[clue-admin] CLUE server issues update
Jeff Cann
j.cann at comcast.net
Wed Jun 29 16:44:18 MDT 2005
On Wednesday 29 June 2005 1:07 pm, Crawford Rainwater wrote:
> Due to issues with the T1 via Covad (not related to the CLUE server in
> particular), Linux ETC will be migrating over to Qwest (they worked out
> a deal...otherwise, I would not have gone for them personally). In
> particular is an odd diminished bandwidth of the T1 that has occurred
> since April at random and for unknown reasons (we went from 1.5M to 200k
> for several days initially in April). There will be a static IP
> available for the CLUE box as part of this migration.
>
> This migration will be happening in July slowly. What I can do as a
> side thought to test things out is to re-do the CLUE server iptables
> with "DROP" as defaults and open up ports one by one. The list I have
> initially are 25, 21212 (ssh), 25000 (webmin), This might further
> assist with the email issues. Plan B would be to put it out in front of
> our firewall there without any iptables (save defaults are "ACCEPT") and
> build them up that way, then have those tables mimicked on Linux ETC's
> firewall. However, during this part, the box is completely open to
> various web bot attacks and scans.
>
> On tripwire, it seems it was never configured initially, just installed.
> For the interm, I removed the package via yum. This will stop the
> cron.daily routine that checks tripwire and sends the root aliases that
> lovely daily email complaining about it. If one of the other CLUE-
> Admins knows how to rig tripwire, by all means...do so.
>
> On the server itself, there is a new(er) kernel available for Fedora
> which I have not installed. All of the other updated packages per "yum
> check-update" have been brought up to par for the time being.
>
> Finally, Sean R. and Evelyn of tummy.com have also offered to host the
> email list on the "community" side of tummy (where NCLUG and Boulder LUG
> are) when they were at the CLUE-North meeting this past Monday. It is a
> viable alternative to consider.
>
> Thoughts and comments are welcomed on the above. For reference, I
> receive the CLUE-xxx email lists in digest form, so pardon any delayed
> responses from my end.
Crawford, et al,
I'll add these items to the list for Saturday's meeting.
Thanks!
Jeff
More information about the clue-admin
mailing list