Happy Thanksgiving – and Spam

First I want to wish everyone a Happy Thanksgiving.

I’ve noticed the same explosion of spam here that I am sure you are
all suffering from. I have not been able to find anything wrong here but
there are a couple of viruses going around building botnets these folks
are using.

To try to improve things, I’ve enabled the DCC (Distributed Spam
Checksum Clearinghouse) plugin to spamassassin. Hopefully it will help.
If you notice anything in the headers that is common to a lot of these

Server Reboots

      I will be rebooting servers to affect a kernel upgrade in just a few minutes. This will affect all machines but downtime for any given machine should not be more than about 15 minutes.

New Links

     I’ve added a couple of links to our links pull down on our web site.  One is to something called “Tech Rights” which deal with things like copyrights, patents, and particularly how they affect the open source and technological user community.

     The second link that I have added is to “Open Source“, a website that has many good technical articles including many good tutorials regarding how to utilize Linux and Open Source software.  These will help you make better use of many of the facilities here.

Reboots Completed

     Reboots to make active security patches have been completed.  Sorry it took me somewhat longer than anticipated owing to I had a couple of machines that were stubborn and did not want to go down for reboot.

Reboots – Nov 7th 01:30-02:00

     I will be rebooting all of the Intel based machines between 1:30AM – 2:00AM November 7th to make active several security updates that patch serious issues with openssl, systemd, and DNS.

     Downtime for any given machine should not exceed about 15 minutes.  Most will be less.

Name Service Issues Early Morning November 3rd

      I did not expect last night to be a maintenance night but it had other ideas.  Around 3AM name service for our own hosts failed although our name servers were still resolving external hosts fine.

     The issue was caused by an update that replaced the named apparmor profile on the master name server.  We use a hidden master (a master which is not reachable from the outside world) for security reasons.  I use a file system layout for named that is different from the default Ubuntu layout.  I had to modify the apparmor profile accordingly.  When the update replaced my modified profile, it resulted in named not being able to read some of it’s configuration files and then failing to resolve local host names as a result.

     This has been corrected.


Upgrades Completed

     All of the physical hosts have now been upgraded to Ubuntu 18.10.  There were a couple of issues, the upgrade replaced /etc/defaults/nis and turned the NIS servers off.  It took me several hours to find and correct that.

     Second problem was that some of the old kvm machine types, including the one that our web server used, were no longer supported on the i7-6850 platform.  Finally found that and changed the virtual machines to currently supported machine types which actually improve security.

     I did not expect to use the entire midnight – 6AM time frame but as it happened got everything back online at 5:50AM so almost went over.  If you encounter any problems please use Support->Tickets to generate a ticket.  Thank you.