At my current job, I take care of all things systems. That’s infrastructure, security, networking, in-house desktop support, and automation. That’s a lot, I know, but someone has to do it. Nonetheless, it’s a great job. I’ve had a lot of jobs in my life, and this one is definitely top three. That being said, there are a bunch of a-holes in China making my life very hard right now by constantly running DDOS (dynamic denial of service) attacks against our IP address space. They particularly like to target our Joomla and WordPress sites. I’ve been fighting with them off and on for a few weeks now, but this morning, they launched the mother of all attacks against us. This was a geographically distributed, multi-datacenter DDOS attack. They were using in excess of 100 IPs in separate subnets scattered across at least five countries. So how did I fix this? Let’s get into it.
My predecessor at my current company used a platform called check_mk to monitor our network. Unfortunately, check_mk has a feature that populates based on network discovery and can be very chatty. check_mk is also very convoluted as it’s built on top of Icinga, which is built on top of Nagios. When making changes, there were layers and layers of configuration files you had to dig through, at least, in the check_mk instance my predecessor had bequeathed me. Needless to say, I was not a fan and it wasn’t very efficient. I understand why they forked to create Icinga. At the time, Nagios was stagnant. Since then, I feel like the Nagios camp has progressed significantly. I also understand why they forked Icinga to check_mk, but it’s not for me. For the granularity I want in monitoring, check_mk would be more work intensive than Nagios. Continue reading
I’ve been a Linux Systems Administrator for more than two decades, and I’m intimately aware of what’s necessary to run Linux in the enterprise. I knew after the viral epidemic that is systemd, that the Linux ecosystem was inherently broken, and we needed a change. At that point, I sought out a group of folks identifying themselves as the VUA, or Veteran Unix Administrators. This group is vehemently opposed to systemd and began a fork of Debian without systemd, now known as Devuan (pronounced dev one.) Devuan is still in it’s infancy, only one major release under it’s belt, but it’s a massively capable server platform. My company is now running solely on Devuan Linux for all of our LAMP stack applications. We are even using it for virtualization using vserver. On the desktop side of things, it’s coming along quite nicely as well, but there are definitely some growing pains. My company recently purchased a Dell XPS 15 (9560, 2017) for me, and it came with Ubuntu. I figured it was time to “put my money where my mouth is,” and try an install of Devuan on this very new hardware that uses an NVME disk and boots via UEFI. This is a journal of that experience. I’m doing most of this from memory, so there may be some minor typos and/or mistakes. Feel free to reach out if something doesn’t seem correct. Continue reading
I’ve always been a bit of a nocturnal person. If I had my preference, I would go to bed every morning just shortly after the sun comes up. I know this probably seems weird to many of you, but it’s always been something I’ve struggled with. My circadian rhythm has always been that of a “night owl,” and unfortunately, the rest of the world runs on daylight. Continue reading
As a migratory systems engineer, I have lived, or stayed extensively, in cities all over my country, The United States of America. Due to this, I belong to many mailing lists and technical groups in CONUS (CONtinental United States.) One of the groups I belong to is the the DCLUG, or more extensively stated, the Washington, DC Linux Users Group. A recent dialogue of correspondence covered a very mundane topic; the topic of “rsync,” and it’s behavior while trying to do incremental copies. A member of the group, a Mr. Michael Henry, replied with a very in-depth answer and I felt it should be recorded for posterity’s sake, as even I, being a Unix/Linux user for over 20 years, learned some rsync nuance from this walk-through. You will find the contents of his reply copied here. Continue reading
I’ve been a Linux user for almost 20 years years now, and have been a Linux only user since 2006. Back in 2005, I purchased an HP DX5150 from CDW, and this is the story of it’s ongoing life. Continue reading
First and foremost, I must apologize as I’ve given no love to my blog in almost a year. I’ve had many major personal and work events happen, and honestly, have just not had the motivation to write. Nonetheless, I just got back from the SouthEast LinuxFest, #SELF2015, and it was phenomenal; it has definitely reinvigorated me. Continue reading