Nameserver Giving False Results
Mar 25, 2007
Is there any way to avoid getting false name lookups when trying to resolv inexistent domains ? apart from using another nameserver.
I'm sorry if it was posted earlier, tried searching but it didn't help as it gave me large results.
Code:
[root@removed ~]# ping hjkdji284kajgafhj87da778dfsd.com
PING hjkdji284kajgafhj87da778dfsd..com.insertdchere.com (xx.xxx.xxx.xx) 56(84) bytes of data.
64 bytes from www.insertdchere.com (xx.xxx.xxx.xx): icmp_seq=0 ttl=61 time=1.00 ms
64 bytes from www.insertdchere.com (xx.xxx.xxx.xx): icmp_seq=1 ttl=61 time=0.952 ms
64 bytes from www.insertdchere.com (xx.xxx.xxx.xx): icmp_seq=2 ttl=61 time=1.34 ms
View 2 Replies
ADVERTISEMENT
May 29, 2008
I didn't want to say anything bad about this Host, because the staff is very friendly, but people need to be warned incase they didn't get what they ordered either.
I ordered a server with a hotswappable RAID, and got a the welcome letter a few days later. The welcome letter didn't have my root password or my IP address range. So, I emailed asking for that. Then I started wondering if they missed anything else because the welcome letter nor their client area lists the server specs. So I asked if they have my the correct hardware.
They said No, and will give me a monthly credit and the correct hardware for the inconvience. It was a new server and wasn't a big deal to me.
But then I wondered if they did the same to the server I ordered like 40 days ago. So I asked and they said they messed up my hardware on that order too. That server is already up and running with sites on it.
The host is AxisHost , I know many people here recommend them, thats why I chose them, but this seems like it may be happening a lot with them.
View 8 Replies
View Related
Jun 30, 2008
Rootkit Hunter version 1.3.2 ]
[1;33mChecking rkhunter version... [0;39m
This version : 1.3.2
Latest version: 1.3.2
[ Rootkit Hunter version 1.3.2 ]
[1;33mChecking rkhunter data files... [0;39m
Checking file mirrors.dat [34C[ [1;32mNo update [0;39m ]
Checking file programs_bad.dat [29C[ [1;32mNo update [0;39m ]
Checking file backdoorports.dat [28C[ [1;32mNo update [0;39m ]
Checking file suspscan.dat [33C[ [1;32mNo update [0;39m ]
Checking file i18n/cn [38C[ [1;32mNo update [0;39m ]
Checking file i18n/en [38C[ [1;32mNo update [0;39m ]
Checking file i18n/zh [38C[ [1;32mNo update [0;39m ]
Checking file i18n/zh.utf8 [33C[ [1;32mNo update [0;39m ]
Warning: Checking for preload file [ Warning ]
Warning: Found library preload file: /etc/ld.so.preload
Warning: The file properties have changed:
File: /bin/ps
Current hash: 36f3d8a9fcaebf5838e5e55ebdcac7e355477343
Stored hash : 8f1acf237e562043f8353f4ec5d0c3490c0d0cb3
Current inode: 1228803 Stored inode: 1228857
Current size: 61364 Stored size: 67088
Current file modification time: 1214487892
Stored file modification time : 1195262225
Warning: The command '/usr/bin/GET' has been replaced by a script: /usr/bin/GET: perl script text executable
Warning: The command '/usr/bin/groups' has been replaced by a script: /usr/bin/groups: Bourne shell script text executable
Warning: The command '/usr/bin/ldd' has been replaced by a script: /usr/bin/ldd: Bourne shell script text executable
Warning: The file properties have changed:
File: /usr/bin/top
Current hash: 15f1f743d73d9546a05a15644816139de7708327
Stored hash : 5e78fb7f0a02643a91964081ca03316dbaf01bdd
Current inode: 246165 Stored inode: 245920
Current size: 48536 Stored size: 48504
Current file modification time: 1214487892
Stored file modification time : 1195262225
Warning: The file properties have changed:
File: /usr/bin/vmstat
Current hash: 898351bc3be226caf6915715b23a1c7cc5d35fdd
Stored hash : edaa64f3921a0a2d873c14a5eb641ba883f4dcff
Current inode: 246561 Stored inode: 246020
Current size: 17872 Stored size: 20444
Current file modification time: 1214487892
Stored file modification time : 1195262225
Warning: The file properties have changed:
File: /usr/bin/w
Current hash: 480c2c2e4f1048e19fc075f4daebe79fa84e08d1
Stored hash : 87f39eeb583bc7f6622e95fd0266f093ed8b362b
Current inode: 246020 Stored inode: 246167
Current size: 9720 Stored size: 11720
Current file modification time: 1214487892
Stored file modification time : 1195262225
Warning: The file properties have changed:
File: /usr/bin/watch
Current inode: 246167 Stored inode: 245924
Current file modification time: 1214487892
Stored file modification time : 1195262225
Warning: The command '/usr/bin/whatis' has been replaced by a script: /usr/bin/whatis: Bourne shell script text executable
Warning: The command '/sbin/ifdown' has been replaced by a script: /sbin/ifdown: Bourne-Again shell script text executable
Warning: The command '/sbin/ifup' has been replaced by a script: /sbin/ifup: Bourne-Again shell script text executable
Warning: The file properties have changed:
File: /sbin/sysctl
Current hash: b560099caf18d28bcc0249efaec75dcddb87b219
Stored hash : fa13202ac5897d9f7198e8afbbe7d0c835b07639
Current inode: 589893 Stored inode: 589875
Current size: 9144 Stored size: 11048
Current file modification time: 1214487892
Stored file modification time : 1195262225
I know some of these warnings like /usr/bin/GET - groups -ldd - whatis - ifdown – ifup are normal false positives.
But other warnings are new,
I think they changed after upgrading the cpanel to 11.23
I have cpanel on centos 4.6
View 6 Replies
View Related
May 21, 2008
After few days of not getting even "one" spam out of average 70 messages a day...the company manager got angry! He thought the mail system is down.
Our provider - a VDS subscriber who rent us shared plan for a website - said: we changed nothing. I confirmed: did you install any new anti-spam software on the site...they said: NO.
In a next conversation with the company manager, they told him they installed a new anti-spam software on the whole server and cannot make it off for our site specifically.
The problem is, they already had a kind of anti-spam software which only "marks" spam-like messages with "**SPAM**" in the subject line, and doesn't mark others. I am afraid some customers' emails get marked and deleted with this new software they claim implemented, based on false positives.
Many times I get my emails in Yahoo and Hotmail go to Spam/Junk folder for some not-widely known reasons, like sending to myself, while putting recipients in CC, and other strange reasons like just using CC in an auto-reply!
something any non-tech person might do.
I am thinking in switching to a new host where we only host mails (mx record), so we don't have "any" email deleted without our check.
View 5 Replies
View Related
Jun 13, 2007
I was surprised to see that they had 100% uptime in May according to their logs. I am used to see 99.98%, 98.97% etc. etc. with other hosts. But even 100% is quite possible.
On June 7th the uptime suddenly dropped below 96% with avg. 7 outages. I was really disappoined as I was planning to signup. But after a day or so it again rose to 100% with 0 outages on all of their servers which clearly explained the 100% uptime of May.
According to them they had a attack because of which IPs of nodes had to be changed and subsequently they also changed it on hyperspin.com (their server monitoring service). I immediately signed up on hyperspin to verify this claim. Changing the IP or hostname of a monitored service on hyperspin doesn't reset its log is what i clearly observed. Its quite visible that the logs were reset intensionally to hide the actual server uptime and make it always show 100% percent. When i reverted back to them on this issue, they prefered to close the ticket. I just want to know from other hosts, it this practice common or primaryvps.com is an exception? Well as mentioned on their site, the uptime log is located at:
hyperspin.com/publicreport/30037/20077
But don't expect too much. It has only two figures 0 for outages and 100% for uptime.
View 14 Replies
View Related
Oct 27, 2006
I have a Virtuozzo VPS running Debian Sarge. I installed apf. My /etc/apf/conf.apf looks like:
IFACE_IN="venet0"
IFACE_OUT="venet0"
SET_MONOKERN="1"
IG_TCP_CPORTS="21,22,53,80,443,25,465,110,995,143,993,137,139,445,10000,3306"
IG_UDP_CPORTS="53"
Am am getting several "iptables: Invalid arguments" message. I traced this to these iptables calls from within /etc/apf/firewall. Each of these iptables calls gives "iptables: Invalid arguments":
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ALL NONE -j IN_SANITY
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags SYN,FIN SYN,FIN -j IN_SANITY
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags SYN,RST SYN,RST -j IN_SANITY
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags FIN,RST FIN,RST -j IN_SANITY
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ACK,FIN FIN -j IN_SANITY
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ACK,URG URG -j IN_SANITY
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ACK,PSH PSH -j IN_SANITY
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ALL FIN,URG,PSH -j IN_SANITY
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j IN_SANITY
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ALL ALL -j IN_SANITY
/sbin/iptables -A INPUT -i venet0 -p tcp --tcp-flags ALL FIN -j IN_SANITY
Any thoughts? According to my ISP, I have these iptables modules:
iptable_filter
iptable_mangle
ipt_limit
ipt_multiport
ipt_tos
ipt_TOS
ipt_REJECT
ipt_TCPMSS
ipt_tcpmss
ipt_ttl
ipt_LOG
ipt_length
ip_conntrack
ip_conntrack_ftp
ip_conntrack_irc
ipt_conntrack
ipt_state
ipt_helper
iptable_nat
ip_nat_ftp
ip_nat_irc
View 0 Replies
View Related
May 24, 2009
I am looking for webhosts providing free dedicated (not shared) SSL certificates alongwith dedicated IP.
Currently I found only dotable.com and other companies in the UK2 group providing such a package. Is there any other good webhost providing free SSL certificates.
My budget is maximum $10 per month.
Only CPanel hosts are preferred and access to WHM would be a definite plus though not mandatory.
View 10 Replies
View Related
Aug 3, 2009
I have a chrooted ftp user that I use on my server. I would like to run a cron job using this user that backs up my mySQL databases. When I execute the job, it complains about date and mysqldump not existing. I was able to fix the date problem simply by copying it from the actual /bin to the chrooted /bin. However, I can't simply copy mysqldump because it depends on several libraries. Anybody know how I can give this chrooted user access to commands that aren't in his chroot?
View 6 Replies
View Related
Mar 21, 2014
I need to get working an apache2 in suse 11 as reverse proxy with a vendor's web page and it is not working. This is what happens:
1. I load the page through the reverse proxy and i can see: http://192.168.1.10/cgi-bin/design/html_template/login.html
2. Then i write user and password
3. I press the login button and i should see:
http://192.168.1.10/cgi-bin/design/html_template/login.cgi
http://192.168.1.10/cgi-bin/design/html_template/webviewer.cgi
but instead of that i see:
404 Not Found
The requested URL /error/HTTP_BAD_GATEWAY.html.var was not found on this server.
View 5 Replies
View Related
Mar 11, 2008
I don't really know much about how mod_security rules work, I've just clicked on default configuration in WHM.
Anyway one user on our vbulletin board has pmed me saying he can't access the board. He gave me his fixed ip. And I noticed it is in CSF denied ip list as:
lfd: 5 (mod_security) login failures from xx.xx....
I've checked mod_security log and it has like twenty entries for this ip saying: ....
View 3 Replies
View Related
Jun 3, 2009
I've had this virtual server with Godaddy forever. I have about 52 websites on it. I was adding another and I walked through the registration process and forgot to click the save button. I then proceeded to the domain area of Godaddy to update the IP address. Now I can't add domains, delete dns settings, or update DNS settings without getting these kinds of messages:
Your URL: /dns/sync.do
Error details:
CommandFailedException: Unable to parse DNS configuration file
at c.g.t.f.systems.dns.LinuxDnsSubsystem.updateConfigFile:1165
at c.g.t.f.systems.dns.LinuxDnsSubsystem.synchronizeDomains:958
at c.g.t.w.actions.dns.ActionDnsSync.process:39
at c.g.t.w.actions.AbstractSpringAction.execute:118
...
at c.g.t.w.filters.AuthorizedResourceFilter.doFilter:38
...
at c.g.t.w.filters.RequestPopulationFilter.doFilter:117
...
Cause: SAXParseException: Premature end of file.
...
at c.g.t.f.systems.dns.LinuxDnsSubsystem.updateConfigFile:982
at c.g.t.f.systems.dns.LinuxDnsSubsystem.synchronizeDomains:958
at c.g.t.w.actions.dns.ActionDnsSync.process:39
at c.g.t.w.actions.AbstractSpringAction.execute:118
...
at c.g.t.w.filters.AuthorizedResourceFilter.doFilter:38
...
at c.g.t.w.filters.RequestPopulationFilter.doFilter:117
...
So! Godaddy has now had me upgrade my disk space to another 10gig, I've tunneled in with ssh and ran memhog to increase memory because they are suggesting that I'm too low on RAM and want me to purchase another server, I can't just ugrade. I've updated all the packages in my simple control panel.
I finally got an email from them after begging for help, because $75 an hour is just too much for me!
This is what I got:
Dear Sir/Madam,
Thank you for contacting Server Support.
If this issue started after the modifications to the DNS of a domain, then it is likely that the DNS file or configuration has become corrupted. You can attempt to manually update or recreate the DNS file via SSH. Unfortunately, we are unable to provide assistance with the configuration of the server or modification of files. While you do have a lot of domain names added to the server, a backup of the content and reprovision of the server will reset the server to the default settings. However, this will remove all content and require that you re-add all domains and content once again.
I have backed up all my sites and databases, but to start all over again is a horrific thought. I can't imagine the nightmare.
View 0 Replies
View Related
Apr 22, 2008
How can I stop the rootkit hunter false positives?
It is alerting on these, on a fresh OS install:
Checking for prerequisites [ Warning ]
/usr/bin/groups [ Warning ]
/usr/bin/ldd [ Warning ]
/usr/bin/whatis [ Warning ]
/sbin/ifdown [ Warning ]
/sbin/ifup [ Warning ]
View 2 Replies
View Related
Mar 12, 2008
Got this error on rkhunter 1.3.2
Quote:
[12:16:24] /usr/bin/wget [ Warning ]
[12:16:24] Warning: File '/usr/bin/wget' has the immutable-bit set.
Is that a concern? What does it mean?
View 5 Replies
View Related
Jul 9, 2007
I tried a little searching both in Google and on here but this is probably going to be a private or member-based thing anyway.
I've gotten a couple comments that some of my outbound personal mail is ending up in spam folders. I think it's almost completely limited to having Outlook (or Express?) as a client... which I assume doesn't even do network-based lookups. Nonetheless I don't seem to be on any blacklists, and running it through my own spamassassin filter comes up basically zero score. But the fact that more than one person has had the problem concerns me greatly. Also, I haven't seen any significant reason why the content itself would trigger anything.
I realize a public spam test service would basically be a "testing ground" for spammers to evade detection, but there's obviously legitimate uses as well... is there such a tool somewhere? Thanks for any advice. Public information sharing is key to a forum, but PMs are welcome in this case.
View 0 Replies
View Related
Jun 26, 2008
Being using the free version of siteuptime.com but this month alone i have had so far 3 false alerts reported, i am always in the putty and does not get interrupted, and i am sure i am around on the site too while supposedly siteuptime reports down (i am guessing firewall blocks their server ip for w/e reason). So am wondering is there any really good public tracking site out there which can do public reports more accurately and not kak out on me?
Whats your experience with siteuptime for monitoring if any ? Sometimes it works "ok" other times its just off the charts.
View 9 Replies
View Related
Sep 28, 2014
Every time I log on plesk 11.09 I get an email from admin saying that due to maximum number of failed login attempts for admin, the account was blocked for 30 minutes.
First, I do not get failed login attempts, I log in every time.
Two, the account is not blocked, I can log in, out and back in as many times as I want without problem except that I get this email everytime.
View 3 Replies
View Related
Apr 4, 2008
1) I use DNSMadeEasy for a couple of my important domains so I can utilize their failover service.
2) I use my own nameservers for everyone else.
At my register (GoDaddy) I've added host entries to my domain (let's call it host.com) for ALL of my nameservers: DNSMadeEasy and mine. For example here are my host entries:
1) nsdme0.host.com = 55.55.55.55 (DNSMadeEasy)
2) nsdme1.host.com = 56.55.55.55 (DNSMadeEasy)
3) nsdme2.host.com = 57.55.55.55 (DNSMadeEasy)
4) nsdme3.host.com = 58.55.55.55 (DNSMadeEasy)
5) nsdme4.host.com = 59.55.55.55 (DNSMadeEasy)
6) ns1.host.com = 60.55.55.55 (mine)
7) ns2.host.com = 61.55.55.55 (mine)
At the register I've then configured host.com to use the first five nameservers for itself, the DNSMadeEasy nameservers.
For less critical sites that I host I simply point them to ns1.host.com and ns2.host.com, my nameservers.
Now, here's the twist. If I use dig to look up www.host.com I get:
[root@lax1 ~]# dig +trace www.host.com
; <<>> DiG 9.3.3rc2 <<>> +trace www.host.com
;; global options: printcmd
. 220048 IN NS D.ROOT-SERVERS.NET.
...........................................
. 220048 IN NS K.ROOT-SERVERS.NET.
;; Received 228 bytes from 66.63.160.2#53(66.63.160.2) in 1 ms
net. 172800 IN NS J.GTLD-SERVERS.net.
...........................................
net. 172800 IN NS G.GTLD-SERVERS.net.
;; Received 497 bytes from 128.8.10.90#53(D.ROOT-SERVERS.NET) in 74 ms
host.com. 172800 IN NS nsdme0.host.com.
host.com. 172800 IN NS nsdme1.host.com.
host.com. 172800 IN NS nsdme2.host.com.
host.com. 172800 IN NS nsdme3.host.com.
host.com. 172800 IN NS nsdme4.host.com.
;; Received 225 bytes from 192.48.79.30#53(J.GTLD-SERVERS.net) in 125 ms
www.host.com. 1800 IN CNAME host.com.
host.com. 75 IN A 60.55.55.55
host.com. 86400 IN NS nsdme2.host.com.
host.com. 86400 IN NS nsdme1.host.com.
host.com. 86400 IN NS nsdme5.host.com.
host.com. 86400 IN NS nsdme0.host.com.
host.com. 86400 IN NS nsdme4.host.com.
host.com. 86400 IN NS nsdme3.host.com.
;; Received 276 bytes from 123.123.123.123#53(nsdme0.host.com) in 68 ms
BUT, if I lookup the nameserver (ns1.host.com) I get:
Code:
[root@lax1 ~]# dig +trace ns1.host.com
; <<>> DiG 9.3.3rc2 <<>> +trace ns1.host.com
;; global options: printcmd
. 218964 IN NS M.ROOT-SERVERS.NET.
...........................................
. 218964 IN NS K.ROOT-SERVERS.NET.
;; Received 228 bytes from 66.63.160.2#53(66.63.160.2) in 1 ms
net. 172800 IN NS H.GTLD-SERVERS.net.
...........................................
net. 172800 IN NS G.GTLD-SERVERS.net.
;; Received 497 bytes from 202.12.27.33#53(M.ROOT-SERVERS.NET) in 115 ms
ns1.host.com. 172800 IN A 60.55.55.55
host.com. 172800 IN NS nsdme0.host.com.
host.com. 172800 IN NS nsdme1.host.com.
host.com. 172800 IN NS nsdme2.host.com.
host.com. 172800 IN NS nsdme3.host.com.
host.com. 172800 IN NS nsdme4.host.com.
;; Received 241 bytes from 192.54.112.30#53(H.GTLD-SERVERS.net) in 151 ms
What I've realized is that the actual IP addresses for nameserver host entries come from a higher level server than my own, in this case H.GTLD-SERVERS.net. I guess this makes sense but I just hadn't realized it before. It looks like I don't even need to have record entries in my DNS records for the host nameservers.
Now for the question. Can I:
1) Remove my custom host nameserver entries from my register.
2) Add entries in my DNSMadeEasy records to specify the location of ns1.host.com and ns2.host.com.
3) Use the failover provided by DNSMadeEasy to also fail-over my DNS entries for my nameservers?
I know this would require one more hop if it works but it would allow me to provide failover ability to fifty domains without having to purchase the extra domains at DNSMadeEasy.
View 2 Replies
View Related
Jan 28, 2009
Is there a way to page results from ls through FTP similar to the way you can in your shell by using ls | less (or ls -l | more)? When I try ls | less through FTP, even on a linux server, it wants to output to a local file?
View 3 Replies
View Related
Jul 26, 2007
##################################################################
--------------------- Selinux Audit Begin ------------------------
Number of audit daemon stops: 4
**Unmatched Entries**
Error sending failure mode request (Connection refused)
Unable to set audit pid, exiting
Cannot daemonize (Success)
Error sending failure mode request (Connection refused)
Error sending failure mode request (Connection refused)
Unable to set audit pid, exiting
Cannot daemonize (Success)
Error sending failure mode request (Connection refused)
---------------------- Selinux Audit End -------------------------
--------------------- Cron Begin ------------------------
Commands Run:
User *system*:
personal crontab reloaded: 2 Time(s)
User agadirnet:
personal crontab listed: 1 Time(s)
User dafatir:
personal crontab listed: 1 Time(s)
User drweb:
/opt/drweb/update.pl: 37 Time(s)
User kari:
personal crontab listed: 1 Time(s)
User karicom:
personal crontab listed: 1 Time(s)
User kastala:
personal crontab listed: 1 Time(s)
User mailman:
/usr/lib/mailman/cron/checkdbs: 1 Time(s)
/usr/lib/mailman/cron/disabled: 1 Time(s)
/usr/lib/mailman/cron/gate_news: 223 Time(s)
/usr/lib/mailman/cron/nightly_gzip: 1 Time(s)
User root:
/opt/php51/bin/php5
/usr/local/sitebuilder/utils/clear_trial_sites.php > /dev/null 2>&1: 19
Time(s)
/opt/php51/bin/php5 /usr/local/sitebuilder/utils/sip1.php >
/dev/null 2>&1: 1 Time(s)
/opt/php51/bin/php5 /usr/local/sitebuilder/utils/sip2.php >
/dev/null 2>&1: 1 Time(s)
/opt/php51/bin/php5 /usr/local/sitebuilder/utils/update_key.php >
/dev/null 2>&1: 1 Time(s)
/usr/local/psa/admin/sbin/backupmng >/dev/null 2>&1: 74 Time(s)
/usr/local/psa/libexec/modules/watchdog/cp/clean-events: 1
Time(s)
/usr/local/psa/libexec/modules/watchdog/cp/clean-sysstats: 1
Time(s)
/usr/local/psa/libexec/modules/watchdog/cp/pack-sysstats day: 1
Time(s)
/usr/local/rtm/bin/rtm 40 >/dev/null 2>/dev/null: 1116 Time(s)
/usr/local/sbin/bfd -q: 112 Time(s)
/usr/sbin/ntpdate -b -s 213.186.33.99: 1 Time(s)
run-parts /etc/cron.daily: 1 Time(s)
run-parts /etc/cron.hourly: 18 Time(s)
CRON Restarted 2 Time(s)
---------------------- Cron End -------------------------
--------------------- httpd Begin ------------------------
0.07 MB transferred in 211 responses (1xx 0, 2xx 26, 3xx 173, 4xx 12,
5xx 0)
148 Images (0.00 MB),
62 Content pages (0.07 MB),
1 Other (0.00 MB)
Requests with error response codes
400 Bad Request
/vb/Juice/images/editor/bold.gif: 1 Time(s)
/w00tw00t.at.ISC.SANS.DFind: 1 Time(s)
404 Not Found
/admin/phpmyadmin/main.php: 1 Time(s)
[url]
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
2 Time(s): PrefPort:A RlmtMode:Check Link State
2 Time(s): Virtual Wire compatibility mode.
2 Time(s): autonegotiation: yes
2 Time(s): duplex mode: full
2 Time(s): flowctrl: none
2 Time(s): ide0: BM-DMA at 0xfc00-0xfc07, BIOS settings: hda:pio,
hdb:pio
2 Time(s): ide1: BM-DMA at 0xfc08-0xfc0f, BIOS settings: hdc:pio,
hdd:pio
2 Time(s): irq moderation: disabled
2 Time(s): rx-checksum: disabled
2 Time(s): scatter-gather: disabled
2 Time(s): speed: 100
2 Time(s): tx-checksum: disabled
1 Time(s): pIII_sse : 4821.000 MB/sec
1 Time(s): pIII_sse : 4822.000 MB/sec
2 Time(s): IO window: e000-efff
2 Time(s): MEM window: fbf00000-fbffffff
2 Time(s): PREFETCH window: 20000000-200fffff
2 Time(s): Type: Direct-Access ANSI SCSI
revision: 05
2 Time(s): Vendor: ATA Model: Hitachi HDS72168 Rev: P21O
2 Time(s): BIOS-e820: 0000000000000000 - 000000000009fc00 (usable)
2 Time(s): BIOS-e820: 000000000009fc00 - 00000000000a0000 (reserved)
2 Time(s): BIOS-e820: 00000000000e6000 - 0000000000100000 (reserved)
2 Time(s): BIOS-e820: 0000000000100000 - 000000001f7b0000 (usable)
2 Time(s): BIOS-e820: 000000001f7b0000 - 000000001f7c0000 (ACPI data)
2 Time(s): BIOS-e820: 000000001f7c0000 - 000000001f7f0000 (ACPI NVS)
2 Time(s): BIOS-e820: 000000001f7f0000 - 000000001f800000 (reserved)
2 Time(s): BIOS-e820: 00000000ffb80000 - 0000000100000000 (reserved)
2 Time(s): sda: sda1 sda2 sda3
2 Time(s): ..TIMER: vector=0x31 apic1=0 pin1=2 apic2=0 pin2=0
2 Time(s): 0MB HIGHMEM available.
2 Time(s): 3ware 9000 Storage Controller device driver for Linux
v2.26.02.007.
2 Time(s): 3ware Storage Controller device driver for Linux
v1.26.02.001.
2 Time(s): 503MB LOWMEM available.
2 Time(s): ATA: abnormal status 0x7F on port 0xD407
2 Time(s): Adding 522104k swap on /dev/sda3. Priority:-1 extents:1
across:522104k
2 Time(s): Allocating PCI resources starting at 20000000 (gap:
1f800000:e0380000)
2 Time(s): BIOS-provided physical RAM map:
2 Time(s): Brought up 1 CPUs
2 Time(s): Built 1 zonelists. Total pages: 128944
2 Time(s): CPU0: Intel P4/Xeon Extended MCE MSRs (24) available
2 Time(s): CPU0: Intel(R) Pentium(R) 4 CPU 3.00GHz stepping 09
2 Time(s): CPU: L2 cache: 1024K
2 Time(s): CPU: Physical Processor ID: 0
2 Time(s): CPU: Trace cache: 12K uops, L1 D cache: 16K
1 Time(s): Calibrating delay using timer specific routine.. 5989.49
BogoMIPS (lpj=11978986)
1 Time(s): Calibrating delay using timer specific routine.. 5989.50
BogoMIPS (lpj=11979013)
2 Time(s): Checking 'hlt' instruction... OK.
2 Time(s): Checking if this processor honours the WP bit even in
supervisor mode... Ok.
2 Time(s): Compat vDSO mapped to ffffe000.
2 Time(s): Console: colour VGA+ 80x25
2 Time(s): Copyright (c) 1999-2005 LSI Logic Corporation
2 Time(s): Copyright (c) 1999-2006 Intel Corporation.
2 Time(s): DMI 2.3 present.
2 Time(s): Dentry cache hash table entries: 65536 (order: 6, 262144
bytes)
1 Time(s): Detected 2992.767 MHz processor.
1 Time(s): Detected 2992.772 MHz processor.
2 Time(s): Dquot-cache hash table entries: 1024 (order 0, 4096 bytes)
2 Time(s): ENABLING IO-APIC IRQs
2 Time(s): EXT3 FS on sda1, internal journal
2 Time(s): EXT3 FS on sda2, internal journal
2 Time(s): EXT3-fs: INFO: recovery required on readonly filesystem.
4 Time(s): EXT3-fs: mounted filesystem with ordered data mode.
2 Time(s): EXT3-fs: recovery complete.
1 Time(s): EXT3-fs: sda1: 4 orphan inodes deleted
1 Time(s): EXT3-fs: sda1: orphan cleanup on readonly fs
2 Time(s): EXT3-fs: write access will be enabled during recovery.
2 Time(s): Enabling APIC mode: Flat. Using 1 I/O APICs
2 Time(s): Enabling fast FPU save and restore... done.
2 Time(s): Enabling unmasked SIMD FPU exception support... done.
2 Time(s): ExtINT not setup in hardware but reported by MP table
2 Time(s): Freeing SMP alternatives: 20k freed
2 Time(s): Freeing unused kernel memory: 220k freed
2 Time(s): Fusion MPT SAS Host driver 3.04.01
2 Time(s): Fusion MPT SPI Host driver 3.04.01
2 Time(s): Fusion MPT base driver 3.04.01
2 Time(s): Fusion MPT misc device (ioctl) driver 3.04.01
2 Time(s): I/O APIC #2 Version 32 at 0xFEC00000.
2 Time(s): ICH5: IDE controller at PCI slot 0000:00:1f.1
2 Time(s): ICH5: chipset revision 2
2 Time(s): ICH5: not 100% native mode: will probe irqs later
2 Time(s): IP route cache hash table entries: 4096 (order: 2, 16384
bytes)
2 Time(s): IPv4 over IPv4 tunneling driver
2 Time(s): Initializing CPU#0
2 Time(s): Initializing Cryptographic API
2 Time(s): Inode-cache hash table entries: 32768 (order: 5, 131072
bytes)
2 Time(s): Intel MultiProcessor Specification v1.4
2 Time(s): Intel machine check architecture supported.
2 Time(s): Intel machine check reporting enabled on CPU#0.
2 Time(s): Intel(R) PRO/1000 Network Driver - version 7.1.9-k4-NAPI
2 Time(s): Kernel command line: auto BOOT_IMAGE=linux ro root=801 nousb
2 Time(s): Linux agpgart interface v0.101 (c) Dave Jones
2 Time(s): Linux version 2.6.18.1-xxxx-grs-ipv4-32
(root@kernel-32.ovh.net) (version gcc 3.3.5 (Debian 1:3.3.5-13)) #2 SMP
Fri Nov 3 23:04:19 CET 2006
2 Time(s): Memory: 506412k/515776k available (2860k kernel code, 8896k
reserved, 1080k data, 220k init, 0k highmem)
2 Time(s): Mount-cache hash table entries: 512
2 Time(s): NET: Registered protocol family 1
2 Time(s): NET: Registered protocol family 16
2 Time(s): NET: Registered protocol family 17
2 Time(s): NET: Registered protocol family 2
2 Time(s): Netfilter messages via NETLINK v0.30.
2 Time(s): OEM ID: ASUSTeK Product ID: APIC at: 0xFEE00000
2 Time(s): PCI quirk: region 0480-04bf claimed by ICH4 GPIO
2 Time(s): PCI quirk: region 0800-087f claimed by ICH4 ACPI/GPIO/TCO
2 Time(s): PCI->APIC IRQ transform: 0000:00:02.0[A] -> IRQ 16
2 Time(s): PCI->APIC IRQ transform: 0000:00:1f.1[A] -> IRQ 18
2 Time(s): PCI->APIC IRQ transform: 0000:00:1f.2[A] -> IRQ 18
2 Time(s): PCI->APIC IRQ transform: 0000:01:0d.0[A] -> IRQ 23
2 Time(s): PCI: Bridge: 0000:00:1e.0
2 Time(s): PCI: Enabling device 0000:00:1f.1 (0005 -> 0007)
2 Time(s): PCI: Ignore bogus resource 6 [0:0] of 0000:00:02.0
2 Time(s): PCI: Ignoring BAR0-3 of IDE controller 0000:00:1f.1
2 Time(s): PCI: PCI BIOS revision 2.10 entry at 0xf0031, last bus=1
2 Time(s): PCI: Probing PCI hardware
2 Time(s): PCI: Transparent bridge - 0000:00:1e.0
2 Time(s): PCI: Using IRQ router PIIX/ICH [8086/24d0] at 0000:00:1f.0
2 Time(s): PCI: Using configuration type 1
2 Time(s): PID hash table entries: 2048 (order: 11, 8192 bytes)
2 Time(s): Processor #0 15:4 APIC version 20
2 Time(s): Processors: 1
2 Time(s): Real Time Clock Driver v1.12ac
4 Time(s): SCSI device sda: 160836480 512-byte hdwr sectors (82348 MB)
4 Time(s): SCSI device sda: drive cache: write back
2 Time(s): SCSI subsystem initialized
2 Time(s): SGI XFS with large block numbers, no debug enabled
2 Time(s): SMP alternatives: switching to UP code
2 Time(s): Serial: 8250/16550 driver $Revision: 1.90 $ 4 ports, IRQ
sharing disabled
2 Time(s): Setting up standard PCI resources
2 Time(s): Software Watchdog Timer: 0.07 initialized. soft_noboot=0
soft_margin=60 sec (nowayout= 0)
2 Time(s): TCP bic registered
2 Time(s): TCP bind hash table entries: 8192 (order: 4, 65536 bytes)
2 Time(s): TCP established hash table entries: 16384 (order: 5, 131072
bytes)
2 Time(s): TCP reno registered
2 Time(s): TCP: Hash tables configured (established 16384 bind 8192)
2 Time(s): Time: tsc clocksource has been installed.
1 Time(s): Total of 1 processors activated (5989.49 BogoMIPS).
1 Time(s): Total of 1 processors activated (5989.50 BogoMIPS).
2 Time(s): Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2
2 Time(s): Using IPI Shortcut mode
2 Time(s): VFS: Disk quotas dquot_6.5.1
2 Time(s): VFS: Mounted root (ext3 filesystem) readonly.
2 Time(s): ata1: SATA max UDMA/133 cmd 0xD400 ctl 0xD002 bmdma 0xC000
irq 18
2 Time(s): ata2.00: ATA-7, max UDMA/133, 160836480 sectors: LBA48 NCQ
(depth 0/32)
2 Time(s): ata2.00: ata2: dev 0 multi count 16
2 Time(s): ata2.00: configured for UDMA/133
2 Time(s): ata2: SATA max UDMA/133 cmd 0xC800 ctl 0xC402 bmdma 0xC008
irq 18
2 Time(s): ata_piix 0000:00:1f.2: MAP [ P0 -- P1 -- ]
2 Time(s): device-mapper: ioctl: 4.7.0-ioctl (2006-06-24) initialised:
dm-devel@redhat.com
2 Time(s): drivers/rtc/hctosys.c: unable to open rtc device (rtc0)
2 Time(s): e100: Copyright(c) 1999-2005 Intel Corporation
2 Time(s): e100: Intel(R) PRO/100 Network Driver, 3.5.10-k2-NAPI
2 Time(s): eth0: Yukon Gigabit Ethernet 10/100/1000Base-T Adapter
2 Time(s): eth0: network connection up using port A
2 Time(s): floppy0: no floppy controllers found
2 Time(s): found SMP MP-table at 000ff780
2 Time(s): ide: Assuming 33MHz system bus speed for PIO modes; override
with idebus=xx
2 Time(s): io scheduler anticipatory registered (default)
2 Time(s): io scheduler cfq registered
2 Time(s): io scheduler deadline registered
2 Time(s): io scheduler noop registered
2 Time(s): ip_conntrack version 2.4 (4029 buckets, 32232 max) - 224
bytes per conntrack
2 Time(s): ip_tables: (C) 2000-2006 Netfilter Core Team
4 Time(s): kjournald starting. Commit interval 5 seconds
2 Time(s): klogd 1.4.1, log source = /proc/kmsg started.
2 Time(s): loop: loaded (max 8 devices)
4 Time(s): md: ... autorun DONE.
4 Time(s): md: Autodetecting RAID arrays.
4 Time(s): md: autorun ...
2 Time(s): md: bitmap version 4.39
2 Time(s): md: linear personality registered for level -1
2 Time(s): md: md driver 0.90.3 MAX_MD_DEVS=256, MD_SB_DISKS=27
2 Time(s): md: multipath personality registered for level -4
2 Time(s): md: raid0 personality registered for level 0
2 Time(s): md: raid1 personality registered for level 1
2 Time(s): md: raid4 personality registered for level 4
2 Time(s): md: raid5 personality registered for level 5
2 Time(s): md: raid6 personality registered for level 6
2 Time(s): megasas: 00.00.03.01 Sun May 14 22:49:52 PDT 2006
2 Time(s): mice: PS/2 mouse device common for all mice
2 Time(s): migration_cost=0
2 Time(s): monitor/mwait feature present.
2 Time(s): mptctl: /dev/mptctl @ (major,minor=10,220)
2 Time(s): mptctl: Registered with Fusion MPT base driver
2 Time(s): raid5: automatically using best checksumming function:
pIII_sse
1 Time(s): raid5: using function: pIII_sse (4821.000 MB/sec)
1 Time(s): raid5: using function: pIII_sse (4822.000 MB/sec)
1 Time(s): raid6: int32x1 862 MB/s
1 Time(s): raid6: int32x1 863 MB/s
2 Time(s): raid6: int32x2 795 MB/s
2 Time(s): raid6: int32x4 708 MB/s
1 Time(s): raid6: int32x8 543 MB/s
1 Time(s): raid6: int32x8 544 MB/s
1 Time(s): raid6: mmxx1 1831 MB/s
1 Time(s): raid6: mmxx1 1840 MB/s
2 Time(s): raid6: mmxx2 2122 MB/s
2 Time(s): raid6: sse1x1 1057 MB/s
1 Time(s): raid6: sse1x2 1208 MB/s
1 Time(s): raid6: sse1x2 1210 MB/s
1 Time(s): raid6: sse2x1 2099 MB/s
1 Time(s): raid6: sse2x1 2101 MB/s
1 Time(s): raid6: sse2x2 2252 MB/s
1 Time(s): raid6: sse2x2 2254 MB/s
1 Time(s): raid6: using algorithm sse2x2 (2252 MB/s)
1 Time(s): raid6: using algorithm sse2x2 (2254 MB/s)
2 Time(s): scsi0 : ata_piix
2 Time(s): scsi1 : ata_piix
2 Time(s): sd 1:0:0:0: Attached scsi disk sda
4 Time(s): sda: Write Protect is off
2 Time(s): serial8250: ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
2 Time(s): serio: i8042 AUX port at 0x60,0x64 irq 12
2 Time(s): serio: i8042 KBD port at 0x60,0x64 irq 1
2 Time(s): tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
2 Time(s): tun: Universal TUN/TAP device driver, 1.6
2 Time(s): using mwait in idle threads.
---------------------- Kernel End -------------------------
View 0 Replies
View Related
Jul 30, 2008
VPS vs. Dedicated - New Benchmark Results ....
View 1 Replies
View Related
Dec 13, 2007
We're looking to bring in a T3 for our small startup hosting company and when we do traces from multiple location it always runs through a cox.net IP and it concerns me because I dont want our customers to believe they're being hosted on some kids cablemodem. What do you folks suggest, the IP is 64.19.96.5 to their outer router. Should it be a concern that we route through everyone through a cox.net IP?
View 10 Replies
View Related
Apr 10, 2008
This is a follow-up to my original thread [url] regarding my client's experiences with HostWay.
I simply can't believe all of this, and I went through it.
The low points of the whole thing work out like this: In order to set up an SSL for my client's site, we needed a dedicated IP. If you do a traceroute on my client's URL, it resolves to someone else all together. Int he mean time, I tried to purchase an SSL through HostWay, and when they didn't respond in a week and a half, I e-mailed cancelling the order, and purchased a (thankfully) inexpensive SSL from GoDaddy. I got an e-mail back within hours from HW saying, literally, "We never processed your SSL order, so there's nothing to cancel. Let us know if there's anythig else we can do."
As I mentioned before, e-mail support seems to be handled off-shore, and it takes over a week for most answers. Phone support gets you, I found out, a service in Florida.
While the people I dealt with on the phone were always professional and polite, they literally could do almost nothing. I was told several times, "I have to e-mail someone in Chicago - no, I don't know who it is, all I have is an e-mail address."
Back to the SSL - seems HostWay already installed one on my client's site at some point - and it had nothing to do with my client. You could visit a secure version of the site, and it would tell you not to enter, as the cert didn't match the site.
My client and I both were on the phone with the Florida 800 number for hours at a time.
Average wait time to speak to someone was 30 minutes or so. I'm not carping about that part - but they were feeding us false information which was supposedly fed them from "Chicago." Specifically, I told them on the phone and via e-mail that the IP didn't resolve correctly, and that the old cert needed to be removed before a new one could go on (and only their SSL team can install certs, supposedly).
They told my client that the GoDaddy cert was causing them problems, and that it needed to be cancelled before they could install one of their GeoTrust certs. I nuked it - even though I knew better - and of course nothing was done. They lied to my client for several days, saying the new cert was installed (even though I knew it wasn't, and I told my client so, and showed them HW's tech was passing on false information).
This situation went on for almost two weeks. Finally, Monday night, my client got a supervisor based in British Columbia, Canada, who promised that he would walk "the tech admin" through fixing the problems that night. But that was only after my client threatened to pull his account.
Well, the IP is still screwed up, but they replaced the cert that night with one for which they charged my client an arm and a leg. The CC processing company is happy, so we let it ride, and they're now processing payments over the web.
If this is confusing, it's because I condensed many long days and nights into a few short paragraphs. Let's just say that HW didn't have their thinking caps on tight, because they committed to their preposterous stories to e-mails which we all received.
Later this year, at a conference to be held in Canada, a committee of nuclear power station operators will be discussing whether or not they should keep HW as the host of their site. Gee, I wonder what the consensus will be.
View 5 Replies
View Related
Nov 22, 2007
Quote:
MySQL Version 4.1.22-standard i686
Uptime = 0 days 0 hrs 4 min 15 sec
Avg. qps = 17
Total Questions = 4479
Threads Connected = 1
Warning: Server has not been running for at least 48hrs.
It may not be safe to use these recommendations
To find out more information on how each of these
runtime variables effects performance visit:
[url]
SLOW QUERIES
Current long_query_time = 10 sec.
You have 1 out of 4491 that take longer than 10 sec. to complete
The slow query log is NOT enabled.
Your long_query_time may be too high, I typically set this under 5 sec.
WORKER THREADS
Current thread_cache_size = 128
Current threads_cached = 6
Current threads_per_sec = 0
Historic threads_per_sec = 0
Your thread_cache_size is fine
MAX CONNECTIONS
Current max_connections = 2000
Current threads_connected = 1
Historic max_used_connections = 7
The number of used connections is 0% of the configured maximum.
You are using less than 10% of your configured max_connections.
Lowering max_connections could help to avoid an over-allocation of memory
See "MEMORY USAGE" section to make sure you are not over-allocating
MEMORY USAGE
Max Memory Ever Allocated : 96 M
Configured Max Per-thread Buffers : 10 G
Configured Max Global Buffers : 58 M
Configured Max Memory Limit : 10 G
Total System Memory : 3.95 G
Max memory limit exceeds 85% of total system memory
KEY BUFFER
Current MyISAM index space = 78 M
Current key_buffer_size = 16 M
Key cache miss rate is 1 : 735
Key buffer fill ratio = 8.00 %
Your key_buffer_size seems to be too high.
Perhaps you can use these resources elsewhere
QUERY CACHE
Query cache is enabled
Current query_cache_size = 32 M
Current query_cache_used = 4 M
Current query_cach_limit = 1 M
Current Query cache fill ratio = 14.83 %
Your query_cache_size seems to be too high.
Perhaps you can use these resources elsewhere
MySQL won't cache query results that are larger than query_cache_limit in size
SORT OPERATIONS
Current sort_buffer_size = 2 M
Current record/read_rnd_buffer_size = 256 K
Sort buffer seems to be fine
JOINS
Current join_buffer_size = 1.00 M
You have had 0 queries where a join could not use an index properly
Your joins seem to be using indexes properly
OPEN FILES LIMIT
Current open_files_limit = 10000 files
The open_files_limit should typically be set to at least 2x-3x
that of table_cache if you have heavy MyISAM usage.
Your open_files_limit value seems to be fine
TABLE CACHE
Current table_cache value = 1024 tables
You have a total of 721 tables
You have 93 open tables.
The table_cache value seems to be fine
TEMP TABLES
Current max_heap_table_size = 16 M
Current tmp_table_size = 32 M
Of 212 temp tables, 0% were created on disk
Effective in-memory tmp_table_size is limited to max_heap_table_size.
Created disk tmp tables ratio seems fine
TABLE SCANS
Current read_buffer_size = 1 M
Current table scan ratio = 17754 : 1
You have a high ratio of sequential access requests to SELECTs
You may benefit from raising read_buffer_size and/or improving your use of indexes.
TABLE LOCKING
Current Lock Wait ratio = 1 : 76
You may benefit from selective use of InnoDB.
If you have long running SELECT's against MyISAM tables and perform
frequent updates consider setting 'low_priority_updates=1'
how to make the changes in red? My server works good for awhile, but then gets REALLY REALLY slow.
View 1 Replies
View Related
Feb 3, 2007
I run the top command when memory usage seems to be running high on my server. I look at it and blink and have no real idea whether things are "okay" or not.
I apologize for the extreme basicness of this question. At the same I would love to have some kind of personal benchmark of "okayness" for this server so I can look at top results when things are dreadfully wrong and recognize it.
Based on these results would you say the server is holding up under traffic?
-----------------------------------
17:35:58 up 4 days, 2:26, 1 user, load average: 0.66, 0.57, 0.56
85 processes: 80 sleeping, 2 running, 3 zombie, 0 stopped
CPU states: cpu user nice system irq softirq iowait idle
total 5.4% 0.0% 1.3% 0.0% 0.0% 0.0% 93.3%
cpu00 6.2% 0.0% 1.4% 0.0% 0.2% 0.0% 92.2%
cpu01 4.8% 0.0% 1.0% 0.0% 0.0% 0.0% 94.2%
Mem: 4147916k av, 3420324k used, 727592k free, 0k shrd, 265360k buff
3128396k active, 91908k inactive
Swap: 2096440k av, 0k used, 2096440k free 2845408k cached
PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME CPU COMMAND
7359 mysql 15 0 94352 16M 3448 S 2.1 0.4 0:08 0 mysqld
9099 nobody 19 0 20256 14M 2096 R 1.3 0.3 0:00 0 httpd
1 root 15 0 1592 496 436 S 0.0 0.0 0:00 0 init
2 root RT 0 0 0 0 SW 0.0 0.0 0:00 0 migration/0
3 root 34 19 0 0 0 SWN 0.0 0.0 0:00 0 ksoftirqd/0
4 root RT 0 0 0 0 SW 0.0 0.0 0:00 1 migration/1
5 root 34 19 0 0 0 SWN 0.0 0.0 0:00 1 ksoftirqd/1
6 root 10 -5 0 0 0 SW< 0.0 0.0 0:00 0 events/0
7 root 10 -5 0 0 0 SW< 0.0 0.0 0:00 1 events/1
8 root 10 -5 0 0 0 SW< 0.0 0.0 0:00 1 khelper
9 root 13 -5 0 0 0 SW< 0.0 0.0 0:00 1 kthread
13 root 18 -5 0 0 0 SW< 0.0 0.0 0:00 0 kblockd/0
14 root 11 -5 0 0 0 SW< 0.0 0.0 0:00 1 kblockd/1
---------------
View 2 Replies
View Related
Oct 23, 2007
We run our company website on a VPS.
Now we do notice, that quite frequently, the connection times out or the server responds slowly. A friend of mine said the VPS could be the issue of this.
I ran a ping test today for several hours, sending one ping with 16 bytes with a timeout set to 3 seconds.
From 18000 pings sent (5 hours), 120 failed. Which comes to one failure in 150 pings, or one failure every 2.5 minutes.
Is this still an acceptable failure rate or do I have reason to contact our VPS provider? According to our own usage statictics, we are not using much of the server's capacities.
View 2 Replies
View Related
Apr 4, 2008
How can I get rootkit hunter to email me the results?
I tried
MAILTO=me@mydomain
0 0 * * * /root/rkhunter-1.3.2/files/rkhunter --cronjob
and
MAILTO=me@mydomain 0 0 * * * /root/rkhunter-1.3.2/files/rkhunter --cronjob
But it is not sending the email, nothing even show up in my exim_mainlog.
View 2 Replies
View Related
Oct 31, 2007
I just read Peer 1 financials -they got big this year!
Does anyone know how many actual customers they have? The financials say $74.36 Million... with 9,000 customers... humm... they must have more than that? Just curious.
View 0 Replies
View Related
Mar 13, 2008
I'm new to server administration/security/troubleshooting, so I have included a lot of info here hoping it will help.
This started because a Linux VPS with CentOS and Exim crashed after only 3000 emails were sent (of 30000) total
I ran a netstat and several times I get three separate ips with the only difference being the last two digits and the port number:
86.104.230.29:59009
86.104.117.45:18065
89.37.137.157:41593
As far as I can tell they are from Romania, and there are several connections.
I have posted a lot of information below, if someone can take a look and give some ideas, it would be very much appreciated.
netstat:
Code:
tcp 0 0 mydomain.com:http 86.104.117.98:34060 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.82:59022 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.219:52276 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.163:25383 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.154:20794 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.235:39094 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.127:61711 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.127:5748 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.37:63424 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.228:54121 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.226:39605 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.91:6446 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.10:54841 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.100:22842 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.118:32674 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.80:16559 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.64:47817 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.136:21718 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.246:37288 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.28:62119 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.190:4468 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.8:25247 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.100:35503 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.199:20896 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.237:saft SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.199:47952 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.118:60561 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.181:10844 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.125:50584 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.253:17855 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.10:25740 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.109:29528 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.62:47349 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.55:4614 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.226:22001 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.163:11790 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.44:8911 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.46:telnets SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.190:27377 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.181:34031 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.19:41722 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.100:57151 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.145:61402 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.53:52461 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.26:42463 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.217:35530 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.35:63414 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.154:56638 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.26:43972 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.172:6922 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.17:3683 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.210:2397 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.46:18754 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.244:4032 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.235:8602 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.82:39495 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.19:28848 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.163:47624 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.8:2683 SYN_RECV
tcp 0 0 mydomain.com:http 89.39.71.55:43300 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.37:1664 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.118:36892 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.17:7317 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.109:56229 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.217:45257 SYN_RECV
tcp 0 0 mydomain.com:http 89.37.137.73:15278 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.230.64:14076 SYN_RECV
tcp 0 0 mydomain.com:http 86.104.117.116:14567 SYN_RECV
View 3 Replies
View Related
Oct 22, 2009
Hope there is a DNS expert about that can make sense of what I observe and give an unbiased opinion.
We are currenlty evaluating hosted DNS providers. Anycast DNS seems like a great feature to have and we want fail over too. Narrowed down a list of possible suppliers: DNS Made Easy, Netriplex and Dynect.
After reading up on some blogs 1 & 2 mainly, we setup a Pingdom test to evaluate our three candidates.
For DME I used their own site URL for testing, Netriplex and Dynect gave us dedicated test accounts.
The average response times roughly follow the prices, DME is slowest, Netriplex next and Dynect is the winner. I have detailed logs in anyone is interested (in CSV).
Now for the unexpected results. All 3 providers give very long response times a few times a day - sometimes as long as 5 or 10 seconds. Now and again we see a timeout - i.e. a response of over 15 seconds.
We cross checked by running a testing our current non-anycast Rackspace DNS - similar outliers are present too.
Pingdom tech support think these outliers could be due to peering issues on the internet.
I would expect anycast DNS to be much more robust and to give decent response times even if there are localised networking issues.
So our outliers are either down to the way Pingdom does the testing, or just a 'feature' of the way DNS works.
Anyone with any bright ideas on how to explain this?
View 10 Replies
View Related
