Archive for the ‘Technology’ Category

« Older Entries
Newer Entries »

What is a Dedicated Server?

Wednesday, July 27th, 2011

What is a dedicated server? That’s a relatively easy question to answer but a short answer will only scratch the surface. A dedicated server is a physical server that is installed in a data center, connected to an IP network and used to host applications that are accessed via the web or to process database requests, email, DNS or any other number of tasks.

The thing that differentiates a dedicated server is typically that the full resources of the server are only used by one client, hence the word “dedicated”. This is also referred to as dedicated hosting. An example of how this would not apply would be for shared hosting because while you can have literally hundreds of shared hosting clients on a single dedicated server, those resources are not dedicated to any one particular client and are spread among many clients. The example of running hundreds of shared hosting websites on a single dedicated server goes back to the earlier comment about the short answer only scratching the surface.

Good examples of clients who would require dedicated servers would be clients whose websites have outgrown their shared hosting environment. That is typically a function of CPU and RAM requirements. If you are trying to run large database application on a shared hosting server while 200 other websites are competing for processing power, you will probably see a substantial degradation of service. It will likely still function, but it will also more than likely be very slow and at times even unresponsive. Not to mention that your provider will encourage you to migrate to a dedicated server or to managed hosting if you lack the technical expertise to manage the dedicated server.

What is a dedicated server vs. what is not. Dedicated servers typically imply that you have the technical expertise on staff to manage all of the technical aspects of that server, including security, routine maintenance, updates and many other things. If you do lack those resources, managed hosting would likely be a far better choice for you. While the cost for managed hosting is always more than dedicated, the peace of mind you will receive by knowing that your server is managed by a team of experts is always well worth the additional cost.

So there you have it. The next time someone asks you “What is a Dedicated Server?”, you can now give an answer that makes sense.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

Tags: , , , , ,
Posted in Company, Industry, Technology, tips | No Comments »

Being Disconnected in a Connected World

Monday, July 25th, 2011

To a large percentage of the world’s population, the Internet couldn’t be more irrelevant or any lower on the totem pole of life’s necessities. However, I happen to live in the group that relies heavily on the Internet to conduct business, perform research, communicate with friends, family and of course, waste time.

If you are like me, you are plastered with Internet access 24/7 in your day-to-day life, especially at work or at home. While I’m out and about, I’ve always got my trusty iPhone which can do 90% of the things that I need to get done with relative ease. If my iPhone lets me down, I can use my iPad to tackle the other 9% percent. The last 1% are probably things I could do without anyway, so they can wait.

I’ve been traveling internationally the past couple weeks so I have experienced a fairly consistent lack of Internet connectivity and as a result, have had to travel a short distance (less than a mile) to a local café with free WiFi or maybe I got lucky and bummed free WiFi off someone with an unsecured network.

When I’m thoroughly disconnected and have no Internet resources whatsoever, something strange happens to me. I tend to notice things that are around me more because I’m not bumping into them while checking the weather on my iPhone. I also find myself engaging in conversation with more people because I’m not busy deleting spam out my inbox or replying to a text message. Does any of this sound familiar?

Yes I need the Internet and no I don’t need the Internet. What I mean is.. if I had to choose between never having access to the Internet again for the rest of my life or.. well, I can’t think of anything that would be applicable for a trade. You can’t say television because the Internet provides that. You can’t say music or radio because the Internet provides both of those. We pretty much can’t say anything that you can’t physically put your hands on because the Internet provides all of those too. But you can say anything that you can touch, feel, taste, and smell. I left “see” out because as we already know you can see everything on the Internet. Especially the stuff you have no interesting seeing.

What I’m trying to say is that I/we forget too often that the Internet is just a tool to help us do things and it’s not really very good at much else. Have you ever tried to have a conversation with the internet? How about asking the internet on the date? Maybe go to dinner with the internet or make friends with the internet? Sure you can see the great pyramids on the internet but let’s be real, that’s no substitute for standing in front of them, smelling the air, feeling the sun reflect off of them or touching the stones.

So I suppose it’s okay to be disconnected and in some cases, even therapeutic. It’s sad to say but I know people who would have a complete meltdown if they lost their Internet connection for a week or two. If you’re reading this blog post it’s very likely that I don’t know you, but it’s also very likely that he might be one of those people.

Not that you asked for it, but my recommendation would be to pick one day on the weekend to not use the Internet. That means disconnect the data portion on your phone as well because that would be cheating. You’ll survive an entire day without Google maps and even though your “real friends” on Facebook might be scratching their heads at your sudden absence, they too will survive. Just do it as a test and then think about that day as it progresses. You might surprised at what you experience.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

Tags: , , , , , , ,
Posted in Fun Stuff, Technology, tips | No Comments »

Reclaiming innodb Diskspace in MySQL

Friday, July 22nd, 2011

NOTE: If you are not familiar with advanced MySQL administration techniques it would be in your best interest to refer this to a MySQL dba who can account for any differences in how your database is configured and used. Please do not run these commands untested on a production server and if you do not know how they will apply in your particular situation,.. YMMV.

On a high traffic server using MySQL innodb tables it is not uncommon over time for tables to consume a large amount of diskspace, requiring the administrator of the database to take action to reclaim space used by data that has not been freed when data has been deleted or left over after an ‘optimize’ has been run.

One way around this is to do a table ‘reinsert’, which can be used to free space on a live server without needing to shut down the service.

Let’s say for example that the table in question is called ‘MyLargeTable’, you’ll want to make a note of this table’s schema so that an identical table can be created:

mysql> show create table MyLargeTable;
+————–+————————————————————————————————————————————————————————————————+
| Table | Create Table |
+————–+————————————————————————————————————————————————————————————————+
| MyLargeTable | CREATE TABLE `MyLargeTable` (
`id` int(11) NOT NULL auto_increment,
`vars` varchar(100) default NULL,
`processed` tinytext,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 |
+————–+————————————————————————————————————————————————————————————————+
1 row in set (0.00 sec)

mysql>

The output of this command will show the exact syntax to be used to recreate the table.

Now rerun this, substituting MyLargeTablenew for MyLargeTable in the previous commands output:

mysql> CREATE TABLE `MyLargeTablenew` (
`id` int(11) NOT NULL auto_increment,
`vars` varchar(100) default NULL,
`processed` tinytext,
PRIMARY KEY (`id`)
) ENGINE=InnoDB

If all rows that are no longer needed have been removed from the table you could simply insert all data 1 for 1 (see NOTE below!):

mysql> insert into MyLargeTablenew (select * from MyLargeTable);

If the data still exists in the previous table and you can identify what rows are no longer needed you can simply devise a select to only return the data that is still needed. IE. if your table stores records that are to be processed and then somehow flagged, you can use this flag to limit a search query to exclude the rows that have already been processed, and use this to ‘reinsert’ the data into the newly created table:

mysql> insert into MyLargeTablenew (select * from MyLargeTable where processed=’N');

NOTE: In your select statement it may be necessary to specify specific columns that are still needed, for instance you may want to leave out a column that uses autoincrement or other columns that use data that should not be reused in the new table you created.

Then simply rename each table, and remove the old one when complete.

mysql> rename table MyLargeTable to MyLargeTableold ; rename table MyLargeTablenew to MyLargeTable; drop table MyLargeTableold;

After removal you should have reclaimed the space previously used by records that were identified as no longer needed or have been previously deleted.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

Posted in Technology, tips | No Comments »

Workstation Backup Solutions Pt. 3: Redundancy

Thursday, July 14th, 2011

No backup project would be complete without considering redundancy. As I mentioned in my first article (Workstation Backup Solutions Pt. 1: Having One), there are situations you have to consider such as hardware failure, natural disasters, theft, and a few others.

Redundancy What?:

When we think of redundancy, we care most about having multiple  replication points in backups (discussed in my second article Workstation Backup Solutions Pt. 2: Methods & Retention), and then about replicating that data to other hardware or even geographically different locations. Let me elaborate in the next section.

Redundancy Where?:

With local redundancy (Raid arrays, replicating to multiple physical hard drives/hardware, etc.) you ensure that the information is copied across multiple pieces of equipment, which should minimize data loss in case of hardware failure. The issue with this is that even if you have 10x replication of a single piece of data, unless you live in a bomb shelter with the ultimate fire/flood suppression setup, you can’t really be sure a natural disaster won’t destroy the hardware.

Geographical redundancy is a little bit harder to implement on a budget because of expense involved in keeping multiple sets of hardware in other locations. If you have a friend who can keep a machine elsewhere in the state/province/country/continent/world, it’s good to be you, and the redundancy world is your oyster. For uncool people like us however, buying/renting or collocating a server elsewhere is the best bet. Of course, there are companies that offer remote backups that you can use instead of hosting your own hardware, but with these services come some amount of risk, and you will need to choose wisely in order to avoid a headache.

Redundancy How?:

Firstly, you will have to determine whether you want to simply use raid arrays or local replication, or go with a remote backup option.

With raid arrays, you have the option of software or hardware raid. Software raid, though somewhat reliable, will crash and burn if anything happens to your OS, whereas hardware raid uses a raid controller and is less prone to operational failures. Using raid brings up the problem of whether an additional point of failure such as software glitch, or a hardware controller is worth it. If you buy a good raid controller, you should be better off when considering both raid options. But keep in mind that raid cards fail too. Ultimately, if choosing to use raid, I’d go with the hardware raid option always.

Local replication is as simple as moving already backed up data to another hard drive or piece of hardware. This can be done using either a drag-drop method, or setting up a script to move it for you. In Windows, simply creating a network share folder and setting up a routine to move the files over works pretty well. In Linux, a cron that runs an rsync or sFTP script works well too. For Mac, a similar procedure can be ran as in Linux environments to move data.

Some backup software may have remote options available for backing things up. It is totally dependent on the awesomeness of the software developers, but this feature is also very often associated with a larger dollar amount for the software. So beware.

For true remote backups, you will need a server or hardware of some sort in a different geographical location to your system. In all honesty, maybe having it at a friend’s house a few lots over isn’t going to be enough space. Think broader. If a natural disaster has the likelihood of hitting both locations around the same time, maybe it’s wise to keep it elsewhere.

A few things to consider when retaining hardware elsewhere is:

1. Uptime/Relative Network Speed
2. Remote hands capabilities
3. Hardware guarantees on rented machines

All three points are there to minimize headache. If you can’t connect to the remote server, replication is going to be difficult and a lot of hand-holding over the process will take place. If you collocate, you will need to maintain your hardware, and having competent remote hands to install new hardware/fix issues will go a long way. If you rent a server, a hardware guarantee of some sort is a wise idea as well. If you need to rely on a backup, and the remote server has failed without you knowing about it, you can kiss sanity goodbye; there is no going back.

I hope these articles help. There are a lot of options I didn’t cover, and in redundancy no two setups are usually exactly alike. Just remember that a backup plan is better than nothing, multiple sets of backups are better than just a single backup, and a geographic redundancy scheme even better still. Also remember that Google is your friend. You can find a lot of backup articles for workstations and servers from other contributors there.

Cheers!

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

Tags: , , , , , , , , , ,
Posted in Technology, tips | No Comments »

PCI Compliance and Centos false positives

Friday, July 8th, 2011

These days more and more sites are required to have pci compliance scans to take credit card transactions, and these tests will often report false positives when performed against a Centos or Redhat server. The reason is that the scan is simply checking for the software version installed though Redhat backports critical updates to their existing software rather than update the entire package.

For this reason the version number will be misleading and it is typical for these hosts to have to file disputes for each of these every time the scan is to be performed. To determine whether the software has been patched with the needed updates you can use the rpm command with the ‘changelog’ parameter and see if the CVE number for the related vulnerability has been fixed in the rpm installed.

[root@host ~]# rpm –changelog -q openssl | grep CVE
- fix CVE-2010-4180 – completely disable code for
- fix CVE-2009-3245 – add missing bn_wexpand return checks (#570924)
- fix CVE-2010-0433 – do not pass NULL princ to krb5_kt_get_entry which
- mention the RFC5746 in the CVE-2009-3555 doc
- fix CVE-2009-3555 – support the safe renegotiation extension and
- fix CVE-2009-2409 – drop MD2 algorithm from EVP tables (#510197)
- fix CVE-2009-4355 – do not leak memory when CRYPTO_cleanup_all_ex_data()
- fix CVE-2009-1386 CVE-2009-1387 (DTLS DoS problems)
- fix CVE-2009-1377 CVE-2009-1378 CVE-2009-1379
- fix CVE-2009-0590 – reject incorrectly encoded ASN.1 strings (#492304)
- fix CVE-2008-5077 – incorrect checks for malformed signatures (#476671)
- fix CVE-2007-3108 – side channel attack on private keys (#250581)
- fix CVE-2007-5135 – off-by-one in SSL_get_shared_ciphers (#309881)
- fix CVE-2007-4995 – out of order DTLS fragments buffer overflow (#321221)
- CVE-2006-2940 fix was incorrect (#208744)
- fix CVE-2006-2937 – mishandled error on ASN.1 parsing (#207276)
- fix CVE-2006-2940 – parasitic public keys DoS (#207274)
- fix CVE-2006-3738 – buffer overflow in SSL_get_shared_ciphers (#206940)
- fix CVE-2006-4343 – sslv2 client DoS (#206940)
- fix CVE-2006-4339 – prevent attack on PKCS#1 v1.5 signatures (#205180)
[root@host ~]#

If the CVE number listed in the PCI test that has failed is in this list the installed rpm has been patched for that vulnerbility and that test can be disputed as a false positive with the company who is performing the scan.

SociBook del.icio.us Digg Facebook Google Yahoo Buzz StumbleUpon

Tags:
Posted in Technology, tips | No Comments »

« Older Entries
Newer Entries »