On Fri, Apr 01, 2016 at 10:08:47AM PDT, N.J. Thomas spake thusly:
> * Tracy Reed [2016-03-31 12:15:55-0700]:
> > I have done a lot of work with Splunk also and have seriously mixed
> > feelings about it.
>
> Apart from the cost, can you expand on that?
Their demo
s with the ELK
(elasticsearch, logstash, kibana) stack.
A grok filter isn't hard to develop.
I have done a lot of work with Splunk also and have seriously mixed feelings
about it.
--
Tracy Reed
___
Tech mailing list
Tech@lists.lopsa.org
https://list
never exposed to the servers.
I really hope you can phrase this very differently. Rather than saying "It
should be ok to reuse passwords" please focus on "use cbcrypt instead of
encrypting passwords". Otherwise it is only a matter of time before some newbie
software developer
ash.
I can't think of a single time in over 20 years of using bash that the
execution speed of bash code has made the slightest difference.
--
Tracy Reed
pgp_lFAxDtXCd.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
htt
of large organizations in our town, including banks, have been hit
> >with Cryptowall in the past few weeks. On the news this morning was a report
> >of a sheriff's office in TN paying the $500 ransom after working with FBI.
Just wait until your bank loses your savings
regulated
data.
Pardon me for shilling as I have never mentioned it before in years on this
list but it seems apropos at this point to say that Copilotco publishes a
whitepaper on HIPAA compliance which explains HIPAA requirements in a server
environment (Linux focused but broadly applicable).
#x27;t even have separate backups I doubt he will be overly concerned
about this. For better or worse, odds are DHHS will never know about it unless
one of his patients reports him so likely nothing will come of it.
--
Tracy Reed, RHCE Digital signature attached for your safety.
Copilotco
puppet handled everything from there.
That's what I do too.
--
Tracy Reed
pgpqzfoYca3nS.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the Le
puppet from cron and puppet makes sure
cron is running.
> And of course, since it sounds like you are working in environments like ones
> I have worked in the past, I just ran `puppet agent -t` as root on the box
> that I wanted the latest config NOW.
That's what I do too.
--
nally changed.
Cherry MX blues all the way!
--
Tracy Reed
pgpz42qZ1maFf.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Profes
On Mon, May 19, 2014 at 06:20:06PM PDT, Atom Powers spake thusly:
> Because 90%+ of the users and services for that data are on Windows.
So we are proposing to run Windows as an NFS server and Windows as an NFS
client?
"I've got a bad feeling about this..."
--
Tracy Reed
avid Lang
> ___
> Tech mailing list
> Tech@lists.lopsa.org
> https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
> This list provided by the League of Professional System Administrators
> http://lopsa.org/
--
Tracy Reed
pgpZg4QM
rpose. You set a packet-sampling rate. So it depends on
how many packets long your burst is. I currently sample every thousand packets
which works well for me. I then feed it into logstash/Kibana for analysis.
--
Tracy Reed
pgpcq6T4IID5j.pgp
Description:
rap I can knock together.
Is anyone else pleased yet also boggled that "1gbe" is not a "fast link"
anymore? My 10Mb cablemodem at home is downright glacial.
--
Tracy Reed
pgp7L3BYAlD18.pgp
Description: PGP signature
___
ms the file /etc/rc.sysinit looks to be the right place. It
has a $fsckoptions variable and other interesting places to hack in a -y. Just
watch out for yum etc. potentially wiping out your changes during upgrades.
--
Tracy Reed, RHCE Digital signature attached for your safety.
Copilotco
get to consider the impact on your ethernet SAN if thousands of
machines all come back up at once and start fsck'ing. Particularly if there are
shared spindles (which there always are).
--
Tracy Reed, RHCE Digital signature attached for your safety.
CopilotcoPCI/HIPAA/SOX Compl
nt
power circuits in a datacenter or using a completely separate datacenter. This
is useful in being able to play them off each other for price as well.
--
Tracy Reed, RHCE Digital signature attached for your safety.
CopilotcoPCI/HIPAA/SOX Compliant Secure Hosting
866-MY-C
having everything managed from puppet/Splunk.
--
Tracy Reed, RHCE Digital signature attached for your safety.
CopilotcoPCI/HIPAA/SOX Compliant Secure Hosting
866-MY-COPILOT x101 http://copilotco.com
pgp3FUhatIfY1.pgp
Description: PGP signature
On Wed, Jul 24, 2013 at 10:49:21PM PDT, Chris Francy spake thusly:
> A newish solution that might meet your needs is [git-annex](
> http://git-annex.branchable.com/).
Along these lines, I like the looks of:
http://sparkleshare.org/
Haven't been able to play with it much yet though.
#x27;t get me
wrong, I'm not saying don't encrypt your servers. I'm just saying that
operationally speaking it is a PITA and won't protect you from the most likely
threat: Someone gets access to the server while it is in operation when it will
necessarily have the encrypted volum
ainst any reasonably anticipated threats or hazards" -
(45 CFR ยง 164.306(a)(2))
Details here:
http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/adminsimpregtext.pdf
--
Tracy Reed, RHCE Digital signature attached for your safety.
CopilotcoPCI/HIPAA/SOX
f that one half a rack longer than all of my
numerous server cables half a rack longer.
I have found no downside to middle of rack switches (other than perhaps
breaking from tradition), only upside. I don't even like the TOR acronym
because for me TOR is The Onion Router. I prefer MOR (Mid
alerts and status.
--
Tracy Reed
pgpDOBc68rOzo.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
Q/ref=oh_details_o01_s00_i00?ie=UTF8&psc=1
Not made specifically for this purpose but has intriguing properties which may
lend itself well to making ear molds. Videos here:
https://www.youtube.com/results?search_query=instamorph+plastic
I haven't yet had a chance to play w
YSIWYG builders not rendering correctly,
etc. Everyone here learned basic wiki markup and if they need need anything
fancier they are either over-complicating things/wasting time or the wiki is
the wrong tool.
--
Tracy Reed
___
Tech mailing lis
On Tue, Sep 11, 2012 at 08:23:53AM PDT, Nathan Hruby spake thusly:
> DRBD makes great strides to only shuffle changes bits from the bitmap
> after a split event.
md can do this if you have told it to using:
/sbin/mdadm -G /dev/md1 -binternal
--
Tracy Reed
pgp5zJJBbrHHT.pgp
Descriptio
er which describes how it works (which may also be of interest to the
other sub-thread about whether this is reliable or not) can be found here:
http://nss.cs.ubc.ca/remus/papers/remus-nsdi08.pdf
--
Tracy Reed
pgpk7bc2ciyFN.pgp
Description: PGP signature
On Thu, Aug 16, 2012 at 09:56:46AM PDT, Lawrence K. Chen, P.Eng. spake thusly:
> Along these lineswho makes an inexpensive ethernet to serial console
> adapter?
I've been picking up used Cyclades TS3000 console servers on Ebay for $90. They
work great.
--
Tracy Reed
pgphUS
On Fri, Aug 10, 2012 at 09:16:05AM PDT, fc lists spake thusly:
> The only requirements i have is that the VPS should be close enough to MUMBAI
Just out of curiosity, why? Close enough for what?
--
Tracy Reed
pgpmaHfCH59Rm.pgp
Description: PGP signat
On Sat, May 19, 2012 at 11:25:18PM -0400, Doug Hughes spake thusly:
> Xen is ok, but with the official dropping of it in RedHat and it's relative
> slowness for anything I/O related, KVM is a better choice.
Why would it be slower for anything IO related?
--
Tracy Reed
pgpiqg
files which is a real bummer. I would really
miss being able to easily edit my VM configs.
--
Tracy Reed
pgpTGYJLeYWxc.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This
ght of
http://tools.ietf.org/html/rfc6540
--
Tracy Reed
pgpd13Rljxc5Y.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professi
ome meaningful advice
> on it.
A soundly built wooden crate. Or at least a pallet. Just cardboard won't cut it
unless you really have a custom made box and properly shaped foam inserts and
all that fancy stuff like the big vendors have made (original packaging).
--
Tracy Reed
their lunch for years and I'm sad to
say it looks like it may continue this way even though AoE is a faster, easier,
simpler solution.
Although I have been a big proponent of AoE since 2005 I have finally had to
start deploying iSCSI myself this past year for the abovementioned rea
They work great.
What are you using for AoE targets? If you are buying Coraid gear they should
be able to help you with all of this.
--
Tracy Reed
pgp069Olq3JMW.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lop
used mobile org yet although I have had it installed on my
phone for nearly two years. It's probably about time I give it a try and do
away with all of those notes I have stashed in my iPhone's notes app.
--
Tracy Reed
pgpJ799M8P1iz.pgp
Description: PGP signature
_
o run me 4 20A per rack. Coudldn't they cut that
approximately in half (power factor correction etc, as mentioned earlier) if I
ran 208v? Seems like that would be cheaper for them. I haven't even talked to
them about pricing but now I want to talk to them and see what their deal is.
--
Trac
t help.
--
Tracy Reed
http://tracyreed.org
Digital signature attached for your safety.
pgpdHcu79sGZq.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided
s been to tell the BIOS to boot
from the other drive. You DO install your bootloader to both halves of the
mirror, right?
--
Tracy Reed
http://tracyreed.org
Digital signature attached for your safety.
pgptzCJuN3Q0L.pgp
Description: PGP signature
___
Tec
ther block device to the OS. Perhaps what you say is true if you want to
RAID 5 the boot drive but I would avoid that situation precisely to avoid such
complications.
--
Tracy Reed
http://tracyreed.org
Digital signature attached for your safety.
pgpsMkLwz3fs9.pgp
f (with battery) seized up.
--
Tracy Reed
http://tracyreed.org
Digital signature attached for your safety.
pgpX0R3gpqBts.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list
difficult, special drivers needed, differing commands and
management tools needed for each RAID card... I stick with software RAID
wherever possible.
--
Tracy Reed
http://tracyreed.org
Digital signature attached for your safety.
pgpqBiyJxdjLD.pgp
Description: PGP signature
ity is usually done using the MMX instructions:
Special hardware.
The hardware/software distinction in RAID is largely meaningless these days and
mostly a matter of myth and urban legend.
--
Tracy Reed
http://tracyreed.org
Digital signature attached for your safety.
pgpy597UriIkD.pgp
De
enabled.
It isn't that hard. Reminds me a lot of firewall config. Deny all, then allow
as necessary.
--
Tracy Reed Digital signature attached for your safety.
CopilotcoProfessionally Managed PCI Compliant Secure Hosting
866-MY-COPILOT x101 http://copilotco.com
pgpl
ssel/envelope and deals with
the emergency. The person responsible for setting passwords finds out via
notification or seeing the broken seal, investigates, resets the passwords, and
then takes whatever other follow-up action is necessary.
--
Tracy Reed Digital signature attached fo
provide the broken
macro and explain what you want it to do) by the good folks on the GNU groff
mailing list, details of which can be found here:
http://www.gnu.org/s/groff/#lists
--
Tracy Reed
pgpx7CsOJdIL6.pgp
Description: PGP signature
___
Tec
My major client has a number of FC3 and FC6 boxes which we
are working on eliminating. No security updates in years.
--
Tracy Reed Digital signature attached for your safety.
CopilotcoProfessionally Managed PCI Compliant Secure Hosting
866-MY-COPILOT x101 http://copil
use nfsen and nfdump:
http://nfsen.sourceforge.net/
which are FOSS and work great on Linux.
--
Tracy Reed
pgpnF13R6MP3E.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
y don't have a Linux client and don't have plans to build one in
> the immediate future.
For Linux I backup with s3sync.
http://s3sync.net/wiki
--
Tracy Reed
http://tracyreed.org
pgpXMveurteIK.pgp
Description: PGP signature
___
Tech mail
ave you? And if not, why hold
onto it?
--
Tracy Reed
pgpHkcbDxjph1.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
nversant). But
those documents I linked to above most likely cover everything you need
to be aware of. They tend to be rather comprehensive.
--
Tracy Reed
pgpoOSH1WWhAi.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https:/
f
support is called but it is basic phone support plus 24 hour next business day
on-site/parts replacement.
> If I was purchasing 10 servers/year, I probably wouldn't have the same
> experience. I think that the same could be said of almost any vendor.
This is where we are, if even t
ink SuperMicro is shipping you a "bug-free BIOS", you're fooling
> yourself.
No, it surely has bugs. Bug their bugs have not bitten me. Therefore I suspect
they are less serious or less numerous.
> # man w3m
Doesn't do javascript. They have the download butto
On Fri, Jan 14, 2011 at 03:45:39PM -0700, Charles Jones spake thusly:
> echo "- - -" > /sys/class/scsi_host/host0/scan
I tried this in my situation referenced in my original post about this. Didn't
work. I was bummed. Never found out why, just rebooted.
--
Tracy Reed
ow you are using
unsupported drives.
--
Tracy Reed
http://tracyreed.org
pgpdhlYgfTD8O.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Pro
.
However, it has some weird limitations and is expensive compared to the latest
stuff from Supermicro. For example, it is odd that iDRAC Enterprise supports
public key auth and Express does not. The DRAC is a little processor (MIPS or
ARM on most platforms) running Linux or Busybox. Why not suppor
most likely be
a general purpose unix system configured to do email...
--
Tracy Reed
http://tracyreed.org
pgpxEP8bYDgal.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This
ramework does not bring up much other than a
small blurb written for USENIX in 2002. Is this not a publically available
project?
--
Tracy Reed
http://tracyreed.org
pgpQmvIG1nPOC.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
ht
On Mon, Dec 20, 2010 at 11:28:02AM -0500, Edward Ned Harvey spake thusly:
> if you want to configure them command-line, you use MegaCLI which you
> download from LSI.
The horrorthe horror...
http://www.5dollarwhitebox.org/drupal/node/82
--
Tracy Reed
http://tracyre
ust checked my Xen domUs and notice they default to noop. I checked a dom0
which gets disk from an ethernet SAN and noticed it is cfq. I just switched it
to noop and made a note of the time. I'll take a look at the munin graphs in a
few hours and see if it had any effect on latency and IOPS.
supplies with PFC.
Still wishing the Google mobo's with built-in battery etc. would become a mass
produced industry standard too. There are much better ways to do what we do but
because of economies of scale and massive inertia in sticking with the old
standards we are stuck.
--
Tracy Ree
In fact, they are in
violation of section 2.3.5 of RFC 5321.
This occurred almost exactly a month ago. Unfortunately due to customer demands
I had to whitelist this nonsense. I just checked and according to today's mail
logs the situation is unchanged.
--
Tracy Reed
http://tracyreed.org
p through. Don't forget that now we need to worry about the
security of the mobile phones on which we intend to receive the authentication
messages:
http://www.google.com/search?q=zeus+intercept+sms
Two-factor auth on phones is being attacked in the wild.
--
Tracy Reed
http:/
RHEL/CentOS has
at least one very bad bug in mk-table-sync. But newer stuff has been very solid
for us.
--
Tracy Reed
http://tracyreed.org
pgpd5SjESujAr.pgp
Description: PGP signature
___
Tech mailing list
Tech@lists.lopsa.org
http://lists.lopsa.
es, create
an LVM volume group, point vblade (FOSS AoE target) at the VG and let my Xen
dom0's running cluster-lvm slice up disk and install virtual machines. I have
deployed several dozen of these. This has worked great for years now. You don't
necessarily need Coraid or much of any real
65 matches
Mail list logo
