We got it. Had to open the Nginx logs and noticed too many "posts" in the error log. Dug in and it was three ranges overseas all hitting with a "post timeout attack." It was a light DDoS where sessions were being opened and held causing nginx to wait on a timeout. This caused Apache to just increment forever. Once we blocked those ranges, the Apache thread count started to drop for the first time, and memory started to release. And the continuous flood of nginx error logs ceased.

If you are looking at nginx error logs, this is what you look for: upstream timed out (110: Connection timed out) while reading response header from upstream, client:

You can use this command to collect the offending IP addresses:

grep "upstream timed out" error.log | cut -d' ' -f20

Then use your firewall to shut them down. We are all good now! Woot.

@zachary715 said in Linux Options for Dell PowerEdge 2950 II:

Just curious what role this server will be playing...

Web server

@IRJ said in "Upgrading" a laptop for the Police Department:

@Dashrender said in "Upgrading" a laptop for the Police Department:

@IRJ said in "Upgrading" a laptop for the Police Department:

@wirestyle22 said in "Upgrading" a laptop for the Police Department:

@DustinB3403 said in "Upgrading" a laptop for the Police Department:

PD and modern don't mix because of their "security standards".

Idk who is worse the FD or the PD

It's all government. :crying_face:

Look at the gap between protecting public information and defense information. When it comes to defense information, they pay billions of dollars for information security. When it comes to protecting tax payer's services that affect the tax payer on a daily basis, they have the absolute worst security practice possible.

Well from an FD POV, what is there that they need to protect?

From a PD POV - the information they have in general should mostly be a matter of public record, so keeping it from hackers seems slightly unnecessary - that said, you still don't want hackers using the resources for non PD functions.

So everyone not in healthcare, finance, PCI, or defense doesnt need to protect their workstations, applications, and servers? That is news to me.

That is not what I said at all.

@Pete-S said in Digital order forms for mobile sales transactions:

@EddieJennings said in Digital order forms for mobile sales transactions:

@Pete-S said in Digital order forms for mobile sales transactions:

Do you have a card swiper / chip reader so you can process payments directly?

Yes. I've been using PayPal Here for a few years with great success. I'm just looking to improve the process of collecting of order information.

Wouldn't it be better to have the customer enter their info with their own phones instead of using your ipad? I assume you get the orders at the same time more or less.

Possibly. And yes, orders and payment happen at the same time. At these events orders are about 60% credit and 40% cash transactions.

@scottalanmiller said in Trading a VPN for an SSH Tunnel:

@JasGot said in Trading a VPN for an SSH Tunnel:

@scottalanmiller said in Trading a VPN for an SSH Tunnel:

@JasGot said in Trading a VPN for an SSH Tunnel:

Put a RouterBoardOS RB260GS at each house and use a free ddns service. $35each and yo're done.
Or a Ubiquiti Edge Router Lite will work too, just more expensive.
I use the Ubiquiti ERL for IPSec into my house from the office, my phone, and my laptop. Love it.

All more work and more money than easy and free.

Easy is relative. $70 for the two is only $10 more than he is currently paying for one year. Starting with month 15, it is free!

Comparing to a bad decision is misleading. You have to throw money away today, and ignore better options, to them create the "savings" of spending money. That's a false decision matrix.

The real comparison is against something free. That's the baseline to beat. Otherwise, nothing is costly compared to any contrived more expensive decision.

Example: I want a laser light show for my house, I don't need it, I just want it. The free option is to not buy one. Buying one is normally $100. But I could find one that is $200 and then say that the $100 is "free" or even "saving me money." But this is false, it's still costing $100 no matter how many more expensive alternatives we find.

It's like the 'sale' problem. The shirt was on sale for 50% off, I saved 50%!! No, you still bought a shirt you didn't need, money was lost versus the free baseline.

The wife gets mad when I tell her you save 100% if you don't buy anything.

We have a lab set up, I will be using that serial capture that @scotth gave me based on @Pete-S suggestion.
We'll see what we can find and try to fix.
thanks for the input.

Here is what showed up in the unit...

https://assets.curvature.com/sites/default/files/pdf/GLC-SX-MMD-CURV.pdf

If this is a new install, stop now and start over. Ubuntu 16.04 is quite old and should not be being deployed. Zimbra's main install option is CentOS 7 which is current. Those directions are not good, use the actual Zimbra directions, Zimbra installation the correct and current way is plenty easy. There are guides on this site, too.

@scottalanmiller said in Yealink t27g vs t42s:

@BraswellJay said in Yealink t27g vs t42s:

Do you generally use the Endpoint Manager or any of the other commercial modules?

There is no commercial module that we use regularly. But we've got some clients that use many.

There are pretty much zero reasons not to add SysAdmin Pro for $25. Getting the email config in the GUI and the ability to tell the web server to use authentication for the config files saves more time than the cost to do it yourself manually.

So, easy fix, the ca_stag2 was a staging DB that was not needed and was not current. The whole thing appears to have corrupted. So I simply "moved" that entire directory to /tmp (just in case I had to put it back) and then MySQL could fire up.

@Dashrender said in NIC in promiscuous mode - what traffic can it see?:

You can get a switch to give you all traffic on a mirrored port on the switch. This would allow you to see all the traffic on that other port. normally you would mirror the uplink port.

Yepp. That's typically where you'd put your IDS if you didn't have requirements that it be an in-line.

Reset the cache on both browsers.

We have a MicroCenter 5 miles from the office, so it's swing by on the way to the client now that they carry a decent selection of Ubiquiti APs.

@scottalanmiller said in Updating to Fedora 30 Gives Pix Error:

Doing an upgrade from Fedora 29 to Fedora 30 and you get...

Error: Problem: package pix-1.8.2-1.fc29.x86_64 requires libexiv2.so.26()(64bit), but none of the providers can be installed - exiv2-libs-0.26-12.fc29.x86_64 does not belong to a distupgrade repository - problem with installed package pix-1.8.2-1.fc29.x86_64 (try to add '--skip-broken' to skip uninstallable packages)

This seems to happen with most normal workstation installs of Fedora. Easiest thing to do is simply remove Pix.

sudo dnf remove pix -y

Your update should work fine after that.

I don't ever use it. But, yeah it is there by default.

@DustinB3403 said in What is the difference between Dead and Failed for service status?:

@IRJ Did you look at journalctl to see what the logs say?

He doesn't care about why things are failed. He just wants the states. It is for monitoring and automation.

Same every time. Seagate is great because they are cheap, but only in numbers, you need failure protection such as raid.