be somewhat distorted. I’m also unable to switch editor type when editing an existing post, like this one. Though the screen seems to extend (there is a horizontal drawbar on the bottom) the window won’t stretch rightward. Again, this may be a PHP issue. Firefox complains that “Query(“#caregory-tabs”).tabs is not a function”, and that “tinyMCE is not defined.” . Javascript errors, it seems. Again: PHP issues, or browser ones?