For debugging purposes, we would like to configure our pool of load balanced web servers to output an HTTP header identifying the "true" server which served the request. However, we don't know what header name this should be! Is there any pre-existing header for this? Do you have a favorite?
I have a simple question for you, well, at least, much simpler than "How do I clean up a compromised user account?" The question is: "How do I disable a compromised user account?" There are some obvious things to do:
- Disable logins for the user (we've done this by changing their home directory to /disabled/home/user)
- Disable the users Apache websites (once again, but replacing with bogus paths.)
- Killing off all the users processes using
pkill -9 -u username - Checking they have no spooled cronjobs
So, if their processes mysteriously come back after doing these things, what did we miss?
We've been attempting to debug load programs on our servers, and along the way we've been looking at some graphs, like this one:
(The white spaces are when the server got so hosed we couldn't collect Munin stats.) I was curious to know why committed memory persistently drops down at approximately 4AM every night. Is there something obvious I'm missing? It's not like we reboot all of our user applications during that time...
Extra. This server is a shared web host. We handle about two thousand active users, and offer them CGI, FastCGI, SSH in any language they could possibly want. This server is running Fedora 13, and part of an active cluster of five servers. We use the networked filesystem AFS. We support cron but no user cronjobs run from this server (we give those to a different server.)
There are a lot of homebrew SSH servers (some free, some paid) out there, but I’ve always stuck to Cygwin’s port of OpenSSH because:
Despite all of its strange properties, I am familiar with Cygwin, and more likely to know how to debug it when things go wrong, and
It gives me only a slightly braindead shell (i.e. not cmd.exe) to work in.
This was the state of affairs several years ago, when I quit using Windows for Linux. Well, I’m back now, and some things have changed:
Cygwin is still braindead. In a variety of colorful ways.
MinGW’s msys utilities are feature complete enough to give a reasonable environment for a developer interested in doing native Windows development in a Unixy skin. However, it still doesn’t come with an SSH server.
Microsoft has included Interix (also known as Subsystem for Unix-based Applications) in recent versions of Windows.
I've been using MinGW to do most of my native Windows development these days, and I am quite happy to report that it is here to stay. However, the lack of an SSH server had been killing me, and most of the other options seemed insufficiently compelling for me to stop using Cygwin’s OpenSSH (which also happens to give me a ton of other useful packages which will do the Right Thing™ as long as I’m not compiling C.)
But SUA is possibly the thing that will let me ditch Cygwin forever! In particular, the SUA community appears to have a version of OpenSSH server. So my question, does it actually work, and is it sufficiently on track to become the de facto SSH implementation (much like Remote Desktop Services became the de facto remoting application for enterprise Windows) that it is worth switching to?