Recently in Announcements Category
Apparently, the antivirus software that we used (clamav) decided to tell us that it was out of date - by breaking mail.
http://www.clamav.net/lang/en/2009/10/05/eol-clamav-094/
I've upgraded, and mail appears to be flowing again - the backlog from today is being processed now.
File space usage has grown significantly since our last server upgrade. I expected the current disk space to hold us for 4 years, which is about what I budget for the overall hardware. Alas, it is looking like perhaps I should upgrade the storage sooner.
The fun part is, gigo.com currently is comprised of 5 disks, but realistically only 250 gig usable space to end users. We spend a fair bit on redundancy, in case of catastrophy. Here is how it is broken out:
- disks 1+2: main system, this is where the main files are stored, and served from. Anything we do happens here. This is continously mirrored, so that if either disk fails, the system can quickly recover and keep running. And, I can put in a replacement to restore redundancy "hot".
- disks 3+4+5: Backups. At any given time, 2 disks are hot and mirrored; and 1 is cold (offsite, my house). Periodically, I take the cold disk, stop at the colo, swap out one hot disk for the cold one. The server will resync the mirror, and the disk I have in my hand goes back home - with a copy of several days worth of our files. And, total time in the colo is <10 minutes to sign in and swap a disk.
With that in mind, if I do upgrade storage, I'm not upgrading just one disk, but realistically all 5. Ooof!
What I'm looking at doing is:
- 2 enterprise class SATA 1GB disks - $160 each + the governor's ransom - matched set for mirroring.
- 3 desktop class SATA 1.5GB disks - $120 each + the governor's ransom - matched set for mirroring.
The backups can be desktop class; they get hit with less work, don't need to be as fast, and we can afford a failure there without a serious panic. They should however be larger than the main system drives, since we backup multiple days worth of changes (currently we back up ~20 days worth of changes; this number varies based on space available and number of changes made in a day).
I'm looking to try and help raise about half this cost - so a target of $375. If you're a significant user of gigo.com and can help, please contact me. Lady Visa will be covering the gap; I'm aiming to do this hardware changeout over the xmas break.
This is to users to ssh to gigo.com.
Last year, I enabled countermeasures to help keep the SSH hack attempts against gigo.com down to a minimum. We automatically block the IP address of systems trying to log in to gigo.com and repeatedly failing.
The problems are getting worse; as such I'm making these changes:
- Attempts to log in as a valid ID: unchanged; 10 attempts and you're banned 15 minutes
- Unknown accounts and daemon accounts: immediately blocked for 150 minutes
If you log in from another account with a different account name, make sure that you always remember to specify your gigo.com account name (correctly!) or the machine you are connecting from will be blocked for everything but the web server, for 150 minutes. If this regularly affects you, I *can* whitelist specific IP addresses to be immune to this behavior.
