Joshie.com

I have a couple of servers that sit out on the Internet, and every day I get a little report on how they are doing, and if someone is trying to break in to them. Today I got this report;

sshd:
   Authentication Failures:
      root (121.100.48.130): 1353 Time(s)
      unknown (121.100.48.130): 1148 Time(s)
      root (61.168.227.12): 582 Time(s)
      root (125.141.237.100): 165 Time(s)
      root (180.68.206.31): 99 Time(s)
      unknown (125.141.237.100): 93 Time(s)
      unknown (61.168.227.12): 60 Time(s)
      unknown (180.68.206.31): 42 Time(s)
      root (222.211.78.20): 23 Time(s)
      adm (121.100.48.130): 6 Time(s)
      bin (121.100.48.130): 3 Time(s)
      dbus (121.100.48.130): 3 Time(s)
      ftp (121.100.48.130): 3 Time(s)
      games (121.100.48.130): 3 Time(s)
      gopher (121.100.48.130): 3 Time(s)
      halt (121.100.48.130): 3 Time(s)
      lp (121.100.48.130): 3 Time(s)
      mail (121.100.48.130): 3 Time(s)
      mailnull (121.100.48.130): 3 Time(s)
      mysql (121.100.48.130): 3 Time(s)
      mysql (125.141.237.100): 3 Time(s)
      named (121.100.48.130): 3 Time(s)
      news (121.100.48.130): 3 Time(s)
      nobody (121.100.48.130): 3 Time(s)
      nscd (121.100.48.130): 3 Time(s)
      operator (121.100.48.130): 3 Time(s)
      pcap (121.100.48.130): 3 Time(s)
      root (123.30.98.50): 3 Time(s)
      rpc (121.100.48.130): 3 Time(s)
      shutdown (121.100.48.130): 3 Time(s)
      smmsp (121.100.48.130): 3 Time(s)
      sshd (121.100.48.130): 3 Time(s)
      sync (121.100.48.130): 3 Time(s)
      unknown (222.211.78.20): 3 Time(s)
      uucp (121.100.48.130): 3 Time(s)
      nfsnobody (121.100.48.130): 2 Time(s)
      rpcuser (121.100.48.130): 2 Time(s)
      haldaemon (121.100.48.130): 1 Time(s)
      unknown (123.30.98.50): 1 Time(s)

The biggest offender is of course 121.100.48.130 which I was surprised to see was Afghan Wireless. Nothing like being hacked from some jerkoff halfway around the world where my tax dollars are most likely feeding his family. The other joker is 61.168.227.12 from China Unicom Henan province network. Did you guys not learn from hacking Google? If I wasn't so extremely tired from work I'd care more about this. 1347 attempted breakins in a single day. The lesson of the day is to use secure passwords and also to use automatic lockout systems so that pretty much none of their attempts would have worked out.

The tool for today is DenyHosts which is an opensource python script that can watch for SSH attacks and block the IPs for a period of time or forever. It allows you to sync your blocks with their server, and receive a list of blocked hosts from other DenyHosts users. Definately worth checking out. They work on CentOS, but also OS X, Fedora, Mandrake, FreeBSD, OpenBSD, and SuSE.

GoToAssist Express vs. LogMeIn Central for IT Consultants

Sunday, January 24, 2010 at 4:08PM |

Everyone who has ever supported either their mom or a business client knows that it's hell to try to and visualize what a user has on their screen, and even worse to understand the user's interpretation of what they see on their screen. At my primary job we use a product called Bomgar which I know and love. That product requires an appliance device and really isn't a good fit for me running a tiny consulting business. One of the most important features of a remote support solution is the ability to reach a machine that is behind a firewall. Both GoToAssist and LogMeIn fit that requirement, and both also support Mac and Windows which is my other main requirement.

I want to say that I really like LogMeIn Central a lot. I think it's a very mature product and it's priced at $334.83 per year if you let the demo run out and then login to the site at the end of the demo to get the discount offered to you. GoToAssist comes in at $462.00 for the year if you do the same. It's important to know that whichever you try you should run the demo for the full 30 days and then go back any time after the 30th day and both services offer a large discount to get to those prices.

LogMeIn Central offers a virtual VPN type service with the yearly fee. This is really nice and lets you make computers think they are on the same LAN. Two things about LogMeIn Central really tick me off however;

You still need to pay for LogMeIn Pro agents if you want to use alerting/monitoring. Seriously? You already got a pretty good chunk of money and you still want to get me for $80/year/client for Pro?
If I support someone new with LogMeIn I have to walk them through installing the agent. It's a bit of a hassle and requires them to pick a password if they have no Windows password. It was confusing for several people I worked with. Plus on the tail end I have to uninstall it from their system in some cases so that means walking them through that process. GoToAssist has a MUCH better method for starting up and tearing down a session.

GoToAssist Express has a couple of annoyances as well;

There is no Unattended support for Macs. Is it that hard? LogMeIn does it.
There is no iPhone app. I love that I can reach my clients on LogMeIn via the iPhone app.
The price. It's basically $38.50/month if you pay $462.00 for the year. That means unless I work with at least one person a month for an hour at a minimum then I lose money. It just drives up costs for me, and I feel the price is basically out of line.

At the end of the day I think LogMeIn Central is a better product overall, but GoToAssist Express wins my business because of the better setup and tear down of a support session. I think that if I was supporting a small to medium business of machines that were 100% mine to support that I would go with LogMeIn Central because then I wouldn't be removing the agents and assuming the business would pay for it then the LogMeIn Pro client not only offers advanced monitoring of CPU, RAM, Disk use but it provides the end users with an easy way to share their desktop or files with others for presentations. For the consultant doing lots of work that is 1-off where I'm not returning to the same machines all the time then GoToAssist is a much better fit even if I'm bummed about the lack of iPhone application and lack of Unattended Mac support.

8 Comments |

Permalink |

tagged

Remote Support in

Tuesday

Jan052010

Picked up some Mac OS X domain names

Tuesday, January 5, 2010 at 1:07AM |

Today I was thinking about potential websites, and about my old linux website that did pretty well long ago. I picked up a couple of domains that I think have potential;

http://www.macadmin.org -- A site for Mac admins?
http://www.macengineer.info
http://www.macengineer.org -- A site for system engineers?
http://www.macsearch.info
http://www.macsearch.org -- Use Google AdSense for search for a portal?
http://www.mactechsite.com -- A site about Mac hardware?

I think there is some potential for a popular Mac site or two. Of course TUAW is really great, and I don't know that I'll ever make something equal to that, but maybe I can build something helpful to the Mac community. I guess I'll let this stew in my head for a little bit. If anyone has any ideas for anything feel free to email me. It doesn't have to be a money making project, but it can't be a money losing project either.

Joomla Content Management System (CMS)

Sunday, January 3, 2010 at 12:32PM |

For my consulting business I wanted to build a nice website that was very functional and had a modern look. I've never been very artistic so most of my options are Content Management Systems that are popular so creative people have made so many templates that I could make my site look unique without very much effort. Another issue I have had in the past is that I would build a site using various open source products, but none of them would talk to one another. So I might have a calendar on a site that has one set of usernames and then a forum that has another set. It can be pretty frustrating to integrate sometimes.

My web hosting company actually has a bunch of CMS systems that can install with a few clicks. I picked Joomla because it is insanely popular, has many modules that integrate seamlessly with it, and the learning curve was not very high to get started with it. I would recommend folks install it and pick to install the demo content, and then mess around and uninstall it. Then re-install it without the demo content and go through the Quick Start Guide. I was able to basically understand things in about two hours, and then in the third hour I was up and running. That might sound like a lot, but honestly three hours to learn a CMS system is pretty good. If you start playing with

Once I understood how Joomla works I moved on to Extensions to add a forum to my website. I chose Kunena which I had never heard of before, but it looked very nice. You can see my forum here. It took about 2 minutes total to setup the forum, and integrating it in the website was simply a matter of editing the top menu to add an entry that was a link to the Kunena module.

Lastly I still have to pick a theme. Right now I'm just using the default theme, but I edited the template.css inside the theme to point to my logo instead of the default, and I changed the hight and width to match my logo. First go to Extensions -> Template Manager and pick to edit the rhuk_milkyway theme. Next click to Edit CSS, and then pick to edit the template.css file. Note that the images folder referenced in template.css is not your /joomla/images/ folder but rather a folder in the theme. I changed the below to ../../../images/jnux_logo.png because my image is inside /joomla/images/ and changed the height and width to match my logo.

div#logo {
position: absolute;
left: 0;
top: 0;
float: left;
width: 298px;
height: 75px;
background: url(../images/mw_joomla_logo.png) 0 0 no-repeat;
margin-left: 30px;
margin-top: 25px;
}

I hope this information is helpful to anyone setting out to run a website for work or for recreation. I think Joomla can fit both types of needs. If you need someone to host your Joomla site please consider my web hosting company http://www.jnuxhosting.net for your needs.