A PHP-Based Server Monitor

22. October 2010 · Write a comment · Categories: Hack, howto, Servers · Tags: , ,

The other day I decided that the little ‘Network Monitor’ desktop gadget I was using to monitor my few servers just wasn’t cutting it. Instead, I wanted to make use of a spare iMac and have something a little flashier. A Google search for Server Monitors brought up a plethora of options that were either horribly ugly, platform specific, or just didn’t work the way I needed (most required that the target server be running some form of web server, such as IIS or Apache to retrieve headers to see if the server was up – most of my servers don’t run those). As such, I decided to write a small script from scratch.

I figured the easiest way to accomplish my goal of a platform-independent monitoring script was to use PHP. After enabling Apache2/PHP5 on my Snow Leopard-running iMac (a topic for another blog post later), I searched through the PHP.net function list until I found fsockopen(). This function is quite ideal, as it will work with any open port. The first step was to make a quick function to utilize fsockopen and return some testable results:

function checkServer($ip,$port)
{
$fp = fsockopen($ip,$port,$errno,$errstr,1);
if (!$fp)
{
return ‘Down’;
} else {
return ‘Up’;
}
}

I added this to a <?php ?> block in the <head></head> of the document – to call the function and perform the test, I used the following line below:

$servername = checkServer(’192.168.1.100′,’53′);

In this example I’m checking the availability of a DNS server, so I use port 53. When this runs, the $servername is set to either ‘Up’ or ‘Down’ depending on whether or not a connection can be opened on that port.

The only thing left now was to display this output. I made a fancy table-based page with graphics where each server is a cell and the background changes between green and red depending on the $servername value. However, all you really need is the code below in a <?php ?> block in the body of the page:

echo(‘Server Example Status: ‘.$servername);

Changing Example to the name of your server. If you have more than one server to check, just make another variable, use the checkServer function to give it a value (make sure to change the IP address and use an open port!), and then add another echo line.

That’s it! To be fancy, you can add a javascript automagic page refresh to – just change the <body> tag to:

<body onLoad=”Javascript:timedRefresh(30000); display();”>

And put the following in the <head></head> section:

<script type=”text/Javascript”>

<!–

function timedRefresh(timeoutPeriod) {

setTimeout(“location.reload(true);”,timeoutPeriod);

}

//  –>

</script>

And you’re done! If the server is up, every 30 seconds your page will refresh and show:

Server Example Status: Up

IPTABLES Logging on a VPS

11. October 2010 · 2 comments · Categories: howto, Linux, Networking, Servers, Troubleshooting · Tags: , , ,

When you manage a *nix-based server, there are a few general guidelines that most admins follow; Doing things like setting a strong root password, changing SSHD to a non-standard port, and setting up logging are usually firsts. However, if you’re on a VPS, you may run in to a few issues (note that these instructions are for CentOS 5.x and may vary depending on your distro).

For example, when I was setting my the nice new VPS that I’m running this site from I attempted to enable IPTABLES logging to monitor attempts to get to the standard SSH port (22), and the port that I actually use for SSH (I won’t post the real one, but for the example I’ll use port 1234) with the following lines in “/etc/sysconfig/iptables”:

<Snip other rules>
-A INPUT -m state --state NEW -p tcp -m tcp --dport 1234 -j LOG -m limit --limit 20/m --log-level warn --log-prefix "SSH Attempt on port 1234: "
-A INPUT -p tcp -m tcp --dport 1234 -j ACCEPT
<Snip even more rules>
-A INPUT -p tcp -m tcp --dport 22 -j LOG -m limit --limit 20/m --log-level warn --log-prefix "Dropped SSH on port 22: "
-A INPUT -j DROP
Note that you need to add the LOG lines before the ACCEPT and DROP lines.  Only 20 lines will be logged per minute to prevent file sizes from going nuts in case of an attack.
After restarting IPTABLES with service iptables restart, I made a few access attempts and checked /var/log/messages — no log lines appeared, though. Then I realized I was missing something.
In “/etc/syslog.conf” I had to add the following to the end:
kern.=warn   /var/log/firewall
I opted to log to firewall instead of messages simply to keep the file clean.
I restarted SYSLOG with service syslog restart, made a few more attempts, and still nothing was appearing in “/var/log/firewall” or “/var/log/messages”. However, typing dmesg showed the relevant lines:
SSH Attempt on port 1234: IN=venet0 OUT= MAC= SRC=10.0.0.1 DST=10.0.0.2 LEN=48 TOS=0×00 PREC=0×00 TTL=116 ID=28979 DF PROTO=TCP SPT=35291 DPT=1234 WINDOW=8192 RES=0×00 SYN URGP=0
So I knew that SYSLOG was working, however it wasn’t going all the way. Then I decided to see if KLOGD was running:
[root@vps ~]# ps aux|grep klogd
root     13632  0.0  0.1   7188   788 pts/0    S+   00:07   0:00 grep klogd
So that means that KLOGD isn’t running, which is the cause of the problem! I checked “/etc/rc.d/init.d/syslog” and found that the KLOGD lines were commented out, as such:
<snip>
passed klogd skipped #daemon klogd $KLOGD_OPTIONS
<snip>
passed klogd skipped #killproc klogd
In the “start()” and “stop()” areas respectively. I simply removed the “passed klogd skipped #” parts, saved and ran service syslog restart and presto, KLOGD was up and running:
[root@vps ~]# ps aux|grep klogd
root      7542  0.0  0.0   3808   424 ?        Ss   Oct11   0:00 klogd -x
root     15402  0.0  0.1   7188   788 pts/0    S+   00:13   0:00 grep klogd
I made a few more connection attempts and verified that now everything was working correctly:
[root@vps ~]# cat /var/log/firewall
Oct 11 23:47:06 vps kernel: SSH Attempt on port 1234: IN=venet0 OUT= MAC= SRC=10.0.0.1 DST=10.0.0.2 LEN=48 TOS=0×00 PREC=0×00 TTL=116 ID=28979 DF PROTO=TCP SPT=35291 DPT=1234 WINDOW=8192 RES=0×00 SYN URGP=0
Oct 12 00:13:03 vps kernel: Dropped SSH on port 22: IN=venet0 OUT= MAC= SRC=110.77.129.166 DST=10.0.0.2 LEN=60 TOS=0×00 PREC=0×00 TTL=45 ID=59383 DF PROTO=TCP SPT=33846 DPT=22 WINDOW=5840 RES=0×00 SYN URGP=0
Done and done! IPTABLES now properly logs to “/var/log/firewall” when someone attempts to hit port 22 or 1234.
TL;DR Version: If you want IPTABLES logging enabled on your VPS, follow the normal steps to enable IPTABLES logging and then make sure KLOGD is enabled in  ”/etc/rc.d/init.d/syslog”.

Fixed: Can’t Resize Uploaded Images in WordPress

19. August 2010 · Write a comment · Categories: howto, Servers, Software, Troubleshooting · Tags: , ,

Here’s one with an easy fix. If you’ve just installed WordPress on your server and can upload images but WordPress doesn’t let you resize them in the same form, SSH in to your server and do the following:

yum install php-gd

service httpd restart

And you’re done! …At least, as long as you’re using an RHEL-compatible Linux distro. If not, use your package manager of choice, or manually find and load the php-gd extension!

Exchange 2007 OWA/ActiveSync with Two SSL Certificates

20. July 2010 · Write a comment · Categories: Hack, howto, Microsoft, Servers, Software, Troubleshooting, Windows · Tags: , , , ,

Yes, it is possible. It’s not pretty by any means (a proper Class 2 SSL Certificate is the best way to go), but it can be done. Click Continue Reading for the process.

More »

Howto: Find the Serial Number on a new Dell Monitor

23. June 2010 · Write a comment · Categories: "It's a Feature", Hardware, howto, Rants · Tags: , ,

I picked up a few Dell P2210t 22″ widescreen LCD monitors the other day.

Monitor - Front

Very nice!

As part of my asset acquisition process, I have to document serial numbers and assign an asset tags to each new asset. When I turned the monitor around, though, I ran in to a problem:

Monitor - Back

WTH?

Hey, uh, Dell? Did you forget something?

Well, actually they didn’t. Apparently all of the required labeling is too much of an ‘eye sore’, so Dell has decided to hide it:

Monitor Pop-Out - BackMonitor Pop-Out - Front

Pretty Sneaky, Dell

I would have appreciated it if Dell would have made more of an effort to point out where it is (I actually had to refer to the unpacking diagram to show me), but that’s it. Hidden with the USB ports is a small little pull-out card. Now that I know it’s there, though, it does make it easier to get a serial number off of a monitor when I have to figure out which asset belongs to which program when someone has inevitably pulled off the asset tag.

Fun Fact – Number of times the word ‘ass’ appears in this post: 6.

After 5000 Tweets: A Review/HowTo of Twitter

11. June 2010 · 1 comment · Categories: Android, Apple, howto, Rants, Twitter · Tags: , , , ,

I recently hit the 5,000 tweet mark on Twitter, and figured that it’s as good a time as any to write something about my experience on the abbreviated social networking site. It also seems appropriate as I permanently deleted my Facebook account (well, I’m in the process, anyway).

Click ‘Continue Reading’ below for the wall-of-text review.

More »

Rogers Marketing: Opt-Out is Hard-ish To Do

07. June 2010 · Write a comment · Categories: "It's a Feature", howto, Rants · Tags: , ,

Rogers LogoIt seems like ages ago I’d gone and opt’ed out of Rogers Marketing ‘services’ – I made sure that I’d chosen opt-out options for email, snail-mail, and SMS, and all was well. However, a few months ago I started receiving telemarketing phone calls on my Rogers-provided cell phone. I did the individual opt-out each time they called, a different company/number would call each time.

While updating other parts of my account today, I decided to double-check the marketing settings, and found this:

Rogers Marketing Opt-Out

Click for the full-sized image

Err, that’s great Rogers – you’re not going to have anyone call my work number, but why isn’t my cell phone in the list, and why can’t I add it?

A quick call to Rogers (meaning twenty minutes of hold time) later and I had an answer (sort of) – the rep that I got instructed me to http://www.rogers.com/optout and enter the relevant details to opt-out of all marketing on that number.

After doing this, my cell number still isn’t listed in the Marketing Opt-Out in my Rogers My Account section, but the site did say that it may take 1-2 weeks for the changes to take effect. Only time will tell, but next time the telemarketers call, there will be a few more questions as to how they got my number.

Rogers Wireless Hijacks Wildcard DNS Records

07. June 2010 · 2 comments · Categories: "It's a Feature", Android, Apple, Hack, howto, iPhone, Linux, Rants · Tags: , , , , , ,

Rogers LogoAlthough I can’t confirm when this happened (it may have happened a while ago and I just never noticed), I was browsing the internet last night on my Google Nexus One and noticed that, when I mistyped http://imdb.com, I was redirected to http://www20.search.rogers.com (which doesn’t work outside of Rogers’ network) instead of receiving a normal Not Found error. This all smacks of the infamous VeriSign Site Finder fiasco.

I’m no fan of browser redirects in any form, and I’m even less of a fan of Yahoo which Rogers partners with to, among other things, provide results on their hijacked landing page. But what can you do? It’s their service, and there’s no opt-out link on the page.

Well, the answer is to manually opt-out. Unfortunately, you need to have a rooted/jail-broken phone to do this. As stated above, I have a Google Nexus One which runs CyanogenMod, but this should work with any other rooted Android phone and even jail-broken iPhones (although the paths are different — you’ll need to alter them as applicable).

To manually opt-out, do the following (assumes Android phone):

  1. Open a shell on your phone. You can use ConnectBot, Terminal Emulator, or adb shell.
  2. Assume root (su command).
  3. Remount the system partition in to read/write mode —  mount -o rw,remount /system
  4. Browse to /system/etc.
  5. Use your favourite text editor to open hosts.
  6. Add the following to the bottom of the hosts file — 127.0.0.1 www20.search.rogers.com
  7. Save and quit!

You’re done! You’ve just manually opt’ed-out of Rogers Wildcard DNS hijack. Now you’ll just get the normal ‘Not Found’ errors, as when Rogers see that the domain you’ve entered doesn’t exist and tried to redirect you to their search page, your phone will point that domain to itself and fail as it isn’t running a webserver.

TL;DR Version: To prevent getting directed to Rogers’ Search Page when you mistype an address, edit your hosts file to point www20.search.rogers.com to the 127.0.0.1 loopback address.

Update (05/01/2011): You can now officially opt-out using this link: http://searchassist.teoma.com/templates/rogers/optout

How To: Delete Your Facebook Account

06. June 2010 · 1 comment · Categories: howto, Rants, Twitter · Tags: ,

Facebook LogoDeleting your Facebook account isn’t as it should be. If you simply browse to Account and then Account Settings, you are only given an option to Deactivate your account. All this does is temporarily hide your profile details from everyone, and does not actually remove any information what-so-ever from the site. All you need to do is login again and you can easily reactivate your account. To permanently delete yourself from Facebook’s database of evil, you have to go through the following process:

  1. Click on Help Center in the footer.
  2. Select Profile under the Using Facebook heading.
  3. Choose Account Settings and Deletion (oddly, the first item on the list).
  4. Now click on the How do I permanently delete my account? heading.
  5. This will expand a wall-o-text explaining how to deactivate your account, which you don’t want to do. Instead, read to the half-way point, where there is a link to submit a request to have your account deleted – click it.
  6. After reading the guilt-trip, click the submit button.
  7. In the new window, enter your password, and then the two words in the captcha box, then click Okay.

Note that at this point, your account still hasn’t been deleted! After clicking okay on the last box, you’ll see the following text:

Your account has been deactivated from the site and will be permanently deleted within 14 days. If you log into your account within the next 14 days, your account will be reactivated and you will have the option to cancel your request.

Yes, even though you went through 8 steps (the waiting is the 8th step) to delete your account, Facebook really wants to make sure you haven’t accidentally done so! As such, if you login in anytime in that 14 day period, you’re account will be reactivated (fortunately, it doesn’t automatically cancel the deletion request).

So quitting Facebook is nearly as hard as quitting smoking, but it can be done. I’ve started the process, and in 14 days my account will finally be out of there! What will I do with all of my Facebook time? Probably put it towards Twitter instead….

Windows Cannot Connect to the Printer: 0x0000007e/0×00000006

27. May 2010 · 14 comments · Categories: "It's a Feature", Hardware, howto, Microsoft, Networking, Software, Troubleshooting, Windows · Tags: , ,
An HP P4015dn - This morning, the bane of my existence

An HP P4015dn - This morning, the bane of my existence

Note: Make sure to read over the comments on this post – there is some excellent advice there as well.

Windows 7 has been very good to me so far, but this morning I was literally pounding my desk in frustration over a printer issue. I just received two brand-new Dell Optiplex 780′s and was in the process of configuring the printers on them when I happened across this little message:

Windows Cannot Connect to the Printer: 0x0000007e

Now here’s the situation. The computers are running Windows 7 Professional x64. The printer (an HP P4015dn) is connected to a Windows XP x86 machine and shared normally. Of all of our printers, this is the only one directly shared with a computer due to a wiring issue I have yet to correct (although now I’m going to make an effort to fix it). I have several other computers running XP and Vista (x86 and x64) that already print this computer without issue, so I was rather stumped. Then I realized I had attempted to install the Vista x64 Postscript drivers instead of the Windows 7 ones.

Unfortunately, Windows 7 no longer provides a dedicated ‘Printers’ control panel, and the ‘Devices and Printers’ one doesn’t have a Server Properties option to let you manage installed drivers. So, I stopped the print spooler service and manually deleted the drivers from C:\Windows\System32\spool\Drivers. When I tried to re-add the printer, though, I got this message:

Windows Cannot Connect to the Printer: 0×00000006

Hmm. Google wasn’t much help, so I went to an old standby – I mannually added the network printer by choosing to create a local port (silly, I know). Here’s how to get this working:

  1. In the Devices and Printers control panel, choose Add a Printer.
  2. In the new window, click Add a local printer.
  3. On the following screen, select Create a new port, and then choose Local Port from the drop-down list and click Next.
  4. When asked to enter a Port Name, use the full path to the printer. For example, if your printer share is called Dave and is a computer with the name PrintSrv1, you would enter \PrintSrv1Dave as the Port Name. If you receive an error saying The network path was not found, check the computer name and share name, then try again.
  5. You should be asked to install a driver. Manually download the correct driver (in this case, the HP Universal PostScript driver worked for my HP P4015dn) from the manufacturer’s website and extract it to a folder on your computer. Then click the Have Disk… button in the Add Printer wizard and point it to that folder, then click OK and Next.
  6. Wait for it to install the driver.

At this point, the printer should be installed and functional. Print a test page to make sure everything worked alright, and then do a little dance (as long as no one is looking)!

« Older articles
Newer articles »