Archive

Posts Tagged ‘sysadmin’

Automatically update iptables rules for Pingdom monitors.

March 14th, 2012 4 comments

Pingdom is an awesome service that tracks the uptime, downtime, and performance of websites (you can see an example of the public stats of this server here). If you have a firewall running on your system, you need to whitelist Pingdom’s servers or else their monitors will fail. As their servers may change at any given time, it is better to automate this whitelisting by realistically and responsibly polling the RSS feed of their monitoring servers.

It’s been done before, but this is how I have chosen to do it.

First, a little php helper script to extract the Active IP addresses of the monitors. For this example, let’s save it as pingdom.com.php alongside our bash script which will be executed by cron.

preg_match_all(
    '/((\d+\.){3}\d+).*?Active/',
    file_get_contents('https://www.pingdom.com/rss/probe_servers.xml'),
    $ips
);

echo implode("\n", $ips[1]);

Then, our bash script which is called from cron:

for ip in $(/usr/bin/php pingdom.com.php); do
    $IPTABLES -A INPUT -s $ip -p icmp -j ACCEPT
done

Of course, this is just an example and you will need to modify the firewall rule(s) according to your needs.

What nobody does is nobody’s business.

January 24th, 2012 No comments

Came across this article about the ‘nobody’ user on *nix systems and loved the closing sentence…

If you stare at the list of running processes on your server for long enough, you are bound to come across the user called “nobody”. Before you call a security expert and prepare to fight off a hacker, relax. While the username “nobody” may seem suspicious, it is actually supposed to be there.
.
.
Therefore, do not fear “nobody” and do not take any steps to hinder the user’s ability to run some of your critical applications, like the web server. What nobody does is nobody’s business.

There, you’ve been told!

Categories: All, Linux

12th Annual System Administrator Appreciation Day

July 29th, 2011 No comments

Today, and annually on the last Friday of July is sysadmin day.

A sysadmin unpacked the server for this website from its box, installed an operating system, patched it for security, made sure the power and air conditioning was working in the server room, monitored it for stability, set up the software, and kept backups in case anything went wrong. All to serve this webpage.

Head over to sysadminday.com for more.

Categories: All, Technology, Web