Server Monitoring Basics

One of the important aspects of hosting a server (besides backups!) is monitoring. Knowing when your server is offline and needing manual intervention to bring it back online is key to running a server. Without having the proper monitoring and notifications in place can cause site outages which can costs businesses their money and customers. Because you can’t always be on your server 24/7 checking things and making sure they are working (well you can but you might find yourself very tired), it is very important to have the proper monitoring and notifications to keep your site online as much as possible. In order to have the proper monitoring, you will need to know what you have to monitor and how to accomplish that.

(more…)

VENOM Security Vulnerability – CVE-2015-3456

Today a security vulnerability (CVE-2015-3456) known as VENOM was publicly announced. This bug is described in detail here and here.

At MNX.io, we run SmartOS. Our architecture runs QEMU inside of an additional secure container. This means that if an attacker were to exploit this, they would be confined inside their existing secure container and would NOT affect other customers.

We will be patching the software to completely remove this flaw, and will roll that out to our customers in a future build.

If you have any questions, please contact support by submitting a request in our operations portal at https://ops.mnx.io.

Removing a passphrase from an SSL Key

The typical process for creating an SSL certificate is as follows:

 # openssl genrsa -des3 -out www.key 2048

Note: When creating the key, you can avoid entering the initial passphrase altogether using:

# openssl genrsa -out www.key 2048

At this point it is asking for a PASS PHRASE (which I will describe how to remove):

 Enter pass phrase for www.key:
 # openssl req -new -key www.key -out www.csr

Next, you will typically send the www.csr file to your registrar. In turn, your registrar will provide you with the .crt (certificate) file.
(more…)

A Proper Server Naming Scheme

Here at MNX, we’ve been busy setting up a brand new data center for our cloud hosted services. We started off as a consulting company providing managed Linux services, which means we have been exposed to a ton of different customer environments and an equal number of schemes for naming equipment…not all of them good. It’s a problem that goes back as far as computers have existed, and everyone has their own opinion on the “best” way to name hosts. Most methods start out fine at the beginning, but quickly become unwieldy as infrastructure expands and adapts over time. (more…)