Yet another performance ticket

[Ron]

Yet another ticket I have to open as my server's official monitoring script.

For three hours the server has been slooooooow with 0 idle time. How can the monitoring system not catch this stuff?

I wonder how quickly I could write a script that catches persistent near 0 idle time and/or customer scripts with huge amounts of CPU time and reports the server.

Ticket # 13455184

[the_ancient]

It will probally be back to normal before support views the ticket and then they will just respond with "everything is ok"

[JPC-Catalin]

Hello,

The account in question has been disabled. It was hacked due to outdated scripts. We will try to scan the entire server for vulnerable scripts. Despite that the server was slow the load was pretty low. We are currently installing a better monitoring system so the alerts will be properly handled. Hope in maximum two weeks all the servers will use it. Due to various operating systems that we have, we will need to recompile the script and deploy it on each server.

Thank you for cooperation and understanding.

[Ron]

So this server is getting hacked every three days now.

Houston, we have a problem.

[JPC-Catalin]

The hackers or the "script kiddies" like I love to call them, don't gain root level access but as you can see they can slow down the server. Most of the accounts on this server are quite old and most of the customer don't keep the scripts up to date, especially joomla and wordpress installations which are a pain nowadays. Everyday are released at least 3 new vulnerabilities, either on the core of the script or on the modules that each of them are using. Trying to keep up with these is almost impossible. Probably we will create a script that scans each server for outdated versions of these software and email the clients to update them. Hopefully the number of hacked accounts will decrease.

[JPC-Sabrina]

"script kiddies"

I adore this term, Catalin. May I adopt it?

[Ron]

I look forward to the installation of a script that can catch poor server performance, 0 idle time, runaway customer processes and other things that should have been caught many years ago. I won't be on a shared server by then, but woo hoo.

Script kiddie - Wikipedia, the free encyclopedia

[the_ancient]

Script Kiddes are not Hackers....

Hackers create the scripts that the script kiddie run...

Calling a Script Kidde a hacker is like calling somone who only installs wordpress a "developer"

[Spathiphyllum]

And to keep the meme alive:

Script Kiddies != Hackers

Script Kiddies == Crackers

Crackers ≈ Illegitimate coders with generally malicious intent or a salty and crisped-bread wafer

Hackers ≈ Legitimate coders capable of kludging myriad code making the unworkable work

Crackers == Refuse of the coding world

Hackers == Duct Tape of the coding world

Hackers >> Crackers

Above↑ == $0.02

[Ron]

Are you saying the server wasn't hacked, it was cracked?

[Spathiphyllum]

Are you saying the server wasn't hacked, it was cracked?

In a word, yes I do. But then again I suck at math. Hopefully, Jaguar has some Duct Tape.

[Ron]

I couldn't decide on my reply...

No wooonder my visitors are all leaking out. Now I understand.

or

No wooonder all those spam emails are leaking out. Now I understand.

[Vin DSL]

I adore this term, Catalin. May I adopt it?

Sorry, I adopted it already, but...

You may have weekend and winter holiday visitation privileges, if you like.

[Vin DSL]

In a word, yes I do. But then again I suck at math.

Yeah, no kidding!

That's three words...

[Vin DSL]

Joomla and wordpress installations [...] are a pain nowadays. Everyday are released at least 3 new vulnerabilities, either on the core of the script or on the modules that each of them are using. Trying to keep up with these is almost impossible.

Thanks, for the reminder!

Just upgraded WP to 3.2.1 - dumped Joomla some months ago.