All Posts By

Barney Desmond

Free as in beard

By | Technical | One Comment

The LinuxConf Penguin Dinner was held the other night, and the key event for the night was a charity auction. The goal in this case was to raise money to help save the Tasmanian Devil. It’s a great cause and bidding was moving along nicely with the auction being run by Rusty Russell and Bdale Garbee. Things eventually reached a plateau, however, and someone really needed to up the stakes a bit. Which led to calls for Bdale to pledge his beard. Beards are very Serious Business for hackers, and Bdale tells us he’s been growing his since 1982 when he was at college. It’s older than me! The bidding consortium that eventually won the auction also insisted that Linus Torvalds do the shaving. Thus, it was no small event…

Read More

sock.receive()

By | Technical | No Comments

Well, I’m impressed. My socks arrived, and just in time for my trip overseas, where I fully expect to deal with lots of snow. Delivery took one week, though one might even argue they’re a bit too serious about expediency. One pair arrived yesterday in its own box, followed by three more individual packages today. I see they’ve embraced a package-based model for their postal architecture. Not a bad move, but you have to consider the risks, like out-of-order arrival (not a big problem for socks), lossage (high retransmission cost), jitter (particularly important for sockscription customers), etc. Latency rocks, though!

Read More

Patch Tuesday again

By | Technical | No Comments

If you’re one of our dedicated server customers, you’ve got the option of a paid support package, the choices being Anchor Secure and Anchor Complete. Whatever you choose (or if you decide you don’t need one), we just hope it’s the right one for you. One of the services we provide with a support package is keeping your system up to date. For Linux machines this means installing updated packages as they’re released, and for Windows this means staying on top of Windows Update. We can do a lot of this without you ever noticing, but Windows Updates almost always require a reboot of the machine, which we schedule with our customers by email. This brings us to an amusing little snippet from one of our customers. Anchor: We’re going…

Read More

SaaS (Socks as a Service)

By | Technical | No Comments

http://www.blacksocks.com/ I came across this rather amusing company a little while ago. They’ve been around since before the turn of the millennium but I somehow hadn’t stumbled upon them until now. What with everything turning web2.0-ey nowadays, I’d say they’ve got themselves a nice little niche. In case you’re too busy to visit (or too much of a slacker, TL;DR!), the concept is simple: you pay a yearly subscription fee (they call it a “sockscription”), and they keep sending you pairs of nice new black socks. It’s a very cute idea that has wide-ranging appeal and applicability. It also abides by one of the general rules for sysadmins, which is to automate whatever you can; the less time you waste thinking about repeatable tasks, the more time you have for…

Read More

SaaS (Security-scanning as a Service)

By | Technical | No Comments

We’ve had some enquiries from customers recently regarding security compliance scans, the most popular of which is the PCI DSS. For those not in the know, this stands for the Payment Card Industry Data Security Standard. It is of course a fascinating topic, covering best-practice standards for processing and storage of customer information. The enquiries we get relate to a security scan carried out by an Approved Scanning Vendor (ASV). The usual report format is a list of potential “vulnerabilities” detected, with a severity rating of 1 to 5 assigned to each. Anchor’s shared hosting servers never have any problems with this, so the report reads like a missal of mundanity. TCP port 21 is open, an FTP service appears to be running! Crazy, I know… The thing is, this…

Read More

A new home for the Anchor NOC

By | Technical | One Comment

http://royal.pingdom.com/2008/11/14/the-worlds-most-super-designed-data-center-fit-for-a-james-bond-villain/ This story’s been around for a little bit, but it popped up in the geeky media a few days ago. Seeing it, we were inspired to share our own little piece of home with you. Rent prices for inner-city office space have been rising steadily over the last few years, and smaller businesses in particular are starting to feel the squeeze. Rather than sitting around hoping for the real estate economy to cool down a bit, we made the decision several months ago to move. We’ve handled a few office moves since we opened up shop in 2000, most of them have come off without a hitch and (more importantly) with no impact to our support operations. As much fun as moving is, doing it every few years is…

Read More

Winning the war on PHP memory leakage

By | Technical | No Comments

One of our dedicated server customers recently had a problem with the machine keeling over and dying for a few days in a row, for no apparent reason. This necessitated a remote reboot of the server to get it running again (we cut the power to both power supplies for a few seconds). The immediate suspicion was faulty hardware, but this should rarely be the case as we put our hardware through a thorough “burn in” period before it’s ever deployed. In addition to this, it was happening pretty regularly in the middle of the day. After spotting this pattern, a quick look at our trending graphs showed us the problem very clearly. The machine was steadily using all available physical memory. Once this ran out, the system starts pushing…

Read More

Root cause analysis using shell history timestamping

By | Technical | No Comments

Some of the problem-solving we do has a forensic component (not in the legal sense). When something breaks down, we perform what’s known as Root Cause Analysis. It’s well and good to fix the symptoms so things are running again, but it’s more important to fix the problem so it doesn’t happen again. Often enough, we’ll login to a user’s account and check out what they’ve run recently. They might have edited a config file, removed some necessary wrapper scripts (this happens on our shared hosting servers), or blindly duplicated something that really shouldn’t be copied. Whatever the case, these are good places to start looking when you need to fix something.

Read More

Bug report: “all” does not mean all, for some values of “all”

By | Technical | No Comments

We’ve discovered some interesting things about Windows, and they never fail to cause some head-scratching. We had cause to go rooting through a customer’s wordpress installation recently to hunt down the cause of PHP errors, and discovered two WTFs here. The first was the breakage of various scripts in the wp-admin directory. Through means unknown, every array definition was broken by the addition of a file path. If you grok PHP, you’ll recognise that this isn’t syntactically valid: $defaults = array( ‘show_option_all’../../../wordpress/wp-includes/ => ”, ‘show_option_none’../../../wordpress/wp-includes/ => ” ); Python is our preferred in-house language, but breadth of knowledge is more important for a sysadmin. Cleaning up the PHP was a snap, but it’s a mystery as to how this happened in the first place; according to the customer it “just…

Read More

Firewall Hero III: Legends of Packet Filtering

By | Technical | No Comments

Customer support can be fantastically rewarding sometimes. When your combination of skill, tenacity and knowledge produce a solution that’s straightforward and effective, the feeling of satisfaction is hard to match. It doesn’t even have to be something big, we’ll take those small victories gladly. Our work sometimes looks a bit like magic, and we don’t mind one bit. A few weeks ago one of our customers reported problems with streaming media from their server. Clients were taking about 20-30sec to connect, which was of course unacceptable, and they were suspecting something was wrong on our side, perhaps congestion or some over-zealous border firewall. The redundant connectivity we purchase is well above requirements even in the face of failure, and we don’t oversell bandwidth, so the former wasn’t a possibility. We…

Read More