Today I decided to login to the webserver to add my user ID to the group 'wheel'. As always I started to check the system logs; there is always copious amounts of brute-force attempts being processed by bots/script kiddies. Fortunately I know better than to use ssh v1 and to allow root logins VIA SSH, (thanks sudo and su).
I installed a brute-force application, this automatically creates a cron job to scan /var/log/secure every 8 minutes and detect brute-force attacks, once a threat is detected it automatically bans the IP and sends me an email. I need to get around to making keys for SSH accounts, instead of using the passwd method, I'm also going to change the SSH broadcast port but I need to contact my Developer and Content Manager before I go drastically changing stuff.
I found out that CPANEL rewrites my iptable rules every day; I don't know why they do this but it's definitly a pain. So I ended up writing a shell script to execute iptables-save < /etc/rc.d/iptables.save and I assigned it to crontab to execute every hour. So now my iptables will always be refreshed without me having to worry about CPANEL messing things up.
The servers / partition is getting quite full, this isn't really a bad thing; let's us know that we're really expanding!
root@trx [/etc/rc.d]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 72G 62G 6.2G 91% /
/dev/sda1 99M 17M 78M 18% /boot
/dev/shm 474M 0 474M 0% /dev/shm
/usr/tmpDSK 485M 11M 449M 3% /tmp
/tmp 485M 11M 449M 3% /var/tmp
/tmp 485M 11M 449M 3% /tmp
/var/tmp 485M 11M 449M 3% /var/tmp
This may mean more servers pretty soon; or least an update to the front-end server, I need to get a RAID array going soon but this is going to have to wait a few months until revenue picks up. I also installed all of the security updates from the YUM repository today as well, so the server is up-to-par for a week or so :).
I got a new laptop yesterday (well new to me) it had all kinds of .DLL errors with XP and the screen would flicker when you would try to adjust it. So I took the bezel off and found the wire that was getting pinched, solved that problem. Now Gentoo is compiling on the machine, hopefully by the time I get home the kernel is ready to go; it's a slower machine I've seen Gentoo take 3 days to compile! So far I have, Ubuntu 6.10 (edgy), Slackware 10.1, Gentoo 2006.1 and Fedora-4 boxes to manage.
I love it, completely rid of M$ except for work, I recently got Citrix working on my Desktop at home I can stream Outlook on my linux box, so fun! Now I just have to work on my smb mount from the RAID box and setup a FreeSWAN VPN server.