1. URL blocking to deter phishing
We have been getting more and more cases of phishing sites being hosted on clients accounts. PHP scripts,
particularly popular scripts for forums, CMS and blogs which are not brought up to date, are pretty vulnerable
to attacks. Attackers will place their files into the cracked accounts. The most commonly phished sites are
banks, ebay and paypal.
Since we do not have access to many of the servers, being unmanaged, and really do not want to mess with clients'
scripts on shared servers; a solution would be to block all incoming requests for URLs with bankofamerica, paypal
and ebay in the URL. Need to monitor existing requests to ensure there's no legitimate pages having these
keywords. Probably do a redirect to a webpage with info, so users can contact us if their pages get blocked.
2. Spam mails
Another bane of web hosting is spam mails. Most antispam require installation on servers, or if they are
appliances, would require a proxy smtp setup.
A transparent antispam appliance would be nice, both for incoming and outgoing connections; and would not
require customers to change configuration. Servers would still have antispam such as spam assassin. This
would be an addition, and also prevent cracked accounts from sending out spam from our servers.
Look into monitoring of servers using Nagios. Use together with a GSM modem to send out SMS when services are down.
4. NTOP and Colasoft
Used to have NTOP running, but NTOP crashes every few days. Need to try it again, to have statistics in
addition to what we have currently. Check Colasoft products as well. For statistics, more is usually better ;)
5. Packeteer (Packet Shaping)
Just got a Packeteer with 100Mbps shaping. Will need to set this up, in addition to the Allot Netenforcer 45Mbps we
have currently. Will be able to provide customers with a login page, with monitoring of their bandwidth usage.
30 Apr 2007
[Sysadmin] Access to servers via mobile device and ssh
[Sysadmin] RAID 0 scaling on SCSI U320, Bonnie++ 1.93c benchmark results
[Sysadmin] TODO (Apr 2007)
[Sysadmin] Recover from mistakes in /etc/fstab or e2label usage
[Sysadmin] Server overloaded?
[Sysadmin] Server load high: CPU bound
[Sysadmin] Smokeping: deluxe latency measurement tool
[Sysadmin] Jul 08 to Oct 08 updates
[Sysadmin] Weak link - downtimes caused by the organic being
[Sysadmin] BIOS upgrades - uniflash - hotflash
[Sysadmin] Sizing for Virtual Private Server (VPS) & SSDs
[Sysadmin] iphone, ipod - bluetooth keyboard - Nokia e51
[Sysadmin] e2label, fdisk, /etc/fstab, mount, linux rescue, rescue disk, CentOS
[Sysadmin] opensuse, fix waiting for mandatory device, eth0, eth1, eth2, eth3
[Sysadmin] mount: could not find filesystem '/dev/root'
[Sysadmin] Parallels Virtuozzo Physical server to Container migration (vzp2v)
[Web hosting] DDOS (Distributed Denial of Service)
[Web hosting] Uptime for dedicated server, VPS and shared server
[Web hosting] Shared, Guaranteed and Dedicated Bandwidth
[Web hosting] Unmetered bandwidth
[Web hosting] Free domains?
[Web hosting] Joomla Scalability
[SPAM handling] Tracking applications which are exploited for mass spam mailing
[Buzzwords] Clusters, Clustering
[Security] Destruction of faulty hard disks
[Storage] Benchmark using iometer on linux
[SSD] Benchmark Intel X25-E and Intel X25-M flash SSDs
[SSD] Intel X25-E 64GB G1, 4KB Random IOPS, iometer benchmark
[SSD] Intel X25-M 160GB G2, 4KB Random IOPS, iometer benchmark
[SSD] Comparison of Intel X25-E G1 vs Intel X25-M G2
[cPanel] ClamAV version has reached End of Life! Please upgrade to version 0.95
[cPanel] How to install Java, ImageMagick and ffmpeg
[Perl] Opening text files for reading, and simple regexp (regular expressions)