Category Archives: Tech

Synology NAS in Fireproof Safe – UPDATE

This is a very non-scientific method!! Take this anecdote for what it’s worth, but here is an update to my original post about the Synology box in my fireproof safe.  Notes: safe has been opened at least every few days, the AC is running at times in my home, the windows open others. So just my observations, not a bulletproof study by all means.

I have been running the Synology two bay disk station in my Liberty safe for about 6 months now. Here in Michigan we are into the summer warmer months. I’ve included two charts of the internal disk temp and the temp inside my home for the past 60 days. The safe seems to be large enough to circulate the air and keep the temp within normal spec. I’m confident enough to keep this setup running as is year round as the NAS hardware and drives seem to be just fine.

Disk Sensor (this disk usually tends to run a degree warmer)

Home temp sensor from the Accurite weather station

Synology NAS in safe

I recently added a small Synology DS216j NAS to my home network. This gives me some more options for my VMware server and general storage for backup. I configured the Synology box with a RAID1 mirror of two 3TB Seagate Ironwolf drives.

I own a safe that has power, ethernet and USB pass through. I wanted to the NAS inside the safe, but my concern was airflow and temperature. I’ve read some forums telling me this was a terrible idea, but no real world data. From what I’ve researched my safe lets some air in/out around the door until it’s in a fire where in that time the door seal would expand. The safe is roughly 60x30x26″- just over 31 cubic feet, which I hope is enough to keep the temperature down. I may open the safe once every couple days, but generally the door is closed.

I’m about three weeks in with this setup and performance has been great, temperature does not seem to be a concern. I have a full Zoneminder VM running off a NFS share and my Macbook using this as a time machine vault.  I’ve included some graphs from PRTG monitoring the temperature. Drives have been hovering around 30C (86F). I keep my home around 22C (71F) right now in mid winter. I will try to update this post in the summer to see if there is any impact.

Internal Temp Monitor – Constant 40 degrees Celsius

cable management could be a little nicer

Acurite Weather Station Monitoring PRTG

My weather station uploads to wunderground but I wanted a way to collect historical stats and monitor my indoor temp remotely. Since I already have PRTG running in a virtual machine, this is a good solution for me.

foto_no_exif

My Weather Station AcuRite 5 – in – 1 Color Weather Station – $80 from Costco

First you’ll need the Acurite software and hardware USB interface to start outputting a CSV to your PRTG host.

2016-10-20_0920

Acurite software config

2016-10-20_0826

Sample Output

Save the following powershell file into your PRTG Custom Sensors\EXEXML directory. Edit the first line to the path of your acurite CSV. Then open PRTG and add a new sensor with type of EXEXML, selecting the scrip  you just saved.

Essentially the script just parses the CSV, sets labels and limits. The CSV file will eventually grow very large, I’ll deal with that then. In my case I had to setup another script to transfer to the CSV to my PRTG box, but you can figure that out. I’m sure there are more efficient ways to do this, but it works well for my case.

$myFileName = "e:\temp\acuriteweather.CSV" 

# Get last one row of file into variable 
$lastDataRow = (Get-Content $myFileName)[-1]

#parse data
$dataArray = $lastDataRow.Split(",") 
$dataArray = $dataArray -replace '"', ""

$Timestamp = $dataArray[0] 
$OutdoorTemperature = $dataArray[1]
$OutdoorHumidity = $dataArray[2]
$DewPoint = $dataArray[3]
$HeatIndex = $dataArray[4]
$WindChill = $dataArray[5]
$BarometricPressure = [math]::Round($dataArray[6],2)
$Rain = $dataArray[7]
$WindSpeed = [math]::Round($dataArray[8],2)
$WindAverage = [math]::Round($dataArray[9],2)
$PeakWind = [math]::Round($dataArray[10],2)
$WindDirection = $dataArray[11]
$IndoorTemperature = $dataArray[12]
$IndoorHumidity = $dataArray[13]

#rainfall fix, resets counter every night at midnight
$yesterday = (Get-Date).AddDays(-1).ToString('MM/dd/yyyy')
$yesterday = $yesterday + " 11:48:00 PM"
$dayinput = Select-String -Path $myFileName -Pattern "$yesterday" | select line
$yesterdaysrainfall = $dayinput -split ','
$yesterdaysrainfall = $yesterdaysrainfall[7] -split '"'
$yesterdaysrainfall = [double]$yesterdaysrainfall[1]
$todaysrain = [math]::Round($rain -$yesterdaysrainfall,2)
write-host "<prtg>"
write-host "<result>"
write-host "<channel>Outdoor Temp</channel>"
write-host "<customUnit>F</customUnit>"
write-host "<float>1</float>"
write-host "<LimitMode>1</LimitMode>"
write-host "<LimitMaxWarning>95</LimitMaxWarning>"
write-host "<LimitMaxError>105</LimitMaxError>"
write-host "<LimitMinWarning>10</LimitMinWarning>"
write-host "<LimitMinError>0</LimitMinError>"
write-host "<LimitWarningMsg>Ourdoor Temp Warning</LimitWarningMsg>"
write-host "<LimitErrorMsg>Ourdoor Temp Error</LimitErrorMsg>"
write-host "<value>$OutdoorTemperature</value>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Outdoor Humidity</channel>"
write-host "<customUnit>%</customUnit>"
write-host "<value>$OutdoorHumidity</value>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Outdoor Dewpoint</channel>"
write-host "<value>$DewPoint</value>"
write-host "<customUnit>F</customUnit>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Outdoor Heat Index</channel>"
write-host "<value>$HeatIndex</value>"
write-host "<customUnit>F</customUnit>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Outdoor Wind Chill</channel>"
write-host "<value>$WindChill</value>"
write-host "<customUnit>F</customUnit>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Outdoor Barometric Pressure</channel>"
write-host "<float>1</float>"
write-host "<DecimalMode>2</DecimalMode>"
write-host "<value>$BarometricPressure</value>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Rain</channel>"
write-host "<customUnit>inches</customUnit>"
write-host "<float>1</float>"
write-host "<value>$todaysrain</value>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Wind Speed</channel>"
write-host "<customUnit>mph</customUnit>"
write-host "<float>1</float>"
write-host "<LimitMaxWarning>20</LimitMaxWarning>"
write-host "<LimitMaxError>30</LimitMaxError>"
write-host "<LimitWarningMsg>Wind Warning</LimitWarningMsg>"
write-host "<LimitErrorMsg>Wind very high</LimitErrorMsg>"
write-host "<value>$WindSpeed</value>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Wind Speed Average</channel>"
write-host "<float>1</float>"
write-host "<customUnit>mph</customUnit>"
write-host "<DecimalMode>2</DecimalMode>"
write-host "<LimitMaxWarning>20</LimitMaxWarning>"
write-host "<LimitMaxError>30</LimitMaxError>"
write-host "<LimitWarningMsg>Wind Warning</LimitWarningMsg>"
write-host "<LimitErrorMsg>Wind very high</LimitErrorMsg>"
write-host "<value>$WindAverage</value>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Peak Speed Wind</channel>"
write-host "<float>1</float>"
write-host "<DecimalMode>2</DecimalMode>"
write-host "<customUnit>mph</customUnit>"
write-host "<value>$PeakWind</value>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Wind Direction</channel>"
write-host "<float>1</float>"
write-host "<customUnit>degrees</customUnit>"
write-host "<DecimalMode>2</DecimalMode>"
write-host "<value>$WindDirection</value>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Indoor Temperature</channel>"
write-host "<float>1</float>"
write-host "<value>$IndoorTemperature</value>"
write-host "<customUnit>F</customUnit>"
write-host "<LimitMode>1</LimitMode>"
write-host "<LimitMaxWarning>81</LimitMaxWarning>"
write-host "<LimitMaxError>85</LimitMaxError>"
write-host "<LimitMinWarning>65</LimitMinWarning>"
write-host "<LimitMinError>62</LimitMinError>"
write-host "<LimitWarningMsg>Indoor Temp Warning</LimitWarningMsg>"
write-host "<LimitErrorMsg>Indoor Temp Error</LimitErrorMsg>"
write-host "</result>"

write-host "<result>"
write-host "<channel>Indoor Humidity</channel>"
write-host "<value>$IndoorHumidity</value>"
write-host "<customUnit>%</customUnit>"
write-host "<LimitMode>1</LimitMode>"
write-host "<LimitMaxWarning>90</LimitMaxWarning>"
write-host "<LimitMaxError>95</LimitMaxError>"
write-host "<LimitMinWarning>30</LimitMinWarning>"
write-host "<LimitMinError>35</LimitMinError>"
write-host "<LimitWarningMsg>Indoor Humidity Warning</LimitWarningMsg>"
write-host "<LimitErrorMsg>Indoor Humidity Error</LimitErrorMsg>"
write-host "</result>"
write-host "</prtg>"

Monitoring WordPress Micro EC2 AWS instance with PRTG

Postinger.com runs on a micro EC2 instance from amazon. Occasionally the database uses too much CPU, memory or iops and crashes. I’m sure I should be running on a instance with more resources. I’ve adjusted swap, memory usage and threads apache uses but still occasionally the database crashes.

Screen Shot 2016-05-01 at 7.51.13 AM

this is the error

“Error establishing a database connection”

I have a PRTG instance running at home monitoring my internal network. I know PRTG has the ability to check for a word from an external webpage. So here is the solution.

Add an HTTP Advanced Web Sensor, checking for a word that will appear on your wordpress page(the word “WordPress” is a good choice for this)

2016-05-01_1133

Install the puTTY msi on your prtg server(or copy puTTY and plink.exe to it.

In your Path to your PRTG install’s notification\exe directory (E:\PRTG Network Monitor\Notifications\EXE) Add a batch file with the following line:

echo yes | plink -ssh [email protected] -i e:\path\to\key.ppk sudo shutdown -r now
#echo yes, answers the prompt to trust the signature, the key is generated via PuTTYgen

Add a notification to execute a program, select the batch file you saved in the above referenced path.

2016-05-01_1136

Add a state trigger referencing your notification and set the appropriate timing.

2016-05-01_1139

That should do it. My batch file restarts the whole instance which for me is fine, but you may want to tweak the batch file only to restart the database or whatever else you see fit.

CVE-2016-2202 – Symantec Management Agent Inventory Solution 7.5 Application Blacklisting

Updated on April 7, 2016. Symantec has now acknowledged and provided a fix for this problem. Symantec reference here and the provided fix here.

Symantec was notified of this issue on March 7, 2016.

My endpoint team was testing blocking executables using SMC/SMA/Altiris/Inventory Solution (under many names) I found that if I keep opening the exe I could essentially brute force successfully launching the application that had its executable blocked. It appears that the first exe would run and not be closed by the Altiris agent.

We were looking to prevent teamviewer(remote software) from running. They were able to prevent the exe from launching, but if I create a simple powershell script to keep trying to open the executable it would finally launch and stay open.

I could then connect and I was able to remotely control the system(as teamviewer is designed.) Of course my CPU was pegged but I was able to keep the session open while my script was running.

I am running Windows 7 Pro, 4 core CPU, 8GB of RAM Symantec management agent 7.5.33

To recreate this vulnerability, block your executable then run the following simple Powershell script on a client. In this case my team wanted to block teamviewer so that is what I tested..

 $n = 1
 Do {
 Start-Process -filepath
 "C:\Users\<username>\Downloads\TeamViewerPortable\Teamviewer.exe"
 } While ($n -le 199999999)