My Superhero Name…

So via Alan I found this superhero name generator… For grins I thought I would give it a shot.

Get your own superhero name from the superhero name generator!My superhero name is The Sensational Steak
An accident in a protein laboratory has given you unexpected abilities! Can you find a way to free yourself of this power, while also using it to help people, and stay ahead of the Food Hygiene inspectors out to bring you down?
Meat Control – Your powers give you control of the element of meat! You can manipulate and form raw meat into any shape you desire, or flatten your enemies with a tidal wave of offal!
Now, you protect Steel City from ninjas, while also battling the evil plans of The Obfuscator!
Get your own superhero name from the superhero name generator!
Ok, seriously, WTF!?  Are there people spying on me or something?  Last night the wife informed me of my new grilling apron.  Why do I feel like I’m currently in “The Truman Show”?
Barron is the owner, editor, and principal author at The Minuteman, a competitive shooter, and staff member for Boomershoot. Even in his free time he’s merging his love and knowledge of computers and technology with his love of firearms.

He has a BS in electrical engineering from Washington State University. Immediately after college he went into work on embedded software and hardware for use in critical infrastructure. This included cryptographic communications equipment as well as command and control devices that were using that communications equipment. Since then he’s worked on just about everything ranging from toys, phones, other critical infrastructure, and even desktop applications. Doing everything from hardware system design, to software architecture, to actually writing software that makes your athletic band do its thing.

How I know I moved to the right host

There have been teething issues over the past week.  I’m still working out a lot of the kinks, but there was a relatively big incident last Friday.  Let me just let my hosting provider give the overview of what happened, the analysis, and their corrective actions.

Dear Customer,

Earlier today, we had to perform emergency maintenance on a critical piece of power infrastructure. Our customers’ uptime is of critical importance to us and communication during these events is paramount.  At this time, power has been restored and servers are back online. Listed below is a timeline of events, record of ongoing communications, SLA compensation information and a detailed outline of the steps we’re taking to prevent against these issues in the future. If at anytime you have any questions please do not hesitate to call, email or chat.

Timeline of Events:

  • 11:00 – During a routine check of the data center by our Maintenance staff, the slight odor of smoke was detected. We immediately began a complete investigation and located the source of the smell; a power distribution unit in Liquid Web DC3, Zone B, Section 8 covering rows 10 & 11.
  • 11:05 – We discovered a manufacturer defect in the Power Distribution Unit (PDU).  This defect resulted in a high resistance connection which heated up to critical levels, and threatened to seriously damage itself and surrounding equipment.  This bad connection fed an electrical distribution panel which powers one row (Lansing Region, Zone B, Section 8, Row 11)  of servers which is part of our Storm platform.  We immediately tried to resolve the issue by tightening the connection while the equipment was still on, but it wasn’t possible. To properly resolve the situation and repair the equipment, we needed to de-energize the PDU to replace an electrical circuit breaker.
  • 11:15 – To avert any additional damage, we were forced to turn off the breaker which powered servers in Lansing Region, Zone B, Section 8, Row 11. All servers were shut down at this time.
  • 11:48 – Servers in Lansing Region, Zone B, Section 8, Row 10 began to be shut down.
  • 11:49 – Once it was safe to begin the work, we immediately removed the failed components and replaced them with spares.  We discovered that the failed connection was due to a cross threaded screw installed at the time of manufacture.  This cross threaded screw meant the connection wasn’t tightened fully, and resulted in a loose, high resistance connection which heated far beyond normal levels. Upon replacing the breaker, we re-energized the PDU and customer servers.  Our networking and system restore teams have been working to ensure every customer comes back online as soon as possible.
  • 12:52 – Power was restored and servers began to be powered back on.

Communication During Event

We know that in the event of an outage, communication is of critical importance.  As soon as the issues were identified we provided the following updates on the Support Page and an “Event” which emails the customer as well as provides an alert within the manage.liquidweb.com interface.

Event Notice on Support Page:

“We are currently undergoing emergency maintenance on critical power infrastructure affecting a small number of Storm servers in Zone B. Work is expected to take approximately 2 hours. During this event affected instances will be powered down. We apologize for the inconvenience this will cause. An update will be provided upon completion. “

Event Notice Emailed to Customers:

“We are currently undergoing emergency maintenance on critical power infrastructure affecting 1 or more of your Storm instances. Work is expected to take approximately 2 hours. During this event affected instances will be powered down. We apologize for the inconvenience this will cause. An update will be provided upon completion.”


SLA Compensation

Liquid Web’s Service Level Agreement (SLA) provides customers the guarantee that in the event of an outage the customer will receive a credit for 10 times (1,000%) the actual amount of downtime. From our initial research into this event it appears as though most customers experienced between 1 hour and 2 hours of downtime.  However, due to the disruptive nature of this event we are providing a minimum of 1 full day of SLA coverage for any servers that were affected by this event.  Please contact support if you have any additional information regarding this event of if you would like to check on the status of your SLA request.

Liquid Web TOS Network SLA
http://www.liquidweb.com/about/dedicatedsla.html

Network SLA Remedy
In the event that Liquid Web does not meet this SLA, Dedicated Hosting clients will become eligible to request compensation for downtime reported by service monitoring logs. If Liquid Web is or is not directly responsible for causing the downtime, the customer will receive a credit for 10 times ( 1,000% ) the actual amount of downtime. This means that if your server is unreachable for 1 hour (beyond the 0.0% allowed), you will receive 10 hours of credit.

All requests for compensation must be received within 5 business days of the incident in question. The amount of compensation may not exceed the customer’s monthly recurring charge. This SLA does not apply for any month that the customer has been in breach of Liquid Web Terms of Service or if the account is in default of payment.


Moving forward

All PDU’s will be inspected for the same issue for all panels and all main breakers.

In this case, this PDU was just recently put into service.  When we purchase critical power equipment, the manufacturer performs an onsite startup procedure. This equipment check includes a physical inspection, phase rotation, voltage checks, alarm checks and many more.  This particular manufacturer defect didn’t avail itself until the PDU was under a significant amount of load.  Once the manufacturer defect began, the screw at the bus finger began to overheat. Once this overheating began, the resistance increased causing a serious risk of catastrophic failure.

Going forward, Liquid Web will perform additional tests, above and beyond our manufacturer startup procedures, on new equipment to look for manufacturer related defects and issues. We will now perform testing at full load by utilizing a Power Load Banking System.  This testing procedure was already in place for the vast majority of our power equipment but now will also include PDU specific testing.

Liquid Web performs preventative maintenance (PM) on all PDU’s.  This PM is an inspection that consists of current draw recording on all branch circuit breakers, infrared imaging of main connection points and on the transformers and a general inspection.  This is typically a quarterly inspection.

Yeah, I can’t argue with a company that honest.  Plus they go out of their way to help solve problems which technically may not even be their problem or responsibility. 

Oh, and I2R losses as always, are a pain in the ass.

Barron is the owner, editor, and principal author at The Minuteman, a competitive shooter, and staff member for Boomershoot. Even in his free time he’s merging his love and knowledge of computers and technology with his love of firearms.

He has a BS in electrical engineering from Washington State University. Immediately after college he went into work on embedded software and hardware for use in critical infrastructure. This included cryptographic communications equipment as well as command and control devices that were using that communications equipment. Since then he’s worked on just about everything ranging from toys, phones, other critical infrastructure, and even desktop applications. Doing everything from hardware system design, to software architecture, to actually writing software that makes your athletic band do its thing.

Goodbye Google Reader…

So Google Reader is going under and I’ve been trying to find a solution.  Feedly just sucks.  Some people like it but frankly their UI leaves a lot to be desired. I tried NetVibes, NewsBlur and a couple others.  All of them didn’t really spark my candle and were missing features here or there.

Today I discovered Tiny Tiny RSS and happy beyond measure.  I have my own hosted RSS feeder with mobile device support now. image

If you’re interested, contact me and I’ll bump you an email with the URL.

Barron is the owner, editor, and principal author at The Minuteman, a competitive shooter, and staff member for Boomershoot. Even in his free time he’s merging his love and knowledge of computers and technology with his love of firearms.

He has a BS in electrical engineering from Washington State University. Immediately after college he went into work on embedded software and hardware for use in critical infrastructure. This included cryptographic communications equipment as well as command and control devices that were using that communications equipment. Since then he’s worked on just about everything ranging from toys, phones, other critical infrastructure, and even desktop applications. Doing everything from hardware system design, to software architecture, to actually writing software that makes your athletic band do its thing.

0 to Attacked in No Time Flat

So as I’ve mentioned previously I’ve moved to the world of a VPS which for all intents in purposes is much like being self-hosted.  I used to do this stuff a long time ago, I still do it but not nearly as intensively and for the most part my shell-fu has gotten rusty.

I spent the first part of Saturday getting the server setup and figuring out WHM and cPanel, both unbelievably easy.  The biggest issue was making sure I had things locked down.  I just set up this server though, who could possibly be attacking it?

A6WLUZ bandwidth (full)

Bandwidth usage since I turned on the server.

You can see where I turned the server on on the 13th.  Notice that big spike shortly there after, yeah that was a huge influx of traffic.  It caused the server to grind to a halt.  At the time I thought it was related to me bringing up my site since it locked up within minutes and I had tweaked some server settings an thought that caused the instability.

Come Monday morning I have an email from A Girl that she cannot get in and 2 from the data-center that they rebooted the server after it ran out of memory and locked up.

A6WLUZ_load_full

System loading and availability since being turned on.

You cant see it as well except for the latest incident in those images but there is a serious proc-load spike when those bandwidth spikes occur.  I promptly switched from APF to CSF for my firewall so I could gain use of the LFD.  I spent my time installing and configuring it last night.

A6WLUZ Detail

The Proc Spike I had overnight.

 

A6WLUZ

A more detailed image of the bandwidth spikes.

There you can see the proc spike from an an incident last night.  I did a few more tweaks to the CSF and you can see things were better when they tried again about an hour later.  In the middle of all of this I also discover that there is a way to have Apache watch all the wp-login pages for failed logins.  When they happen, block and ban the IP after numerous failed attempts.  This is why I called myHosting lazy and was so pissed about their approach in handling the problem.

If you are a server administrator and want to protect against the WordPress brute force attack it is quite simple, doubly so if you have WHM.

Login to WHM, goto Software-EasyApache.  Follow the onscreen instructions and rebuild Apache but make sure the modsec2 module is selected.  Build Apache.

Once built, log in to your shell and edit /usr/local/apache/conf/modsec2.user.conf and add the following.

#Block WP logins with no referring URL
SecAction phase:1,nolog,pass,initcol:ip=%{REMOTE_ADDR},id:5000210
<Locationmatch “/wp-login.php”>
SecRule REQUEST_METHOD “POST” “deny,status:401,id:5000211,chain,msg:’wp-login request blocked, no referer'”
SecRule &HTTP_REFERER “@eq 0”

#Wordpress Brute Force detection
SecAction phase:1,nolog,pass,initcol:ip=%{REMOTE_ADDR},id:5000212
<Locationmatch “/wp-login.php”>
# Setup brute force detection.
# React if block flag has been set.
SecRule ip:bf_block “@gt 0” “deny,status:401,log,id:5000213,msg:’ip address blocked for 5 minutes, more than 10 login attempts in 3 minutes.'”
# Setup Tracking. On a successful login, a 302 redirect is performed, a 200 indicates login failed.
SecRule RESPONSE_STATUS “^302” “phase:5,t:none,nolog,pass,setvar:ip.bf_counter=0,id:5000214”
SecRule RESPONSE_STATUS “^200” “phase:5,chain,t:none,nolog,pass,setvar:ip.bf_counter=+1,deprecatevar:ip.bf_counter=1/180,id:5000215”
SecRule ip:bf_counter “@gt 10” “t:none,setvar:ip.bf_block=1,expirevar:ip.bf_block=300,setvar:ip.bf_counter=0”

Save the file and restart Apache.  This will help stop the brute force attacks.  If it wasn’t for the off chance of false positives, I’d be good with a perma-ban and dropping that axe like a rock….

Funny story, I dropped that [email protected]#$ing ax on myself tonight.  Most of the other services are watched by LFD and when you get multiple login failures, it drops the ax and hard.  I screwed up logging in and paid the price.  I was just going along minding my own business and tried to login a couple times with the wrong password and bam there I am behind a curtain with some asshole molesting my balls.  Man, when I describe it like that it sounds like my intrusion detection system works for the TSA.

In the mean time the folks I got the VPS from (they’ve been fantastic support wise, unlike that previous host) are looking into trying to figure out what’s causing the load spikes.  The bummer is it randomly happens so it’s a paint to catch in the act. The good news is the past couple slams the server has actually survived so it’s almost there.  Security wise it isn’t a concern, it’s just and issue with service.

Barron is the owner, editor, and principal author at The Minuteman, a competitive shooter, and staff member for Boomershoot. Even in his free time he’s merging his love and knowledge of computers and technology with his love of firearms.

He has a BS in electrical engineering from Washington State University. Immediately after college he went into work on embedded software and hardware for use in critical infrastructure. This included cryptographic communications equipment as well as command and control devices that were using that communications equipment. Since then he’s worked on just about everything ranging from toys, phones, other critical infrastructure, and even desktop applications. Doing everything from hardware system design, to software architecture, to actually writing software that makes your athletic band do its thing.

No BAG Day for Me…

Instead I owed my child molesting financially irresponsible uncle $600.  So no gun for me, doubly so since I have to pay property taxes soon too.

I did however make myself feel a little better during the tail end of doing my taxes:

PayingMyChildMolestingUncle

I wanted to avoid Turbo-Tax but it was the easiest for what all was involved this year.  At least I had a little fun with it.  I gave them a 1 because I actually used them.

Barron is the owner, editor, and principal author at The Minuteman, a competitive shooter, and staff member for Boomershoot. Even in his free time he’s merging his love and knowledge of computers and technology with his love of firearms.

He has a BS in electrical engineering from Washington State University. Immediately after college he went into work on embedded software and hardware for use in critical infrastructure. This included cryptographic communications equipment as well as command and control devices that were using that communications equipment. Since then he’s worked on just about everything ranging from toys, phones, other critical infrastructure, and even desktop applications. Doing everything from hardware system design, to software architecture, to actually writing software that makes your athletic band do its thing.

If you’re reading this, it is done…

If you are seeing this post that means that you are now staring at my new and shiny VPS.

There is a pile of stuff I’m still cleaning up and I’ve got a pile of sites to move over and this one only took me about 5 hours to do.  I’m hoping the others go more quickly but the majority of the time was spent downloading and uploading with a bit of tweaking files here and there.

In the mean time if you find something broken or out of place.  Please let me know so I can get it fixed immediately.

Thanks.

Barron is the owner, editor, and principal author at The Minuteman, a competitive shooter, and staff member for Boomershoot. Even in his free time he’s merging his love and knowledge of computers and technology with his love of firearms.

He has a BS in electrical engineering from Washington State University. Immediately after college he went into work on embedded software and hardware for use in critical infrastructure. This included cryptographic communications equipment as well as command and control devices that were using that communications equipment. Since then he’s worked on just about everything ranging from toys, phones, other critical infrastructure, and even desktop applications. Doing everything from hardware system design, to software architecture, to actually writing software that makes your athletic band do its thing.

Saying Good-Bye to My Hosting…

I suppose I could layout the entire email chain that went down yesterday that actually started Thursday night.

Suffice it to say, for those who aren’t aware there is currently a brute force attack against any and all WordPress websites.  Overall this is not the most difficult thing to spot, most of the logins all use the same user name and overall they’re just not that intelligent.  Evidently my current provider, My Hosting, was getting slammed and quite hard.  In an effort to head the problem off at the pass they edited everyone’s .htaccess files to restrict access to the WordPress login page.  This wouldn’t be a problem except they had a default deny so site owners were locked out.  Most definitely that’s not Shiny.

The last email I got in the exchange as I was trying to fix the issues is here, along with additional comments.

Their Text.
Wrong Words My Corrections in Phrasing.
My mental commentary while reading.

Hello Barron,

Thank you for your patience and we are sorry that you are having an unhappy experience with myhosting.com. Because evidently the idea someone would be unhappy about being locked out of their own website surprises us.

Because 90% of our customers are not using Cloudflare for protection or wordpress plugins to stop unwanted access, we implemented this access restrictdecided to treat all our users like idiotic children that know nothing about anything.  Luckily I have experience with being penalized because of the actions of the few.

Because you appear to have a very secure webspaceactually know what the fuck you’re doing and have previously educated our support staff, you would most likely to be safe removing the lines that have been added, but this makes your wordpress website vulnerable to this attacka brute force attack where they just randomly try passwords, so please proceed with caution and make sure all wordpress user passwords are complex and secure.  Why in the name of god do you think I use keypass and generate 20 character password strings, just for the ease in memorization?

We have disabled the .htaccess files on those two websites and they appear to be loading currently, but we broke clean URLs so they’re still not working right, our bad? If you would like, remove all the added code and turn your cloudflare back on.  You mean I can unfuck my websites if I so choose!?  Here I thought you guys were just out to screw me in front of people I support.  And yes I unfucked every one I could as fast as I could, even before I got your permission!

Please let it be known we are trying to protect our customers the best possible way, by nuking the site from orbit by treating our customers like children and blocking their access to their own sites just the same as the attackers. Because of the urgency of the matter, this was the quickest solution, because we were dumb and too lazy to implement deep packet inspection and notice that the brute force attempts always use the same username, admin. We hope this does not ruinare sorry this has completely ruined your experience with myhosting.com.  We didn’t consider the ramifications of how our actions could possible make our customers look in the eyes of their own clients.  We will think about possibly not treating all our customers like children in the future but don’t count on it.
http://statusblog.myhosting.com/
http://statusblog.myhosting.com/#oncloud

Regards,

The same support guy I’ve been dealing with all day. +1 for that.

That final email just kind of shoved me over the edge with absolutely not wanting to stick around.  Seriously, that’s pretty much how I read when it came in.  I didn’t discover the .htaccess issue with clean URLs being totaled until this morning when Sean emailed me.

Seriously +1 to them on ownership for support.  Other than this recent shit storm they’ve been a decent host but I’m biting the bullet and going to a VPS.  Because of my love for Microsoft Exchange I’ll be getting a separate host for email just for the wife and I but at this point I’m downloading sites one by one and moving them to the VPS when possible.

This site will be the first to move and will hopefully be done by early in the evening.  I still need to finish securing the VPS and doing other setup work.

Barron is the owner, editor, and principal author at The Minuteman, a competitive shooter, and staff member for Boomershoot. Even in his free time he’s merging his love and knowledge of computers and technology with his love of firearms.

He has a BS in electrical engineering from Washington State University. Immediately after college he went into work on embedded software and hardware for use in critical infrastructure. This included cryptographic communications equipment as well as command and control devices that were using that communications equipment. Since then he’s worked on just about everything ranging from toys, phones, other critical infrastructure, and even desktop applications. Doing everything from hardware system design, to software architecture, to actually writing software that makes your athletic band do its thing.

I did not want to get involved, but…

A person on twitter decided to make derogatory statements towards me, behind my husband’s back, so to speak. She had the audacity, without knowing me, to call me fat. My husband was in a debate/argument with her about firearms, more specifically the AR 15 platform. She went into PSH and escalated from there.

Her statement makes me believe that she is a bitter old hag who is angry at life for having a disability. The disability she mentions I don’t have much sympathy for.

Especially since she still has her fucking foot. My dad is an amputee. My disability, radial nerve palsy, has essentially rendered my dominate hand useless. I empathize with people who have disabilities. Also, she seems to not have reading comprehension since my husband did not generalize disabilities. He specifically stated that she doesn’t understand MY disability.


Further, the AR15 platform she is freaking out about has provided a way for me to safely and effectively shoot a rifle.

For starters, it has a low recoil and therefore doesn’t kill my muscle atrophied shoulder. The pistol grip allows me to hold the rifle so as to not torque my wrist like a standard rifle. The front post gives me stability to safely fire the firearm without causing strain to my good/working arm. Due to my disability a bolt-action rifle is not a viable option for me.  I can not easily operate a bolt with my injured hand.

This woman is nothing more than a miserable old person intent on spreading her misery to others.  Which isn’t surprising since “Gun Control is a Movement of Old White People.

I’m not miserable or upset by my disability unlike that woman.  Why?  Because I had one of the best role models in the world for dealing with it.  She is dead set on spreading her misery and ensuring that everyone be as miserable as her.  Heaven forbid they find the freedom and empowerment that comes with shooting firearms.

Lastly, my family hunts to stock their freezer.  The meat is by far healthier for our family and we know full well where our food came from.  You don’t get much more “free range” or “organic” than bagging your own buck.

Then again she doesn’t really care, she just hates anyone who does anything that she doesn’t like.  If you looked up the word “Puritan” in the dictionary, you would find her face next to it as a shining example.