« Posts tagged Servers

A PHP-Based Server Monitor

October 22, 2010 / posted in Hack, howto, Servers / No Comments

The other day I decided that the little ‘Network Monitor’ desktop gadget I was using to monitor my few servers just wasn’t cutting it. Instead, I wanted to make use of a spare iMac and have something a little flashier. A Google search for Server Monitors brought up a plethora of options that were either horribly ugly, platform specific, or just didn’t work the way I needed (most required that the target server be running some form of web server, such as IIS or Apache to retrieve headers to see if the server was up – most of my servers don’t run those). As such, I decided to write a small script from scratch.

I figured the easiest way to accomplish my goal of a platform-independent monitoring script was to use PHP. After enabling Apache2/PHP5 on my Snow Leopard-running iMac (a topic for another blog post later), I searched through the PHP.net function list until I found fsockopen(). This function is quite ideal, as it will work with any open port. The first step was to make a quick function to utilize fsockopen and return some testable results:

function checkServer($ip,$port)
{
$fp = fsockopen($ip,$port,$errno,$errstr,1);
if (!$fp)
{
return ‘Down’;
} else {
return ‘Up’;
}
}

I added this to a <?php ?> block in the <head></head> of the document – to call the function and perform the test, I used the following line below:

$servername = checkServer(’192.168.1.100′,’53′);

In this example I’m checking the availability of a DNS server, so I use port 53. When this runs, the $servername is set to either ‘Up’ or ‘Down’ depending on whether or not a connection can be opened on that port.

The only thing left now was to display this output. I made a fancy table-based page with graphics where each server is a cell and the background changes between green and red depending on the $servername value. However, all you really need is the code below in a <?php ?> block in the body of the page:

echo(‘Server Example Status: ‘.$servername);

Changing Example to the name of your server. If you have more than one server to check, just make another variable, use the checkServer function to give it a value (make sure to change the IP address and use an open port!), and then add another echo line.

That’s it! To be fancy, you can add a javascript automagic page refresh to – just change the <body> tag to:

<body onLoad=”Javascript:timedRefresh(30000); display();”>

And put the following in the <head></head> section:

<script type=”text/Javascript”>

<!–

function timedRefresh(timeoutPeriod) {

setTimeout(“location.reload(true);”,timeoutPeriod);

}

//  –>

</script>

And you’re done! If the server is up, every 30 seconds your page will refresh and show:

Server Example Status: Up

IPTABLES Logging on a VPS

October 11, 2010 / posted in howto, Linux, Networking, Servers, Troubleshooting / 2 Comments

When you manage a *nix-based server, there are a few general guidelines that most admins follow; Doing things like setting a strong root password, changing SSHD to a non-standard port, and setting up logging are usually firsts. However, if you’re on a VPS, you may run in to a few issues (note that these instructions are for CentOS 5.x and may vary depending on your distro).

For example, when I was setting my the nice new VPS that I’m running this site from I attempted to enable IPTABLES logging to monitor attempts to get to the standard SSH port (22), and the port that I actually use for SSH (I won’t post the real one, but for the example I’ll use port 1234) with the following lines in “/etc/sysconfig/iptables”:

<Snip other rules>
-A INPUT -m state --state NEW -p tcp -m tcp --dport 1234 -j LOG -m limit --limit 20/m --log-level warn --log-prefix "SSH Attempt on port 1234: "
-A INPUT -p tcp -m tcp --dport 1234 -j ACCEPT
<Snip even more rules>
-A INPUT -p tcp -m tcp --dport 22 -j LOG -m limit --limit 20/m --log-level warn --log-prefix "Dropped SSH on port 22: "
-A INPUT -j DROP
Note that you need to add the LOG lines before the ACCEPT and DROP lines.  Only 20 lines will be logged per minute to prevent file sizes from going nuts in case of an attack.
After restarting IPTABLES with service iptables restart, I made a few access attempts and checked /var/log/messages — no log lines appeared, though. Then I realized I was missing something.
In “/etc/syslog.conf” I had to add the following to the end:
kern.=warn   /var/log/firewall
I opted to log to firewall instead of messages simply to keep the file clean.
I restarted SYSLOG with service syslog restart, made a few more attempts, and still nothing was appearing in “/var/log/firewall” or “/var/log/messages”. However, typing dmesg showed the relevant lines:
SSH Attempt on port 1234: IN=venet0 OUT= MAC= SRC=10.0.0.1 DST=10.0.0.2 LEN=48 TOS=0×00 PREC=0×00 TTL=116 ID=28979 DF PROTO=TCP SPT=35291 DPT=1234 WINDOW=8192 RES=0×00 SYN URGP=0
So I knew that SYSLOG was working, however it wasn’t going all the way. Then I decided to see if KLOGD was running:
[root@vps ~]# ps aux|grep klogd
root     13632  0.0  0.1   7188   788 pts/0    S+   00:07   0:00 grep klogd
So that means that KLOGD isn’t running, which is the cause of the problem! I checked “/etc/rc.d/init.d/syslog” and found that the KLOGD lines were commented out, as such:
<snip>
passed klogd skipped #daemon klogd $KLOGD_OPTIONS
<snip>
passed klogd skipped #killproc klogd
In the “start()” and “stop()” areas respectively. I simply removed the “passed klogd skipped #” parts, saved and ran service syslog restart and presto, KLOGD was up and running:
[root@vps ~]# ps aux|grep klogd
root      7542  0.0  0.0   3808   424 ?        Ss   Oct11   0:00 klogd -x
root     15402  0.0  0.1   7188   788 pts/0    S+   00:13   0:00 grep klogd
I made a few more connection attempts and verified that now everything was working correctly:
[root@vps ~]# cat /var/log/firewall
Oct 11 23:47:06 vps kernel: SSH Attempt on port 1234: IN=venet0 OUT= MAC= SRC=10.0.0.1 DST=10.0.0.2 LEN=48 TOS=0×00 PREC=0×00 TTL=116 ID=28979 DF PROTO=TCP SPT=35291 DPT=1234 WINDOW=8192 RES=0×00 SYN URGP=0
Oct 12 00:13:03 vps kernel: Dropped SSH on port 22: IN=venet0 OUT= MAC= SRC=110.77.129.166 DST=10.0.0.2 LEN=60 TOS=0×00 PREC=0×00 TTL=45 ID=59383 DF PROTO=TCP SPT=33846 DPT=22 WINDOW=5840 RES=0×00 SYN URGP=0
Done and done! IPTABLES now properly logs to “/var/log/firewall” when someone attempts to hit port 22 or 1234.
TL;DR Version: If you want IPTABLES logging enabled on your VPS, follow the normal steps to enable IPTABLES logging and then make sure KLOGD is enabled in  ”/etc/rc.d/init.d/syslog”.

Stupid Mistake: “The requested session access is denied” When Logging In

September 21, 2010 / posted in Makes Sense, Microsoft, Servers, Software, Troubleshooting, Windows / 9 Comments

I was trying to assist another admin with a login issue on a Windows Server 2008 terminal server when I encountered a slightly different login error than the one he was describing. When attempting to connect to the terminal server with a user not in the Domain Administrators security group I received the following message:

“The requested session access is denied”

The problem, it turns out, was me. When connecting, I used a desktop shortcut for Remote Desktop Connect that had the “/admin” switch applied, which instructs Remote Desktop to connect to the Console session, which is restricted to administrators only. Using a regular shortcut without said switch solved the problem.

D’oh.

Fixed: Can’t Resize Uploaded Images in WordPress

August 19, 2010 / posted in howto, Servers, Software, Troubleshooting / No Comments

Here’s one with an easy fix. If you’ve just installed WordPress on your server and can upload images but WordPress doesn’t let you resize them in the same form, SSH in to your server and do the following:

yum install php-gd

service httpd restart

And you’re done! …At least, as long as you’re using an RHEL-compatible Linux distro. If not, use your package manager of choice, or manually find and load the php-gd extension!

Exchange 2007 OWA/ActiveSync with Two SSL Certificates

July 20, 2010 / posted in Hack, howto, Microsoft, Servers, Software, Troubleshooting, Windows / No Comments

Yes, it is possible. It’s not pretty by any means (a proper Class 2 SSL Certificate is the best way to go), but it can be done. Click Continue Reading for the process.

»Read More

Short: The Art of Computer Naming

March 13, 2010 / posted in Makes Sense, Servers, Short / 3 Comments

When it comes to naming conventions, everyone will give you a different answer. Some people will say the names should be based on location, like “LIVINGROOM”, “BEDROOM”, “SHOWER”, etc…. Others will say they should be named based on what they do, as in “WEBSERV1″, “PRINTSERV3″, “PRONSTOR99″, etc…. A lot of people tend to name their machines after asset tags, or the people who use them.

Myself? I like to name machines after comic book characters. My current lineup is: “CALVIN”, “HOBBES”, “SATCHEL”, “BUCKY”, “OPUS”, “BILL-THE-CAT”, and this server, “STEVE-DALLAS”.

What can I say?

Short: From the Search Results

September 14, 2009 / posted in Hardware, howto, Servers, Short / No Comments

To the person who found my blog my searching for “where is the power button on ibm x3400″:

Behind the front cover (you have to remove it – it pops off on the left-hand-side), in the top-left, immediately beside the power light, as below:

x3400-power

It's the white button beside the green power light