Mediumcube.com Blog Information about technologies at Mediumcube and our services

October 28, 2017

How to upgrade Amazon EC2 Windows Network Port from 100Mbps to 1Gbps

Filed under: General — admin @ 1:44 pm

Problem:

Old Amazon EC2 instances may be running outdated network drivers on Windows. To check:

  • Open Device Manager -> Network Adapters.
  • If you see the Network Adapter name as RedHat PV , then you are running an outdated version of the network driver and must upgrade to take full advantage of performance enhancements on EC2

Solution:

  1. Take an Image, Snapshot or Backup of your instance
  2. Install the Latest EC2Config service from:
    http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/UsingConfig_Install.html
    (Direct Link: https://s3.amazonaws.com/ec2-downloads-windows/EC2Config/EC2Install.zip)
  3. After upgrading EC2Config, proceed to upgrade the network drivers from:
    http://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/Upgrading_PV_drivers.html (It is OS Dependent)
  4. Few restarts in between, accept the prompts and you should have an upgraded driver.

Caution:

Always take backup before performing maintenance on your servers

November 25, 2016

It is important how to position your computer

Filed under: General — admin @ 3:55 pm

It is interesting to observe how electronic devices malfunction when they are not placed in their correct position.

I recall my kids using the Nintendo Wii at one time, they placed the unit upside down. This caused disk read errors with DVD games.

Recently, we encountered a situation with a client of ours where their Dell Alienware X51 computer was suddenly shutting down. Remotely examining logs and diagnostics indicate there is an overheat issue. CPU Temp was around 60 C.

When we went onsite to repair the unit, we found the unit was placed upside down (In other words, the Processor/CPU Heatsink and Fan which helps dissipate heat is now placed upside down). Doing a cleanup and re-positioning the computer to the right side fixed the problem!

How to tell if your computer/PC is positioning properly and well ventilated ? Three ways:

  1. Make sure there is no obstruction on the back or the front end of the unit since the fans will absorb air from the front-end and dispose of it from the rear of the PC
  2. Do not block computer vents, they are important to keep a system running optimally
  3. Look at the back of the computer, the side with many ports and connectors should be placed Down on the surface, or the computer should be standing up. As in the picture below:

http://www.bleepstatic.com/tutorials/computer-primer/back-case.jpg

 

 

The left side in this picture of the rear of the computer should be placed down on the desk.

This will ensure the CPU Heatsink/Fan are pointing up

 

 

 

Picture courtesy of BleepingComputer.com

So check your electronic and electrical devices. Make sure they are pointed in the right direction. Electronic devices often generate heat and use fans or heat-sinks to reduce the effect of heat on electronic components.

December 16, 2015

CentOS and EFI on Supermicro servers

Filed under: General — admin @ 1:59 pm

 

UPDATED 2016-08-14: We found the source of the issue to be a bug in Supermicro BIOS C-State. This discussion explains more: Serverfault BSOD Hyper-V VM. Supermicro as of today hasn’t released a BIOS update even though they’ve confirmed the problem.

To summarize, the solution is in the Advanced Power Management of the BIOS, set the BIOS power management to the following:

Advanced Power Management Configuration

CPU P State Control:

EIST(P-States) – [Enable]
Turbo Mode – [Enable]
P-state Coordination – [HW_ALL]

CPU P State Control

CPU C State Control:

Package C State Limit – [C2 state]
CPU C3 Report – [Disable]
CPU C6 Report – [Disable]
Enhanced Halt State (C1E) – [Disable]

CPU C State Control

Original Post:

We just added new supermicro servers based on the new motherbaord X10DRT-PT and SYS-2028TP Servers , started testing it out, doing what we all techies do, try to make it work!

To our surprise, when we tried to install CentOS 7 or 6.7 x64 on the server, it failed with constant reboot problem when CentOS setup loads.

Well, a brand new system, what could be wrong? Pulled up MemTest86+ and the RAM checked out OK. Perhaps Disk issue?  Tried different disks and all is ok.

The only thing left is BIOS issue. Sure enough, it turned out that for a strange reason CentOS does not play well with some of the “Energy Efficiency” options in the BIOS CPU Menu.

Once we’ve disabled the energy efficiency options, the system ran like a rabbit in a field! Moral of the story, check the BIOS for ACPI or energy options that may hinder performance or even cause issues.

In fact, often times we do disable power-saving options because we believe they cause more trouble than desired.

August 16, 2015

What can you find out from a phone photo

Filed under: General — admin @ 12:08 am

We just came across this site http://regex.info/exif.cgi, and while we’ve known for a while that information can be stored in photos, we couldn’t imagine how much information can be found from a simple phone taken photo. Find out for yourself the amount of data that can be discovered from your own photos!

June 25, 2015

Shrinking EBS volume on Amazon AWS for Windows

Filed under: General — admin @ 11:21 am

We thought to write this little how-to guide since there appears to be many ideas on how to shrink AWS EC2 EBS volume for Linux but none discuss the Windows OS.

Scenario: You got an important instance that is using large amount of SSD or IO intensive disk on Amazon EC2 and you’d like to shrink the space used on these disks to save on costs.

Solution: To shrink or even completely change a root volume from SSD/IO based to Magnetic disk in few short steps:

a) In Windows, go to the Disk Management section and shrink the existing volume size (You can only shrink C:\ drive if it is the only volume on the Disk)

b) Create a new EBS volume using your preferred size and type, then attach this volume to the EC2 instance to be replaced. Then go into Windows Disk Management and bring online the new volume, then initialize it as MBR

c) Download/Acquire Macrium Reflect Server Edition , install it on the Windows server that needs to changed.

d) Start Macrium Reflect Server and clone your already shrunk C:\ volume to the new EBS disk you’ve attached (note, the new disk must contain as much  space or more than the C:\ volume TOTAL size) – Pay attention to clone the C:\ volume and the System Partition before it. Do not clone the unused space.

e) Once clone is completed successfully. Shutdown the instance, detach both EBS volumes from the instance. Then re-attach the new smaller volume to the instance as: /dev/sda1

Turn the Windows instance back on and verify connectivity. If all was done properly, your instance will come online with the new smaller sized volume.

Happy Amazoning!

March 13, 2015

How to setup Big Blue Button Conference System on Hyper-V

Filed under: General — admin @ 9:10 pm

So we were tasked with providing a demo for BBB (BigBlueButton) , a free open-source extensively featured conference and training system. However, we are a Hyper-V house, and although we don’t mind working with VMWare or Amazon EC2, we like to work with Hyper-V!

BBB had only VMWare Ubuntu 10.0.4 based image. So we decided to try this on Hyper-V. The following are step by step on how to get your BBB 0.81 running Ubuntu 10.0.4 to work on Hyper-V using Static IP and Public Network:

Steps:

1. Download the image from: https://code.google.com/p/bigbluebutton/wiki/BigBlueButtonVM

2. Convert .vmdk to .vhd or .vhd (then later to .vhdx for HV2012 using a free tool from the nice people at Star Wind Software: https://www.starwindsoftware.com/converter

3. Create a Hyper-V Machine with standard hard disk and legacy network card attached to your Public Network

4. Attach the .vhd disk to the VM machine, and turn on the VM instance

5. The VM will start slow and go through many errors. At the end it will ask you to login. Use the following login info:

user-id: firstuser

password: default

You’ll be prompted to change your password immediately after first login. To bypass having to enter ‘sudo’ before each line, type: sudo su – , you’ll be prompted for root password which you can change using: sudo passwd root

6. Once logged-in, establish a network connection by modifying your network adapter. To list your network adapter, type the command: sudo ifconfig -a , this should list something like eth0 or eth1 as network adapter.

Next, edit the file that matches your network adapter inside: /etc/network/interfaces/  , you need to use vi as that is the only installed editor  in the bigbluebutton machine.  Edit the file to look similar to this (but change the IPs to match your network public IP addresses):

=========
auto eth1
iface eth1 inet static
address 192.168.217.131
netmask 255.255.255.0
network 192.168.217.1
broadcast 192.168.217.255
gateway 192.168.217.1
dns-nameservers 8.8.8.8
==========

Then restart the network stack using the command: 
      sudo restart network-manager  , then run a quick ping test to make sure net is up


7. Now begins the work of upgrading the server to a version that supports Hyper-V Integration tools.
In here we will upgrade to version 12.04, so type the following:


sudo apt-get install update-manager-core

sudo apt-get update && sudo apt-get upgrade & sudo apt-get autoremove

sudo do-release-upgrade

Follow the prompts and continue the upgrade. Restart the server afterwards to complete the upgrade
process.

8. Once logged back into the machine and the upgrade completed, you can verify your Ubuntu version
by typing: cat /etc/*-rel*

9. Begin installing BBB libraries by running these commands:

    sudo apt-get update
    sudo apt-get upgrade
    sudo apt-get install bigbluebutton

10. This should complete the install. Check that all necessary services are running using:

sudo bbb-conf --check
Sometimes the Red5 service fails to start and that is mainly because the $JAVA_HOME variable is not defined
inside /etc/environment. Another thing to check is /etc/init.d/red5 file as the Java Home path might be
hardcoded and therefore you need to make sure your existing Java folder matches the one in red5 file.

April 10, 2014

OpenSSL Heartbleed Assessment

Filed under: General — admin @ 12:03 pm

The vulnerability of OpenSSL is real and serious. Remote attackers, requiring no authentication can retrieve data in the memory of the system. This would include SSL certificates, usernames and other information.

We have exmained our systems and determined we are not running the vulnerable version of OpenSSL. Therefore, your data is secure and no further action is required at this time.

For clients of our management service, we’ve complete our evaluation and udpated you on any action that was taken to correct the problem.

Please feel free to contact our support for any questions or inquiries.

February 17, 2014

Securing web application using .htaccess file

Filed under: General — admin @ 5:17 pm

Open source web applications alike WordPress, Moodle, DruPal and others are commonly used to power websites. This makes them an attractive target for hackers. Thus, many vulnerabilities are exploited on these applications. It is important for website owners to keep their web application platform up to date to protect against these attacks.

However, it is not always possible to upgrade to the latest version of a software. Many times, due to web developer schedule, plugin incompatibilities the upgrades do not occur.

Here are few scripts that can be added to .htaccess file of a web application to help minimize the ability for hackers to exploit your system. These rewrites are no guarantee that an application will be secure. However, in the world of online security, nothing is secure but rather how difficult it is to break through.

The below blocks SQL injection attacks or DB manipulation:
RewriteEngine On
RewriteCond %{QUERY_STRING}    ^.*(;|<|>|’|”|\)|%0A|%0D|%22|%27|%3C|%3E|%00).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC]
RewriteRule .* – [F]

The one below blocks multitude of request methods from files within the same directory, it is more comprehensive than the one above and may lead to false-positives:

RewriteEngine On

Options +SymLinksIfOwnerMatch
ServerSignature Off

RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC,OR]
RewriteCond %{THE_REQUEST} ^.*(\\r|\\n|%0A|%0D).* [NC,OR]

RewriteCond %{HTTP_REFERER} ^(.*)(<|>|’|%0A|%0D|%27|%3C|%3E|).* [NC,OR]
RewriteCond %{HTTP_COOKIE} ^.*(<|>|’|%0A|%0D|%27|%3C|%3E|).* [NC,OR]
RewriteCond %{REQUEST_URI} ^/(,|;|:|<|>|”>|”<|/|\\\.\.\\).{0,9999}.* [NC,OR]

RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
RewriteCond %{HTTP_USER_AGENT} ^(java|curl|wget).* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*(winhttp|HTTrack|clshttp|archiver|loader|email|harvest|extract|grab|miner).* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*(libwww-perl|curl|wget|python|nikto|scan).* [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^.*(<|>|’|%0A|%0D|%27|%3C|%3E|).* [NC,OR]

RewriteCond %{QUERY_STRING} ^.*(;|<|>|’|”|\)|%0A|%0D|%22|%27|%3C|%3E|).*(/\*|union|select|insert|cast|set|declare|drop|update|md5|benchmark).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(localhost|loopback|127\.0\.0\.1).* [NC,OR]
#RewriteCond %{QUERY_STRING} ^.*\.[A-Za-z0-9].* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(<|>|’|%0A|%0D|%27|%3C|%3E|).* [NC]

RewriteRule ^(.*)$ index.php

Last, are few lines you can add to .htaccess for folders that no scripts should run from it. This will prevent the attacker from running a script file from the folder if one was uploaded through an exploit (like blocks .php or .aspx files from running). In the below example, only xml, css, ico, txt, jpg, jpeg, png, gif, js, pdf files are allowed. You can add other extensions like xls?x doc?x:

Order deny,allow
Deny from all
<Files ~ “.(xml|css|ico|txt|jpe?g|png|gif|js|pdf)$”>
Allow from all
</Files>

Using a host that provides web application IPS like mod_security can be very helpful in eliminating problems with script injection attacks

January 10, 2014

Happy MMXIV Year!

Filed under: General — admin @ 10:43 am

We wish everyone from our team the best success in this year.

July 5, 2013

How to rename MSSQL database MDF and LDF files

Filed under: Technical — admin @ 12:31 pm

This is a step by step tutorial on how to change the MS SQL databse file names (file.mdf and file.ldf) or their location. The items in red need to be replaced with the names used in your database. This has been tested on SQL 2005/2008/2012.

The method will work for renaming the whole DB, its files and logical units  or you can use Steps 3-6 only to change the location of the .mdf and .ldf files:

1) Rename the actual database MYDB ==> MYDBold in the SSMS (SQL Studio Manager) (This is only necessary if you want to rename the actual DB as well)

2) Open Query window for the MYDBold and Change the logical names in the DB. These names can be found from right clicking on the DB -> Properties -> Files tab:
ALTER DATABASE MYDBold MODIFY FILE (NAME = MYDB_data, NEWNAME = MYDBold_data);
ALTER DATABASE MYDBold MODIFY FILE (NAME = MYDB_log, NEWNAME = MYDBold_log);

3) Alter files for DB, changing to the new .mdf and .ldf file location:
GO
ALTER DATABASE MYDBold MODIFY FILE (NAME =MYDB_Data, FILENAME = ‘D:\SQL_Data\MYDBold.mdf‘)

GO

ALTER DATABASE MYDBold MODIFY FILE (NAME = MYDBold_log, FILENAME =’D:\SQL_Data\MYDBold.ldf‘)

GO

4) Take the DB offline in SSMS (Right click on the DB -> Tasks -> Take Offline). (If DB takes very long to go offline, you can try to Detach with Drop/Update checked). This will allow the DB to go offline.

5) Change the actual physical file names on the hard drive

6) Bring the DB back online, and whola! Your DB is now attached to the new storage device

Older Posts »

Powered by WordPress