CactiEZ – Centos 5
This past weekend I was feeling a bit under the weather, so I took some time off and rebuild my CactiEZ CD using CentOS 5. Here a few bullet points
December 7, 2009
Posted in: CactiEZ 
5 Comments
ESXi 4.0 – Lessons Learned
I’m not sure how many people were paying attention on a Friday night / Saturday morning, but I decided to do the long put off upgrade to ESXi 4.0 (from an old CentOS 4 install running VMWare Server v1.0, yuck). While it wasn’t an extremely painful experience, I can say that I wish a few things were more common knowledge on the internet.
To begin the install was easy, I just had to do a little prep work first. Since my websites were going to be offline (included the others I host for other people) I wanted to do a redirection of all HTTP traffic to another host which would stay up so that I can display a page about the site being under maintenance. Normally you would use a F5 or something to do this for you, but I certainly don’t have anything that fancy laying around so I had to settle for something simpler. I borrowed a small ASUS Eeepc from my good friend Brian Yeager. I did a quick install of windows (could have done linux too, but I had my windows CD handy already) and installed XAMPP on it. I did a quick index.html and added a .htaccess file to do a redirect of any webpage back to that index.html (so if you tried to goto download.php it would redirect, etc…). Now this was easy enough to do. I gave it a spare static IP I had and it was up and running. I had originally planned on doing a Destination NAT on my Mikrotik to redirect all port 80 traffic over to this server, but I ran into a few issues and decided to instead just add the IPs of the VMs to this server as I take them off line. Simple enough.
October 10, 2009
Posted in: Cacti 9 Comments
Mikrotik – QOS Per File
Today’s article will be a bit more complex. If you played with your Mikrotik enough, you should know how to use QOS to limit connection speeds for different things (if not, maybe I will do a quick article on that). Well we will build on that today to show you how you can limit HTTP download speeds on particular files or file types (for instance all Zip files). To make this work, we will be utilizing Queues, Mangle Rules (for Connection and Packet Marking), and Layer7 Protocols.
This is something I currently use to limit the download speed of my CactiEZ CD that I release. This one download uses an ungodly amount of bandwidth a month, and would use even more if it wasn’t tightly controlled. The problem comes in that all my downloads were previously QOSed solely by destination IP (the download site as a static IP). If several users were downloading the CD (560 Megs a pop each) it would slow down and limit the speed of all my other plugins could be downloaded. So I had to figure out how to separate them out.
May 27, 2009
Posted in: Mikrotik 2 Comments
Mikrotik – Port Knocking
Following up on my last post, I decided to give a few more details on the various things I mentioned. The first of which is a more in depth look at Port Knocking using Layer 7 packet sniffing. I will go over a few quick steps to get this running on your Mikrotik, and let you expand from there. Since I generally don’t use the command line on mine, you will have to suffice with some screen shots. I feel its easier to learn the concepts this way, rather than blindly typing in commands anyway.
The concept itself is a simple one, your router will watch for an incoming sequence of packets, and will grant you access to specific parts of the network if you know the secret knock. While the security of this method is fairly laughable, it can be used to define a second layer of defense (must knock before you can SSH or VPN). Since most attempts to exploit systems nowadays is done by automated bots, not having SSH open to the outside world can be the difference between your server being assimilated into the bot net, or not.
April 17, 2009
Posted in: Mikrotik One Comment
Mikrotik
I’ll be the first to admit, that I’m not much of a network guy. Granted, I understand the concepts and can follow along well enough. Its just that without having the Cisco gear at my disposal to play with, it makes it kinda difficult at best (now I have GNS3 which fixes that problem though). Well a few years ago my friend turned me onto Mikrotik’s and honestly, I haven’t looked back since. Its just amazing what you can do with these cheap little routers with a few clicks of the mouse (its got an awesome GUI). This site currently runs behind one, as does my house and my dad’s. One of the recent features in the last year has been Layer7 packet inspection (scanning the actual contents of the packet). What this entails is I am able to create regex rules, and apply these to different firewall and mangle rules and have that rule only match if the data in the packet matches the regex. As you ponder all the possibilities, you can see how useful this can be. I take full advantage of this, and several other features, to ensure the integrity and speed of the site. As examples, I will show you a bit of what I currently do.
March 30, 2009
Posted in: Mikrotik 4 Comments
Webseer
So the new website monitoring plugin has a name, Webseer. Granted this certainly isn’t set in stone, and may change on a whim once it is done (Google shows me that Webseer is currently the same name as a image search engine). I just thought it was catchy and had a nice ring to it.
The plugin is definitely taking shape quickly. It has a configuration interface, it can check your sites for you, and alert when they come up and down. I’m already using it in our production environment and am pleased with the results.  Below is a small screen shot of the interface. It currently shows a bit of information, but there is much more that it records.
March 23, 2009
Posted in: Plugins 5 Comments
Website Monitoring
One of the things I currently do is monitor my websites to ensure they are up. Using a simple script and template, I pull down the page and regex it for a specific string. If I find a match, I assume the page is working. No match, site must be down or returning an error.
This is all well and good, but what I really want is something more complex. In particular I monitor these sites from multiple different datacenters spread across the country, but when the site goes down I receive multiple alerts (1 from each), and each one continuously emails me (1 from each). Sometimes I have just one “node” tell me its down, so this lets me know its not a web site issue, but an ISP issue at that site. I would rather not get this false positive either.
February 25, 2009
Posted in: Plugins One Comment
The future of Thold
I have eluded in several places about the future features that will be available in thold.  But the information is spread all over the place, so I will take the time now to list out changes, and a brief description of the changes. Some of these are slated for the next major release, some slightly further down the road. Please take note that “sponsored” feature requests make it into production a lot quicker than everything else. Most of the features added into v0.4 were actually sponsored by a third party.
February 25, 2009
Posted in: Plugins 5 Comments