Monitoring WordPress Micro EC2 AWS instance with PRTG

Postinger.com runs on a micro EC2 instance from amazon. Occasionally the database uses too much CPU, memory or iops and crashes. I’m sure I should be running on a instance with more resources. I’ve adjusted swap, memory usage and threads apache uses but still occasionally the database crashes.

Screen Shot 2016-05-01 at 7.51.13 AM

this is the error

“Error establishing a database connection”

I have a PRTG instance running at home monitoring my internal network. I know PRTG has the ability to check for a word from an external webpage. So here is the solution.

Add an HTTP Advanced Web Sensor, checking for a word that will appear on your wordpress page(the word “WordPress” is a good choice for this)

2016-05-01_1133

Install the puTTY msi on your prtg server(or copy puTTY and plink.exe to it.

In your Path to your PRTG install’s notification\exe directory (E:\PRTG Network Monitor\Notifications\EXE) Add a batch file with the following line:

echo yes | plink -ssh ec2-user@domain -i e:\path\to\key.ppk sudo shutdown -r now
#echo yes, answers the prompt to trust the signature, the key is generated via PuTTYgen

Add a notification to execute a program, select the batch file you saved in the above referenced path.

2016-05-01_1136

Add a state trigger referencing your notification and set the appropriate timing.

2016-05-01_1139

That should do it. My batch file restarts the whole instance which for me is fine, but you may want to tweak the batch file only to restart the database or whatever else you see fit.

CVE-2016-2202 – Symantec Management Agent Inventory Solution 7.5 Application Blacklisting

Updated on April 7, 2016. Symantec has now acknowledged and provided a fix for this problem. Symantec reference here and the provided fix here.

Symantec was notified of this issue on March 7, 2016.

My endpoint team was testing blocking executables using SMC/SMA/Altiris/Inventory Solution (under many names) I found that if I keep opening the exe I could essentially brute force successfully launching the application that had its executable blocked. It appears that the first exe would run and not be closed by the Altiris agent.

We were looking to prevent teamviewer(remote software) from running. They were able to prevent the exe from launching, but if I create a simple powershell script to keep trying to open the executable it would finally launch and stay open.

I could then connect and I was able to remotely control the system(as teamviewer is designed.) Of course my CPU was pegged but I was able to keep the session open while my script was running.

I am running Windows 7 Pro, 4 core CPU, 8GB of RAM Symantec management agent 7.5.33

To recreate this vulnerability, block your executable then run the following simple Powershell script on a client. In this case my team wanted to block teamviewer so that is what I tested..

 $n = 1
 Do {
 Start-Process -filepath
 "C:\Users\<username>\Downloads\TeamViewerPortable\Teamviewer.exe"
 } While ($n -le 199999999)

Jeep Wrangler Rubicon Hard Rock Splash Guard Install Tips

foto_no_exif

My wife bought a Rubicon Hard Rock, which has some pretty aggressive tires and tends to throw dirt and rocks up onto the body. I ordered the Mopar splash guards/mudflaps (part 82210232 and 82210233) for her, which are designed regular wrangler bumpers. The Hard Rock has some special steel bumpers that are different. The front splash guards fit fine, but the rear fit is a little off.

I’ve seen pictures on forums of the splash guards being attached right to the bumpers like the normal Wranglers, but I mounted mine a little different. I put them as high as I could in the wheel well which to me seems like a better fit. I’ve attached some images on how I’ve mounted them. I did not have to purchase any additional hardware, what is supplied in the kit works fine. I was also able to complete the install without removing the wheels.

 

 

ESXi 5.5 crashing – Windows Guest won’t load – A simple reminder.

Over the past few days some new guests on my whitebox vmhost (which has been running for almost a year now) started behaving badly! Symptoms listed below, and I’m sure there are were more.  There wasn’t really any pattern to the crashing, it was very random. Things went awry after I added my ninth guest and the host peaked into the 14-16GB of RAM range. My existing guests running PRTG, Zoneminder, VPN and NGINX all were fine… all were stable. Just a few new Windows guests I have been using for testing were crashing. I couldn’t even reinstall windows without a BSOD while loading.

  • VMware ESX unrecoverable error: (vcpu-0)
  • MONITOR PANIC: Unable to decompress PPN from swap slot for VM
  • loading windows starting and crashing Msrpc.sys
  • Windows MMC’s not loading, crashing

I ran memtest86+ on the full 32 gigs with no failures (with only one pass, probably not a good idea) and figured it couldn’t be RAM.

Googling took me down some rabbit holes unloading custom NIC drivers I’ve added. Almost ready to reinstall ESXi. But the issue still persisted.  Finally decided to run memtest  actually in the VM that was having troubles. Errors within seconds. I pulled half the RAM, ran it again… no issues. Looks like it’s bad RAM. RMA time.

So an issue I’ve seen many times back in my Geek Squad days in college- got me. A reminder, even in 2016, don’t rule out bad memory so quick, it would have saved me a few hours tonight.

And finally, the purple screen!

foto_no_exif (3)

bad memory, right?

35 Remington plinking loads

I’ve been looking for a cheaper way to shoot 35 Remington. The full 200gr loads are heavy recoiling and expensive, not so fun to shoot all day.

Experimenting with quickload I’ve found a good load that I like. 158gr Rocky Mountain Reloading 357 projectile over 7.3gr of HP-38(or Win231.) In a time where you can’t find really any 35 Rem ammo, a load comes out to be well under $0.25 per round is awesome for the range. This should give about 1200 FPS at the muzzle and a max PSI of 12000(so use at your own risk, think squibs)

I will get a target posted and group sizes next time out at the range.

fr_1710_size880

(top)158gr RMR 357 bullet (below) 200gr standard softpoint

fr_1711_size880

Yes the OAL is short, but seems to feed just fine.