Someone launched a denial of service attacks which repeatedly caused three of our public name servers to crash earlier but the downtime was less than a minute on each as I have scripts in place that check for the proper operation of our name servers once each minute and relaunch them if they are inoperative, and at no time were all name servers simultaneously out of service.

     The ticket system is now finally fixed and working properly under PHP 7.0.

      Maintenance is completed.  I need to check all the shell servers to make sure they have properly remounted NFS file systems but I will do that when I get home.

      Sorry this took so long, a combination of bugs in Ubuntu’s start-up script and operator error, at one point I powered down the wrong server.

     I am going to be rebooting our servers tonight, probably around 10:30pm or so in order to load Microcode that fixes a bug in the Intel I7-6700K and I7-6850K processors used in our servers.

     Please do not use the EskimoNorth user group on Yahoo Groups for status because I can not post there.  This is what I get when I try:

---

Hello,

Your message to the EskimoNorthUsers group was not approved.
The owner of the group controls the content posted to it and has the
right to approve or reject messages accordingly.

In this case, your message was automatically rejected because the
moderator didn’t approve it within 14 days. We do this to provide a
high quality of service for our users.

A complete copy of your message has been attached for your
convenience.

Thank you for choosing Yahoo Groups

---

     Instead first check https://www.eskimo.com/news and if no response there, then check https://www.facebook.com/EskimoNorth.  I will post in one of these two locations or both.

     Something got damaged with mx2’s postfix configuration and it caused it to reject e-mail with “Server configuration error” messages.

     I did postfix check but it did not complain.  So I copied mx1’s configuration, which was not experiencing these errors and just corrected hostname and path to TLS certs on mx2 and restarted postfix and the errors stopped.

     For those of you who have an interest in the SmallTalk programming language, GNU SmallTalk with all the bindings, libraries, Emacs extensions, etc, has been installed on the web server, and the Ubuntu, Mint, and Debian shell servers.

     I have installed development tools 6 on CentOS6.  This makes gcc-6 and related tools available.  They are enabled by default on bash, but for other shells you will need to source the following:

     source /opt/rh/devtoolset-6/enable

     I have upgraded the kernels on Centos6, Mail, Mx1, Mx2, Radius1, and Scientific from 2.6.32 to 3.10.107 to eliminate a vulnerability being exploited by some Linux Ransomware making the rounds presently.

     I initially upgraded to 4.11.8 but discovered that pine and dovecot do not work properly with this kernel version under RHEL-6 based machines.  It does work fine under Ubuntu so I don’t know if it is an incompatibility of how some library interfaces with the kernel or exactly what is wrong, I just know it does not work properly but 3.10.107 does seem to be okay.

     Our web server software has been upgraded to Apache httpd 2.4.26.

     This primarily improves HTTP 2.0, it does some things to further enhance speed, reliability, and security for this new HTTP protocol.  There are minor improvements to other aspects of Apache as well.

Apache HTTP Server 2.4.26 Released

June 19, 2017

The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.4.26 of the Apache HTTP Server (“Apache”). This version of Apache is our latest GA release of the new generation 2.4.x branch of Apache HTTPD and represents fifteen years of innovation by the project, and is recommended over all previous releases. This release of Apache is a security, feature, and bug fix release.

We consider this release to be the best version of Apache available, and encourage users of all prior versions to upgrade.

Apache HTTP Server 2.4.26 is available for download from:

http://httpd.apache.org/download.cgi

Please see the CHANGES_2.4 file, linked from the download page, for a full list of changes. A condensed list, CHANGES_2.4.26 includes only those changes introduced since the prior 2.4 release. A summary of all of the security vulnerabilities addressed in this and earlier releases is available:

http://httpd.apache.org/security/vulnerabilities_24.html

This release requires the Apache Portable Runtime (APR), minimum version 1.5.x, and APR-Util, minimum version 1.5.x. Some features may require the 1.6.x version of both APR and APR-Util. The APR libraries must be upgraded for all features of httpd to operate correctly.

Apache HTTP Server 2.4 provides a number of improvements and enhancements over the 2.2 version. A listing and description of these features is available via:

http://httpd.apache.org/docs/2.4/new_features_2_4.html

This release builds on and extends the Apache 2.2 API. Modules written for Apache 2.2 will need to be recompiled in order to run with Apache 2.4, and require minimal or no source code changes.

http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/VERSIONING

When upgrading or installing this version of Apache, please bear in mind that if you intend to use Apache with one of the threaded MPMs (other than the Prefork MPM), you must ensure that any modules you will be using (and the libraries they depend on) are thread-safe.

Please note that Apache Web Server Project will only provide maintenance releases of the 2.2.x flavor through June of 2017, and will provide some security patches beyond this date through at least December of 2017. Minimal maintenance patches of 2.2.x are expected throughout this period, and users are strongly encouraged to promptly complete their transitions to the the 2.4.x flavor of httpd to benefit from a much larger assortment of minor security and bug fixes as well as new features.