Finding and blocking an abusive host from your Apache log

Finding and blocking an abusive host from your Apache log

My web site slowed to a crawl last night, my CPU usage soared to 100%, and my built-in security measures weren’t helping. I ended up having to do some old-school Linux sysadmin work to stop them.

I haven’t been an everyday sysadmin since 2009. But every once in a while I can still come off the bench and do this stuff.

Read more

Why did IBM fail at PCs?

Why did IBM fail at PCs?

If you ask why did IBM fail, I assume you mean why did IBM ultimately fail in the personal computer market. IBM is still in business, after all. But its exit from the PC market after 24 years, including a period of dominance in the 1980s, does seem curious. And it raises another question: What does IBM do now?

I experienced IBM’s fall in this market firsthand. I sold computers at retail in 1994 and 1995. IBM’s computers at that time were no worse than anyone else’s, but I had an extremely difficult time selling them. Many consumers didn’t trust IBM and didn’t want to get somehow locked in. There was nothing wrong with those machines, but it sure was a lot easier to just sell them a Compaq.

Read more

Why we can’t have nice things: The reaction to IBM’s big black and blue quarter

IBM announced yesterday that it had a terrible quarter. They missed earnings, the stock plunged, and Warren Buffett lost a billion dollars.

Everyone assumes Warren Buffett is worried, or livid, and selling off the stock like it’s on fire. Read more

The wrong way to reboot a server

In my day, I did plenty of hardware maintenance in the field. In fact, the only time one of my bosses ever saw me at work, I was swapping out failed memory in a server.

“How’d you know it needed to be done?” he asked.

“It told me.” That’s why I always loved HP Proliant servers. My boss looked confused at my answer but didn’t ask me to elaborate.

But not all of my field maintenance always went quite so smoothly. Read more

Bash is worse than heartbleed! Oh noes!

A really bad remote code execution bug surfaced yesterday, in Bash–the GNU replacement for the Unix shell. If you have a webserver running, or possibly just SSH, it can be used to execute arbitrary code. It affects anything Unixy–Linux, BSD, Mac OS X, and likely many proprietary Unix flavors, since many of them have adopted the GNU toolchain.

This could be really bad. Some people are calling it potentially worse than Heartbleed. Maybe. I’m thinking it’s more along the lines of MS08-067. But there’s an important lesson we must learn from this. Read more

The ghost in the network

My logging system died rather abruptly one week. It started with the Active Directory account some of our servers use locking. I got the account unlocked–someone else has those rights–and the system came back to life for a while, but then we had to repeat, and each time we repeated, “a while” grew shorter and shorter, bottoming out at about 2 minutes, 40 seconds.

The way you troubleshoot problems like this is by looking at logs. The problem is, you can’t collect very many logs in 2 minutes and 40 seconds.

Read more

Snickering at the Emachine

For several years, I administered a command and control system for the U.S. Air Force. I sat in a datacenter, surrounded by racks jam-packed full of servers, and they kept the building at 64 degrees year round. I quickly learned to keep a jacket handy. I did several things, but mostly patch management.

Our system consisted of a diverse collection of Dell 1U and 5U servers, HP blades, and a couple of Sun SPARC boxes. It was a professional-looking setup, and except for the times we were doing massive system upgrades, the system generally worked as well as it looked.

Then we got a neighbor.

Read more

An SSD data loss issue–and how to prevent it

An SSD data loss issue–and how to prevent it

Longtime reader Dan Bowman–probably my very first reader, come to think of it–sent in this article from Infoworld regarding SSDs and data loss in power failure.

It’s not theoretical. I’ve seen it. I also know how to prevent it.

Read more

CISSP vs. CASP vs. CEH

One of my coworkers invited me to watch a webinar with him today that promised to compare CompTIA’s new high-end certification with the CISSP.

I was skeptical at first, especially when I heard it was an 80-question, 150-minute test. But by the end, I mostly liked what I heard.

Read more

The phone in the server rack

I spent about four years of my life working in a datacenter, administering a system comprised of about 200 computers supporting 20,000 users. I have some stories.

The facility had a lot of rules, some of them extremely petty. One of them involved telephones.

Read more