FTP / WWW

     I am going to be taking the ftp and web server down for about 1/2 hour to make a backup prior to updating to Zesty 17.04 version of Ubuntu.  Just in case something goes wrong…

 goes wrong…

 goes wrong…

 goes wrong…

 

Phishing Scam

     There is a phishing scam going around that is attempting to get your account information.  Do NOT click on it, Do Not answer it or open the attachments, unless you want to have your computer infected.

     The scam comes from postmasters@googlepost.com.  Please know I will never out of the blue ask your password in e-mail.  The only time I would ever do this is if I were already being asked by you to resolve some issue and I needed to login as you to reproduce the problem.  It is humorous that they would copyright a phishing scam.  They would need to identify themselves to enforce at which point they’d have criminal charges to contend with.  I get the impression English is not their first language, or perhaps they are just illiterate.

Please do not respond to e-mails like the following:

Email Termination Notification

Dear Valued User,
Your email with reference no: #0049484, and ID: nanook@eskimo.com will be terminated if validation is not carried out Immediately. To keep up with best security practicies, we’re increasing protective measures to all accounts opened with us for free.

Click Here to Stop Email Termination on ID: nanook@eskimo.com.
Risk to Avert with this exercise

If you have not carried out this exercise, your account is open to privacy infringement

Your incomming and outgoing messages can be hijacked. Secure Email exchange and with security data.

This is not an optional exercise. Your account features is degraded and not up to the current security standard.

Follow the address above to fix your account now.

This is a reminder from your Webmail Hosting to all unattended users. To opt out or change where you receive security notifications, click here.
Thanks,

The Webmail Account Client
f t g

Copyright � 2017 Webmail Client Support Online. All rights reserved.  

 

Mail Server

     Found a reasonable deal on a 128GB memory kit, 2400 Mhz DDR4, and it is on the list of supported memory provided by Asus for that board with the i7-6850k processor so should have no compatibility issues.  It is ordered (from NewEgg).

 

Mail Server

     I’ve got the mail server home and it won’t fail now that it is here.  Gotta love it.

     None the less, I am going to replace the motherboard, CPU, and RAM.  I’ve decided to go with none of the options I initially was considering.  Intel has a new line of i7 core CPUs known as Broadwell-E.  These can address 128GB, twice what the i7-6700k or i7-7700k can address, but unlike the Xeon, they do not require buffered registered memory.  And to be fair there are some Xeon’s now that will use ordinary non-ECC non-registered non-buffered memory but they also can only address 128GB, they’re slower than Broadwell, and their memory controller is inferior.

     So I’ve ordered an Asus X99-E motherboard, an i7-6850 CPU which is a 6 core CPU capable of 4 Ghz clock in turbo, and per Intel specs only one core at that but not with Asus.  With Asus it is possible to have all cores operate at this speed provided adequate cooling is provided.

     Still looking for appropriate DDR4 memory but things are coming together.

Reboots

     Done with reboots for the night.

     These reboots fixed various software flaws that Wikileaks revealed the CIA used to gain access to Linux systems.

     In addition, I took some time to debug some of the systemd start up scripts which is why I rebooted some of the servers several times.  There are still MANY bugs in these scripts to fix but a lot are fixed in Ubuntu 16.10, and probably even more in 17.04.

     I am working on upgrading the failed server although I haven’t decided which CPU to go with yet, either an i7-7700k, a lot like the i7-6700k except less heat, or a Xeon of some sort.  In the past I’ve avoided Xeon’s because the registered ECC memory was both expensive and slow as snails.  No point in a fast CPU if the memory system can’t keep up.  But now they have Xeon processors with a memory system based upon the X99 chipset that use normal DDR4 memory and flies.  So considering going that route.

     When I get the server together with the new hardware, I will try loading 17.04 on it, and if it works well, upgrade the existing machines.

 

Reboots Tonight

     I am going to be rebooting all of the Intel based physical servers as well as the virtual servers to load new kernels to address security issues as well as to make sure that no old code is running in the face of hundreds of upgrades which address various security concerns relating to CIA hacking recently revealed in Wikileaks documents.  This will result in brief interruption of all services.

Mail Issue – Operator Error

     When the mail spool server failed the other day, that machine also was one of the NIS slaves.  I failed to take it out of the client mail server, mail.eskimo.com, yp.conf file and as a result at some point ypbind tried to rebind to a dead server.

     During that interval, anyone who tried repeatedly to authenticate, and Macs and I-Phones do this automatically, got locked out by fail2ban for failed authentication attempts.

     I discovered this today while trying to resolve a problem for my mother-in-law that also replicated on my tablet (but not the workstation that I use all day, go figure).

     This has been corrected, all the banned IP’s unbanned.  If anyone else is still having a problem contact me, 206-812-0051, and I will chase it down.

Web / FTP Server Reboot Tonight

     Tonight, close to midnight, I will be rebooting our primary web and ftp server.  This will take about five minutes.

     The reason for the boot is to load a new kernel that addresses some security issues.

     The reason it takes five minutes is that this is a 32GB machine setup to make extensive use of caching in order to provide the fastest possible web response.

     This means there is often much to be written to disk before a boot and that, even with fast modern drives, takes some time.