Posts

Showing posts from January, 2013

Mounting A Local Linux Folder

OK so I've probably got myself into a unique situation here. I thought I would be smart and try setting up transmission to download torrents directly to my wdtvlivehub. It was a good idea at the time but it's really not working out too well. Firstly, I mounted the wdtvlivehub to a mount point on my Raspberry Pi. Works perfect.

The problem comes us with the way bit torrent works. It's doing massive amounts of really small network IOs writing and reading blocks from the disk. In my case this happens across a 100 Mbps network. I don't think the Pi is handling it that well. The other side affect appears to be on the wdtvlivehub side of things. It looks like it's detecting the file changes and is always trying to recompile the media library. Side affect - the wdtvlivehub is not usable (but I'm sure fixable :) )

I've already added a powered USB disk to the Pi and the performance is much, much better. The next step is to relocate the existing torrents without upse…

SQL Server Encryption Notes

ENCRYPTION AT REST (ON DISK) - Transparent Data Encryption or TDE
Pros Data and Log files encrypted But memory paged out of the operating system wont beNo changes for developers (ie. code remains unchanged)Provides security if SQL Access Controls are bypassed. Eg. Shut down SQL Server and take database files off the server. Stolen backup filesCan encrypt single fields or entire database (entire database probably safest)Performance hit estimated at 3-5% CPU - needs to be tested but should be acceptableThe database backup are automatically encrypted when database encryption is turned on 
ConsData not encrypted in memoryNo added protection for access via SQL (ie. TSQL or stored proc. Access Control Lists lock down this access)Need a maintenance strategy for passwords, keys, certificates Lose one of these and the database may not be recoverableMore complex database refresh procedureTDE does not increase the size of the data (but negates compression - on average we will need 3x the current di…

Securely Wiping An Old Hard Disk

Throwing your hard disks away is a major, major security risk. There's a lot of sensitive data stored on your hard drive that builds up over the years. Even deleting the contents or formatting the old drive isn't enough - people can (and do) recover 'deleted' information all the time. Just search for "recover windows files" in google to find the millions of matches on how to do this (yep, there's legitimate reasons for doing this - like when you've deleted a file and need to get it back!)

The best way to make sure your private information stays safe is to wipe the hard disk before throwing it in the trash. There's a number of free tools out there to do this. If you're running Windows then a great utility is Disk Wipe.

It's a free download and very, very easy to use. After installing you just run the program and select the drive you want to wipe. Be very, very careful and make sure you select the right drive, there's no way to get this …

Problems Mounting Drives Formatted With ExFAT In Ubuntu

Plugging in one of my external hard drives into a fresh Ubuntu 12.10 install today and it's failed with the following error message:

mount: unknown filesystem type 'exfat' Luckily following the instructions on this blog resolved the problem quickly. In short it takes 3 short commands to add exFAT support to your Ubuntu desktop:

sudo apt-add-repository ppa:relan/exfat  sudo apt-get update  sudo apt-get install fuse-exfat

Automated vSphere Daily Health Checks Using Python

The on-call staff member in our team is tasked with performing morning health checks of key infrastructure. Basic stuff like checking that we have enough free space in the data stores and that we don’t have any forgotten snapshots running in the background.

Doing these checks manually is a time consuming process so any kind of automation is a good thing™. Rather than logging onto each VMWare Server and manually inspecting the health of the VMWare host I’d rather have something automated. In this case I’ve opted for a script that does these checks for me. As a result it sends me an email in the morning using a traffic light system. Items that are “bad” or “need attention” are highlighted red. Items that are “good” are highlighted in green.

The first version of this script performs basic health checks of the VMWare host. Specifically it checks which VMWare guests are running and which aren’t. It lists all of the snapshots on the system and which virtual machine they belong to. It also …

Enable Remote Connections to MySQL

By default MySQL is configured in such a way that it won't accept remote connections. I'm guessing the is by design and a security feature. This makes sense because a lot of programs use a local MySQL database which should be secured from remote connections. Fortunately if you need to open up your MySQL database server it's an easy thing to do!

Monitoring Raspberry Pi Performance Using Cacti

Image
The Raspberry Pi is an incredible piece of hardware however, given it's limited resources it's important to squeeze every last drop of performance. This guide looks at using Cacti to monitor the performance of the Pi. By graphing the load on the system we can see how changes we make affect the performance of the Pi.


Using NAGIOS to Check the Physical Memory Available on a Windows Host

By default the CheckNT command checks the virtual memory on a Windows server. So for example, if your server had 4GB of physical memory and a 4GB page file NAGIOS and CheckNT would see 8GB of physical memory. Getting warnings and critical alerts on this memory space is quite often not very helpful. What we really want to know is do we have enough physical memory available on the server so that the server performs as well as it should.

This is where the NRPE plugins are much better as you can get much more granular when monitoring the memory on a Windows host.

To start with we need to create a new command definition. Add this to your commands.cfg (or equivalent):

# CheckWindowsPhysical Mem command definition define command { command_name CheckWindowsPhysicalMem command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -p 5666 -c CheckMEM -a MaxWarn=$ARG1$% MaxCrit=$ARG2$% ShowAll type=physical }
In the above command definition we're usi…

Find all Primary Keys With Non-Clustered Indexes

This T-SQL script is used to find all Primary Keys that have a non-clustered index associated with them. Ideally a primary key will use a clustered index which essentially means that the index is the table. This makes joins and queries that use the primary key much more efficient.

When using a non-clustered index as the primary key the table is stored as a heap or unordered table. New rows are simply added to the end of the table which can be the fastest way to load data. The problem arises when we need to search the data in a heap and after using the non-clustered primary key index we probably have to do a bookmark lookup in the table to find the rest of the row data. This is a two step operation compared to the one step index seek in a clustered primary key.

Other side affects of the heap structure include forwarded rows. When row updates happen and the data is too big to fit on the page any more the page is split. That is a second page is created and half the row data is moved to t…

Building a Headless Torrent Client Using A Raspberry Pi

The Raspberry Pi makes a great low powered torrent client machine which you can leave on 24/7. The main reason I’ve done this is to save power by running the torrent client on the extremely low powered Raspberry Pi. It also frees up my computer and keeps things a bit neater.
Before getting started this guide assumes that you’ve got a running Raspberry Pi. I’d recommend setting a static IP address which you can do using this guide here. I’d also recommend enabling SSH so that you can remote administer your Pi. The easiest way to do this is to run the following command:
sudo raspi-config This brings you back into the first menu you encountered when you setup the Raspberry Pi. There’s a menu item to Enable / Disable SSH. Go in there and enable it. While you’re at it it’s also a good idea to disable the boot into desktop option using the menus as well (unless you are using the GUI, in that case keep it!)
You can also use putty to remotely access the command line on your Pi. Using Putty is…

Ubuntu–Adding An Extra Disk To The Server

Note – these instructions don’t cover the physical side of adding a disk to your server. They assume that the disk has already been added and that we’re back at the command line.# confirm details of second disksudo lshw -C disk# open fdisk partitioning tool (assuming new disk is /dev/sdb)sudo fdisk /dev/sdb# at the menu press "n" and "enter" to create a new partition# press "p" to create a primary partition# press "1" to create 1 partition# press enter to accept the default start position of the partition# press enter to accept the default end position of the partition# press "w" to write the partition# create the filesystemsudo mkfs -t ext4 /dev/sdb1# create the mount pointsudo mkdir /srv# automount the partition on startup - edit the fstabsudo nano /etc/fstab