One ridge, two nerds, a couple of cameras, and lots of snow…

Systems Administration

The Taos Ski Valley ridge opened for the first time this year – nice and early with lots of snow.  Of course Dave, our lead systems administrator, suddenly needed the day off (pashaw!!). And my brother Sam, who works for TaosNet and who installed the nearly-famous Ridge-Cam, had some urgent things to “fix” on the ridge today. Sooo… this is what the Ridge-Cam normally looks like:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

And this is what it looked like for a few minutes today…

Continue reading One ridge, two nerds, a couple of cameras, and lots of snow…

Mass hacks – Not in our House!

Systems Administration, Web Hosting

From a recent Slashdot article:

More than 70,000 websites were compromised in a recent breach of InMotion. Thousands of websites were defaced and others had alterations made to give users a hard time accessing their accounts and fixing the damage. A similar attack hit JustHost back in June, and in a breach of Australian Web host DistributeIT just prior to that, hackers completely deleted more than 4,800 websites that the company was unable to recover. The incidents raise concern that hacker groups are bypassing single targets and hitting Web hosts directly, giving them access to tens of thousands of websites, rather than single targets. While the attacks have caused damage, they weren’t as malicious as they could have been. Rather than defacing and deleting, hackers could have quietly planted malware in the sites or stolen customer data. Web hosting companies could be one of the largest holes in non-government cybersecurity, since malicious hackers can gain access through openings left by the Web host, regardless of the security of a given site.

We’ve already closed these holes.   Are you really still hosting your sites with the volume-based hosters!

~ Oban

Oban Talks Hackers 2011 New Mexico Tour

Systems Administration, Web Development, Web Hosting
A web site owner

The “Oban Talks Hackers 2011 New Mexico Tour” continues this Friday, June 3rd at the prestigious Hotel don Fernando de Taos at 11:30am.

Its $15 for Taos Chamber of Commerce members to attend and $20 for non-members.  Note that this loot doesn’t line my pockets, it goes toward the fantastic hotel lunch that you’ll be served while I dissect how hackers will get into your site and make your life miserable.  The details about the talk are here: http://www.chambermaster.com/directory/jsp/events/EventPage.jsp?ccid=80&eventid=8511

Please RSVP to Steve Fuhlendorf at steve@taoschamber.com.

If enough people RSVP we’ll do a live webcast of this event as well.  i.e.  It’ll be blacked out just like a big sporting event unless it sells out locally, so RSVP!

Thanks,

~ Oban

PowerDNS migration creates bug ripples

Systems Administration, Web Hosting
Ripples

There is nothing more tricky and fraught with potential problems than DNS upgrades.

This week we migrated from BIND to PowerDNS.  Prior to the migration we dutifully tested PowerDNS on different servers, in different configurations, consulted other sysadmins who were running PowerDNS, and found all tests to be working flawlessly.

So we went ahead and upgraded all three of our DNS servers from BIND to PowerDNS, and watched…

Continue reading PowerDNS migration creates bug ripples

Not Enough Nines!

Systems Administration
Happy Geek

For the second year in a row we experienced something like 99.9999999999999999999 network uptime.  Yes, we had a server have issues here and there, but never for more than a few minutes.  And one of our upstream pipes went down once or twice, but it never affected our users as the BGP routing switched traffic to our other pipes exactly as it was supposed to.

I’m knocking on wood as I type this – Two and a half years since our last major outage makes me a happy Systems Administrator.

The most secure shared hosting – Brownrice!

Systems Administration, Web Development, Web Hosting
Hacked!

Until recently our shared hosting servers suffered from some of the same vulnerabilities that many of the volume-based hosting providers do.  Namely, if one site on a shared server was hacked it was possible for the hacker to deface other sites on the same server that had files or directories with loose permissions.  I.e. 777 permissions.

Yep, even if you diligently keep your site and code up-to-date your site could still be hacked because someone else’s site on the same server was hacked.

Ugly, eh?

Read about this nastiness in action at Network Solutions, Bluehost, Dreamhost, and GoDaddy here: Continue reading The most secure shared hosting – Brownrice!