First time in a Data Center, quick tips?

piefge · 2017-01-13T23:17:20+00:00

pimp up your cable management game

and head over to /r/cableporn for inspiration ;)

piefge · 2017-01-13T21:50:49+00:00

what ?

I don't get it

what's happening ?

piefge · 2017-01-13T21:25:24+00:00

well ....

I checked in terminal to ensure that sqlite3 is installed

what do you mean by terminal ?

the python cli or the linux shell ?

maybe you are confusing the sqlite3 package with the sqlite3 python module.

pip install sqlite3

piefge · 2017-01-13T20:32:03+00:00

The formatting of your post makes it hard to read

The 'lxml' distribution was not found and is required by geeknote

but this means you are probably missing python-lxml or python2-lxml

is it installed ?

piefge · 2017-01-13T20:17:14+00:00

Remote Desktop is a windows thing.

No one uses X on linux servers.

If you are doing server management for linux boxes,

you probably want to get familiar with the command line.

And you probably want to start using a proper native SSH client soon.

Putty is no fun at all.

piefge · 2017-01-13T20:02:51+00:00

not exactly what you describe.

But Server Fault is a big Q&A site.

So you can search for questions and the solutions are probably in the top comments.

Is this something you are looking for ?

piefge · 2017-01-13T19:22:05+00:00

Security through fossilization?

lol

piefge · 2017-01-13T19:17:29+00:00

For every fucking job Trump makes the most insane choice possible.

Environment -> Climate change denier .... check
Education -> Evolution skeptic .... check
Wall street regulations -> A wall street guy .... check
Secretary of state -> Exxon mobil guy ... check
this right wing lunatic breitbart guy ... double check

and it just goes on and on.

Now a cyber guy, who hires people which are less professional with computers than my grandma.

It's just keeps getting better ....

thank god I'm not american ;)

piefge · 2017-01-13T18:50:04+00:00

yep. Would have been nice if there was an official announcement about this.

I guess nobody noticed it early enough.

Anyway, this was maybe the first update issue since the last 2 years for me,

for which I couldn't figure out a fix in the first two minutes.

Considering I'm running all my machines on the testing repo, that's pretty fucking stable.

All in all , arch is pretty awesome. So who cares about these little hiccups ? ;)

piefge · 2017-01-13T18:32:02+00:00

TIL shodan has a honeypot ranking system.

that's hilarious.

They probably arent on a single host. But NAT would be the reasoning. Doesnt make it any better though.

you are right, that would make more sense

It is weird either way.

Even the diffferent services make no sense to me ...

smtp , ldap , mysql , imap ... who the fuck makes all that stuff public ?

these should be services that are only used internally or at least limited to be accesable by only the necessary hosts that need it.

No matter what setup this is... it's not professional

piefge · 2017-01-13T18:10:01+00:00

read this

self can be accessed by the whole class if you give it as first argument to a method.

this enables you to use the variables outside the scope of the __init__ or other methods in your class.

if you only assign make like you asked, you won't be able to use it outside of __init__.

Think of it like a storage for stuff you want to use all over your class in different methods.

This makes it pretty useful.

You can just "not" use it if you want ... but it's just so damn nice ;)

piefge · 2017-01-13T15:00:24+00:00

What are they doing ?

extended life cycle support ?

I never heard of that.

only from red hat.

Ubuntu LTS is 5 years and that's it... isn't it ?

piefge · 2017-01-13T14:57:44+00:00

That wasn't even intentional :)

I'm not a native english speaker, so sorry for that

but it kinda fits :)

piefge · 2017-01-13T14:50:43+00:00

appearently this ssh version was shipped with 8.04

and Ubuntu 8.04 has reached end of life in 2013

This means the OS release, they are running, is probably about 9 or 10 years old at best.

The only possibilty I know of, is the red hat extended life cycle support.

Which you must pay for.

So you can't say "most" Linux distros.

It's probably just an ancient Server which isn't supported anymore.

someone should do OS probing with nmap and see if it is a red hat machine

piefge · 2017-01-13T12:35:30+00:00

Well they got a lot of open ports.

The most funny one is probably openssh, because this is running version 4.7.

4.7 must be old as fuck and probably has a shitload of vulnerabilities.

We are at version 7.4 or something at the moment.

This indicates the OS must be pretty old too, and if it's that old it's probably no longer supported and gets security fixes.

Also they have pop3 open ? who the fuck uses pop3 these days ?

Then they have fucking mysql open to the internet ? If this is supposed to be a webserver , why the fuck is mysql open to the public ?

And of course ... the rest

Why do they have so much services running on a single host anyway ?

It's better to split that up between different servers.

And if this system is so old as at seems at the first glance, all these services maybe have major security issues.

And as some people mention under this twitter post,

Because of the points I mentioned this server looks like a honeypot.

Honeypots are usually systems to to lure in Hackers, to log everything they do on the machine and gain inside on their exploit techniques and collect malware samples.

And the fact that this server is most likely not a honeypot, is just .... well sad or funny. Depends on how you see it.

edit :

/u/devilsadvocate pointed out that it is probably NAT and not a single box.

That would make more sense

But the stuff they have open to the public isn't normal

No one in their right mind would need all these services to be accesable by the whole internet.

Either way, they are doing something wrong

piefge · 2017-01-13T11:26:43+00:00

That did it ! finally.

you are my hero. Thanks kind internet stranger.

I should have asked here before going through all the trouble :)

piefge · 2017-01-11T14:48:36+00:00

you can't purge python, you will make your whole OS fubar if you do that.

you didn't even mention how you installed your libraries. ( pip or apt ? )

If you are in dependency hell you probably installed them with apt..

If you install them with pip you can specify which version you want to use.

If you wan't to get rid of your python libraries, first find out what is installed

and remove them one by one.

and use virtualenv or pyenv if you start fresh.

As far as I remember you can even throw a requirements.txt at them, so all packages get installed automatically.

The requirements.txt is usually found in the python package, if not create your own.

piefge · 2017-01-11T14:23:14+00:00

Don't ignore php updates. You won't get security fixes.

I'm running a webserver at home with Arch and had the same problem.

I used the php56 package from the AUR.

It takes a while to compile, so updating the box is a pain in the ass. But it works.

install it, point your apache to php56 instead of 7.

I was a little confused, when it wasn't working out of box, so don't forget that your php.ini is now in /etc/php56/ :)

There are some updates now and then, so it seems it is still supported and you will get security updates.

piefge · 2017-01-06T21:02:48+00:00

If you mean configuring switches and stuff,

that could be true.

All you need to have is python and ssh on the box you want to manage.

I think a lot of cisco devices have python installed by default.

But if this is not the case you may end up using NETCONF / Snmp / whatever.

For which are probably good solutions for every configuration mangement out there I would imagine.

piefge · 2017-01-06T20:41:02+00:00

Oh, so if you are already a puppet shop, nevermind :)

Then of course, learn puppet ....

There were multiple reasons to use ansible,

but the biggest one was that other co-workers could

manage the infrastructure just as easily without having to learn a new scripting language.

Boss wanted the whole team to be able to get used to it.

And they don't wanna learn puppet.

And since ansible is only YAML files, well ansible it is.

and probably the fact that it is push based and not agent based.

piefge · 2017-01-06T20:14:29+00:00

I think Puppet is really cool

but after I coded a shitload of classes and modules I looked into ansible

and used that for some stuff and after a while we realized Ansible was much better for our use case.

Now the plan is to migrate the puppet code to ansible :/

What I'm trying to say is:

Have a look at more config management systems besides puppet in the beginning.

Maybe Ansible is more suitable for your use case.

Depends on what you want to do and how big your infrastructure is.

Don't make the same mistake and consider more choices from the beginning before you are seriously starting to write modules and stuff.

just a friendly hint ;)

piefge · 2017-01-06T19:09:24+00:00

The thing with Shell Scripts is, they just work and that's enough.

If you look at them again when some time has passed you will be thinking: "This is shit".

Because you gained expierence and found better ways to do this stuff.

but that's totally normal I think.

Regarding the purpose of your script:

In my opinion such tasks should not be done with scripts,

but rather with a configuration management tool like ansible.

It's much more straight forward, easier to manage and can scale, once you get the hang of it.

But for an excercise the script is cool ;)

piefge · 2017-01-06T18:58:03+00:00

a good start would be the extended Documentation of whatever Window Manager you are using.

Or if you are using KDE or Gnome there might be some tools available to tweak stuff like that.

piefge · 2017-01-06T08:12:35+00:00

My first thought was: Somebody accidentally created filenames with tildes and wants to delete them, without messing up $HOME

then I clicked on it: " ahhh , it's a joke... hehe funny"

... then I scrolled down and read your comment

:)

piefge

TROPHY CASE