Centos6 Down for Maintenance

     Centos6 is down for maintenance.  It is being moved to a newer faster physical host machine.  This should be completed in about ten minutes.  All of the other shell servers and services are available during this move.  This is to clear the existing machine for an operating system and hardware upgrade that will require the existing physical host being removed from service for a while.

Mail Maintenance

   The mail server is now replaced and upgraded but things will be somewhat slow still for a couple of days.

     Two things, one it is on a RAID but the RAID hasn’t had time to sync all the disks before I put it in service, it is still doing that.

     Two is that I’m still moving virtual machines around and disk I/O is becoming fast enough that it can saturate a gigabit interface.  So between these two things it will be somewhat slower than optimal for a few more days but should be better than what it was.

 

Mail Slowness

     Since the mail server failed several weeks ago and I moved the services to another machine, I have had some occasional complaints of slow response but until yesterday I have not been able to reproduce them.

     Yesterday it got slow on me and I found what was happening was people hitting the servers with brute force password guessing from botnets so heavily that it was overloading the machine.

     We can reasonably defend against a small number of IP addresses but there are currently very large botnets.  This is largely because of the newly discovered security flaws in the Internet of things, televisions with a default password, routers with the same, and other devices.

     Several virtual machines on this box were hit with these attacks simultaneously and it just exhausted resources.

     I have the new mail server hardware up and running and I’m working on getting all of the necessary software installed.  It will have 4x as much memory and 50% more CPU than the old machine.  I’ve been burning in the hardware (running CPU intensive test software while overclocked to find any weak hardware) and it’s run this way for nine days no problem.  So now I am working on getting the RAID partitions configured and x2go so I can access remotely then I will move it down to the co-location facility and move the mail services to it.

FTP / WWW

     I am going to be taking the ftp and web server down for about 1/2 hour to make a backup prior to updating to Zesty 17.04 version of Ubuntu.  Just in case something goes wrong…

 goes wrong…

 goes wrong…

 goes wrong…

 

Phishing Scam

     There is a phishing scam going around that is attempting to get your account information.  Do NOT click on it, Do Not answer it or open the attachments, unless you want to have your computer infected.

     The scam comes from postmasters@googlepost.com.  Please know I will never out of the blue ask your password in e-mail.  The only time I would ever do this is if I were already being asked by you to resolve some issue and I needed to login as you to reproduce the problem.  It is humorous that they would copyright a phishing scam.  They would need to identify themselves to enforce at which point they’d have criminal charges to contend with.  I get the impression English is not their first language, or perhaps they are just illiterate.

Please do not respond to e-mails like the following:

Email Termination Notification

Dear Valued User,
Your email with reference no: #0049484, and ID: nanook@eskimo.com will be terminated if validation is not carried out Immediately. To keep up with best security practicies, we’re increasing protective measures to all accounts opened with us for free.

Click Here to Stop Email Termination on ID: nanook@eskimo.com.
Risk to Avert with this exercise

If you have not carried out this exercise, your account is open to privacy infringement

Your incomming and outgoing messages can be hijacked. Secure Email exchange and with security data.

This is not an optional exercise. Your account features is degraded and not up to the current security standard.

Follow the address above to fix your account now.

This is a reminder from your Webmail Hosting to all unattended users. To opt out or change where you receive security notifications, click here.
Thanks,

The Webmail Account Client
f t g

Copyright � 2017 Webmail Client Support Online. All rights reserved.  

 

Mail Server

     Found a reasonable deal on a 128GB memory kit, 2400 Mhz DDR4, and it is on the list of supported memory provided by Asus for that board with the i7-6850k processor so should have no compatibility issues.  It is ordered (from NewEgg).

 

Mail Server

     I’ve got the mail server home and it won’t fail now that it is here.  Gotta love it.

     None the less, I am going to replace the motherboard, CPU, and RAM.  I’ve decided to go with none of the options I initially was considering.  Intel has a new line of i7 core CPUs known as Broadwell-E.  These can address 128GB, twice what the i7-6700k or i7-7700k can address, but unlike the Xeon, they do not require buffered registered memory.  And to be fair there are some Xeon’s now that will use ordinary non-ECC non-registered non-buffered memory but they also can only address 128GB, they’re slower than Broadwell, and their memory controller is inferior.

     So I’ve ordered an Asus X99-E motherboard, an i7-6850 CPU which is a 6 core CPU capable of 4 Ghz clock in turbo, and per Intel specs only one core at that but not with Asus.  With Asus it is possible to have all cores operate at this speed provided adequate cooling is provided.

     Still looking for appropriate DDR4 memory but things are coming together.

Reboots

     Done with reboots for the night.

     These reboots fixed various software flaws that Wikileaks revealed the CIA used to gain access to Linux systems.

     In addition, I took some time to debug some of the systemd start up scripts which is why I rebooted some of the servers several times.  There are still MANY bugs in these scripts to fix but a lot are fixed in Ubuntu 16.10, and probably even more in 17.04.

     I am working on upgrading the failed server although I haven’t decided which CPU to go with yet, either an i7-7700k, a lot like the i7-6700k except less heat, or a Xeon of some sort.  In the past I’ve avoided Xeon’s because the registered ECC memory was both expensive and slow as snails.  No point in a fast CPU if the memory system can’t keep up.  But now they have Xeon processors with a memory system based upon the X99 chipset that use normal DDR4 memory and flies.  So considering going that route.

     When I get the server together with the new hardware, I will try loading 17.04 on it, and if it works well, upgrade the existing machines.