As you can see, I haven't posted here since May, and it's a PR3?

Well, I suppose I'm going to have to put this blog on my list of one's to keep track of..........I just can't delete a PR3 site!

I updated my technorati account today, and the clue of this blogs identity showed up, the thumbnail of my other blog when it was confirmed by Technorati, was the wordpress default blue header, not the pretty purple header, which made me think of this blog.

I must be going crazy.........or crazier.....

I'm starting to become disenchanted with the Squidoo platform, that I have 93 one page websites on, and 7 group websites. Organization used to be one of my strong abilities.......not anymore, since experiencing a nervous breakdown, clinical depression, and menopause.

I've been busy trying to organize a type of move.....of my original articles (and income producing products) from squidoo to my own .coms. I realize I've got to start at the beginning if I want to have them popular, so I'm hosting them, with the wordpress platform (ha-ha, since I thought I was getting good at it!). Anyway, I've been doing a lot of reading, and now know that I've set up my active blogs wrong (this one, and the one with the same name, but .com). I've got the categories all messed up mainly, besides other less important mistakes.

Duh.......nothing like dropping my ass in there with a sink or swim option. I've got the start of 4 other domains with 9 subdomains, and 15 other subdomains to create. I'd better get this wordpress platform conquered before I get too deep, or I'll just get frustrated and drop it all.

Most if not all of the names in question show a registration date between 25th July 2001 to 27th August 2001, usually have a status marked "HOLD" and "TRANSFER PROHIBITED".  Any many of these names have the Registrant Name marked as "Afilias Lt / Sunrise Pending Reallocation"

From the PIR.org .org press release

"This is a significant milestone for .ORG, as it has consistently grown 20% percent year over year since its management by Public Interest Registry," says Alexa Raad, CEO.  ".ORG continues to be the domain of choice for individuals and organizations who seek to brand their efforts under a globally trusted and respected address."

... his naym rimes with "gorge cantstandja"

this duznt meen that my diry of destrukshun is going to be mooving ennyware but if it ever duz then yoo wil alwayz be able to find it at dennisthevizsla.com altho if it duz moov yoo wil hav to updayt yore feed if yoo subscribe to it mmmmmmmm feed

well ennyway i dont no eksaktly why dada has givn me my own domayn naym but i hav it on gud awthority that wunse yoo hav a domayn yoo awtomatikly git rich so i am ekspekting the cash to start rolling in enny sekund now i wil be so happy not to hav to wait on those african bankers ennymore becuz they seem to be verry unreliabul ha ha ok bye

You need root access on the server, where you would like to install Nagios. Login as root.

Create a directory for downloads.

#mkdir -p /usr/src/backs/nagios
#cd /usr/src/backs/nagios

Download source of nagios and nagios-plugins at http://www.nagios.org/download/.

#wget http://keihanna.dl.sourceforge.net/sourceforge/nagios/nagios-1.2.tar.gz
#wget http://easynews.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.3.1.tar.gz

2) Compilation and installation of Nagios

Login as root and create a user, say "nagios"

#su
#adduser nagios
#passwd nagios
Changing password for user nagios.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

In some servers normal users may not have permission to use 'mail' inorder to send alerts.

usermod -G mail nagios  

Make a directory for working with the source code.

mkdir -p /usr/src/works/nagios
cd /usr/src/works/nagios/
tar -zxvf /usr/src/backs/nagios/nagios-1.2.tar.gz
cd nagios-1.2/
 ./configure
The default is fine for normal operation. for details see the file 'INSALL'.
./configure --prefix=prefix --with-cgiurl=cgiurl --with-htmurl=htmurl
--with-nagios-user=someuser --with-nagios-grp=somegroup
./configure
make all
make install
make install-init # Needed to add the service 'nagios'.
make install-commandmode
make install-config

Install the plugins

cd ../
tar -zxvf /usr/src/backs/nagios/nagios-plugins-1.3.1.tar.gz
cd nagios-plugins-1.3.1/
./configure
NOTE:- For mysql and postgresql plugins to work, their  libraries have
to be installed. so to avoid installing those we will use 'check_tcp'
Instead later with seperate port for mysql and postgresql.
make
make check
make install

Libraries will be installed in '/usr/local/nagios/libexec' position by the default installation. If there is no contents do the following.

 mkdir /usr/local/nagios/libexec
 mv /usr/lib/nagios/plugins/* /usr/local/nagios/libexec/
 ln -s /lib/libcrypto.so.0.9.7a /lib/libcrypto.so.4

3) Post install Configuration of Nagios

Edit apache's httpd.conf file. (the location of the httpd.conf file may differ)

vim /etc/httpd/conf/httpd.conf

Add the following line at the end of the file.

Include /etc/httpd/conf/nagios.conf

Create the file '/etc/httpd/conf/nagios.conf'.

vi /etc/httpd/conf/nagios.conf

Add the following contents to this file.

-------------------------------------------------
ScriptAlias /nagios/cgi-bin/ /usr/local/nagios/sbin/
    <Directory ?/usr/local/nagios/sbin/?>
        AllowOverride AuthConfig
        Options ExecCGI
        Allow from all
        Order allow,deny
    </Directory>

Alias /nagios/ /usr/local/nagios/share/
    <Directory ?/usr/local/nagios/share?>
        Options None
        AllowOverride AuthConfig
        Order allow,deny
        Allow from all
    </Directory>
--------------------------------------------------

Make sure the updations done with http is fine and restart apache.

#service httpd restart

Create '.htaccess' file in '/usr/local/nagios/share/' and '/usr/local/nagios/sbin/'.

#touch /usr/local/nagios/share/.htaccess
#touch /usr/local/nagios/sbin/.htaccess

Add the following contents to both these files.

AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
require valid-user

Create the username, password for logging into the Nagios interface.

htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
ls -l /usr/local/nagios/etc/htpasswd.users

Make it available for the user who runs httpd.

chmod o+r /usr/local/nagios/etc/htpasswd.users

Restart the httpd service.

service httpd restart

5)Advanced Nagios Configurations.

Rename the sample files to the real names.

cd /usr/local/nagios/etc/
for i in *sample ; do mv $i `echo "$i" |sed s/-sample//` ; done

Edit the main conf file, nagios.cfg. and change only these lines.

check_external_commands=1

Make these Cgi specific changes in cgi.cfg.

use_authentication=1
authorized_for_system_information=nagiosadmin
authorized_for_configuration_information=nagiosadmin
authorized_for_system_commands=nagiosadmin
authorized_for_all_services=nagiosadmin
authorized_for_all_hosts=nagiosadmin
authorized_for_all_service_commands=nagiosadmin
authorized_for_all_host_commands=nagiosadmin

Add servers that need to be monitored

Make the Host specific changes to the hosts.cfg.

 Generic host definition template
define host{
        name                            generic-host
        notifications_enabled          1
        event_handler_enabled          1
        flap_detection_enabled          1
        process_perf_data              1
        retain_status_information      1
        retain_nonstatus_information    1

        register                        0
        }

define host{
        use                    generic-host            ; Name of host
template to use

        host_name              <FQDN of server>
        alias                  <Any alias name for the host>
        address                <IP of server>
        check_command          check-host-alive
        max_check_attempts      10
        notification_interval  120
        notification_period    24x7
        notification_options    d,u,r
        }

Repeat for all the hosts we want to check.

Group them in hostgroups.cfg

define hostgroup{
        hostgroup_name  <Host group name>
        alias          <any alias name>
        contact_groups  <contact group name>
        members        <<host1>,<host2>,..>
}

Repeat for all the hosts groups.

Specify the services that need to be checked

Edit the details of all the services, we want checked by Nagios in services.cfg.

 Generic service definition template
define service{
        name                            generic-service
        active_checks_enabled          1
        passive_checks_enabled          1
        parallelize_check              1
        obsess_over_service            1
        check_freshness                0
        notifications_enabled          1
        event_handler_enabled          1
        flap_detection_enabled          1
        process_perf_data              1
        retain_status_information      1
        retain_nonstatus_information    1
        register                        0
        }

define service{
        use                            generic-service
        host_name                      <FQDN of server to check the service>
        service_description            <Service name>
        is_volatile                    0
        check_period                    24x7
        max_check_attempts              3
        normal_check_interval          3
        retry_check_interval            1
        contact_groups                  <contact group name for alerts
to send>
        notification_interval          120
        notification_period            24x7
        notification_options            w,u,c,r
        check_command                  <check command for the service>
        }

Repeat for each service on each host.

Specify Alert Contacts

In order to specify details of the contacts for alerts, we need to edit contacts.cfg.

 'nagios' contact definition
define contact{
        contact_name                    <contact name>
        alias                          <some nickname>
        service_notification_period    24x7
        host_notification_period        24x7
        service_notification_options    w,u,c,r
        host_notification_options      d,u,r
        service_notification_commands  notify-by-email,notify-by-epager
        host_notification_commands
host-notify-by-email,host-notify-by-epager
        email                          <email address of the contact>
        pager                          <pager or mobile no.(optional)>
        }

Repeat for all contacts.

Group the contacts

Edit contactgroups.cfg, in order to specify groups of contacts.

define contactgroup{
        contactgroup_name      <contact group name>
        alias                  <any nickname for the group>
        members                <members (comma seperated)>
        }

Repeat for all groups to include all contacts

Escelating with nagios

If you need to send selective alerts, for example when critical issues occur, simply configure the escalations.cfg file.

define serviceescalation{
        host_name                      <FQDN of the server>
        service_description            < name>
        first_notification              2
        last_notification              6
        contact_groups                  < groups (comma seperated)>
        notification_interval          0
        }

Repeat for all escalations Once again, check all the files, nagios.cfg cgi.cfg hosts.cfg hostgroups.cfg, services.cfg, contacts.cfg, contactgroups.cfg, escalations.cfg and checkcommands.cfg Restart httpd and then Nagios.

service httpd restart

Add Nagios to system services.

chkconfig --add nagios
service nagios restart

Check for any errors reported, and solve them one by one if any.
Enable nagios in runlevels, so that it starts on boot.

chkconfig nagios on

Create cron.daily entry if we want to restart the service daily. Here is the script.

vi etc/cron.daily/nagios-restart.cron
#!/bin/sh
/sbin/service nagios restart >/dev/null 2>&1

Make it executable

chmod +x etc/cron.daily/nagios-restart.cron

And finally, Check if nagios is working fine.!!!

http://NAGIOS-SERVER-NAME/nagios/index.html

Sales/Deals
blackfriday.me
cheapdeals.me
descuento.me ( discounts in spanish)
venta.me ( sale in Spanish)
offre.me ( offer in French)
Preis.me ( price in German)

Insurance/Banking
claims.me
hotstocks.me
homebroker.me

Travel/Hotel
thehotel.me
checkin.me
passenger.me
hotelsearch.me
travelsearch.me

Jobs
healthcarejobs.me
interviu.me (Interview in Spanish)

Casino
playpoker.me
bestcasino.me

Ads
netads.me
freeads.me

News
Financialnews.me
actualites.me ( news in french)

Money/Funding
youfund.me
peso.me ( Mexican Currency)
yuan.me ( Chinese Currency

English
onlinedictionary.me

Video/Online
onlinevideo.me
adultvideos.me
email-to.me

Geo/People
oklahomacity.me
norwegian.me
filipino.me
uzbek.me
argentine.me

Dating/Social
looking.me
relationships.me
socialnetwork.me

College/Student
estudiante.me ( student in spanish)
collegesearch.me
gradstudent.me

Movies/Music
newmovies.me
showtimes.me
mymusik.me

Sports
footballworld.me
Golfmaster.me

Personalities
handsome.me
intelligent.me
cancerian.me ( Zodiac)
stockguru.me
techguru.me

Other
blacklist.me
predictions.me
tasty.me
uncover.me
superpower.me
neuvo.me ( new in spanish)
convertible.me ( cars)
caveman.me ( Geico Caveman)

Portuguese
pesquisa.me ( search in portuguese)
esportes.me ( sports in portuguese)
publicidade.me

French
publicite.me
francais.me

I might be building some of these but yea, if I get very good offer I would like to sell.

Contact sbscheema@gmail.com

Domain name investing involves getting domain names that appear valuable, and waiting with the domain in hopes that someone will want to purchase it in the future. They may be newly registered by the investor or purchased off someone else in the AfterMarket. With a great domain name like business.com , fund.com or sex.com, this can yield huge returns. Business.com was sold for over $7 million, fund.com and sex.com for over $9million each.

When domain name investors buy a domain name, they often put up a webpage indicating that the domain is for sale. This becomes a sort of free advertising, whereby someone interested in that domain name will naturally check out the site to see if it is a competitor, or if the domain can be purchased.

But selling the domain is not the only way domain name investors make money. In addition to advertising that the domain is for sale, most domain investors park their domains with a domain sponsoring service. These services store a domain with a simple website for free, and place content sensitive advertising on the parking pages. They share advertising revenue with the owner of the domain. In this way, domain name investors get free website hosting for their domains, along with occasional advertising revenue.

While in the past some investors have made significant money from parking domains the revenue which most parked domains generate from advertising clicks is now quite meagre. Thus new styles of advertising is becoming more popular with referral selling sponsored by firms like Clickbank.com and CPA (Cash per Action) remuneration plans.

There are important considerations that must be taken into account before embarking on a domain name investment career. While it is always advisable to purchase any really high quality domain name available, actually making a stable income from domain name investment can require significant resources. It will cost a considerable amount to purchase the domain names necessary to make a stable income, and it is certainly no get-rich-quick opportunity.

As a domain name investor, you need to carefully analyze the domain name registrars and communicate with them about bulk purchasing opportunities. A domain name investor will be buying many – perhaps even hundreds – of domain names daily, and should therefore find the best discounts on domain names. Many registrars will allow for domain names to be purchased in bulk at substantial discounts. Taking advantage of these opportunities could be the difference between success and failure at this type of enterprise.

Deciding which domain names to purchase can be challenging. It is very difficult to find high quality .com names. But don't rule out country-specific extensions. As countries get their own extensions, a new world of high quality available domain names is opened up to investors. New top level domains are being created all the time, and most recently a .jobs domain name was created. A name like computer.jobs could prove very valuable in the long term.

While a lot has been mentioned of purchasing names like Microsoft.com, this practice is not particularly productive. Trademark laws allow corporations with trademarked names to take domain names that violate their trademarks. So rather than getting a big paycheck for registering a company's trademarked name, you're likely to be served with a lawsuit demanding you forfeit the name to them.

Domain name investment should be viewed in the same way with other investment opportunities. There are risks and rewards. Like all investments domain name investment returns will be predicated on the wisdom and decision making skills of the investor.

Find premium domains:
Log on: www.metafusion.com

Have Great domaining,

Shaikh Naseer :)

Originally my blog (ie this one), was created to journal my everyday struggles in life. It was almost a year ago when my life took a turn for now what seems to be a beatiful journey to becoming a woman. I didn't realized how in 7 months things had changed and my blog was starting to reflect the things that are important to me.

The new blog is less personal and more financial advise driven. Comeback girl says building wealth shouldn't have to be so painful and she for sure can tell you how she thinks im in pain lol. So I want to share my financal accomplishments with the world as well as share the methods I am using to get there. All while keeping it light and fun. I still plan to "keep it real" I just want people to feel comfortable talking about the issue that we face everyday as a nation.

I still plan to keep this blog to talk about whatever else, but mostly its now my history book. I am extremly proud of the things I have accomplish this past year and I am looking forward to a great year in 2009 when I am completely debt free.

So check out the new site, its fun and you can learn a few things too!! Its just us girls (and a guy lol) talking about how to save money, build wealth and be better people.

Thank you for being a reader, I love all 5 of you!!!

sharepointassassin.com
sharepointassassins.com
sharepointbuilders.com
sharepointninja.com
sharepointninjas.com
sharepointsolution.com
sharepointtime.com

Other domains I have for sale:

AIRPORTPLUGINS.COM
APARTMENT34.COM
APARTMENT3421.COM
APT34.COM
APT3421.COM
BSTRD.COM
CEREAYO.COM
CEREA-YO.COM
CEREYO.COM
CERE-YO.COM
CHATTERTRAIN.COM
DOINBIGTHINGS.COM
DOINGBIGTHINGS.COM
ERASEANOTE.COM
FLATBEANS.COM
GUERILLAEDUCATED.COM
GUERILLAEDUCATION.COM
HUNGRYROOMATE.COM
HUNGRYROOMATES.COM
HUNGRYROOMMATE.COM
HUNGRYROOMMATES.COM
LAAUTOCONCIERGE.COM
LOFTMATES.COM
LOLBO.COM
MILLENNIALMAVERICK.COM
MYERASABLES.COM
MYKEYBOARDSUCKS.COM
NONSENSORY.COM
NYAUTOCONCIERGE.COM
OCAUTOCONCIERGE.COM
OHSCHNAPP.COM
ORGNIZR.COM
RNDMLIFE.COM
ROUNDTALK.COM
SFAUTOCONCIERGE.COM
SPEAKRBOX.COM
STICKYERASABLES.COM
SUNSHINEJELLY.COM
TEMPTD.COM
VERBALIZR.COM
WTFBOX.COM

If you pay close attention to politics, and throw in some foresight...you could make a ton of money.

People cash in on campaign-related domain names, from local elections to THE election.

www.GODADDY.com is great for looking up and locking down some key domain names.

Continue Reading to read about a guy selling ObamaBiden.org for $100,000 on Ebay...along with quite a few other Obama-Biden related domains.

(CNN) — The Obama campaign has succeeded, in part, through astute, unprecedented use of the Internet. But some of the most obvious Web site domain names for the Obama-Biden ticket might not belong to the campaign soon — if ever.

After Obama’s selection for his number-two slot was announced, anyone trying to surf to obamabiden.org was re-directed to an eBay page selling that domain name for a starting bid of $100,000.

As of 2:30 p.m. ET, no bids were listed.

The same seller lists 15 similar domain names for sale, including obama-biden.com, obama-biden.org, and obamabiden-08.com.

eine sehr interessante Domain in unserem Portfolio ist im Moment:

WWW.Alpinetourism.net

Dieser starke Namen kann von Ihnen langfristig über uns gemietet werden.

Im Moment ist sie noch geparkt.

Sichern Sie sich durch ein langfristiges Leasing diesen Namen, bevor es die Konkurrenz macht.

Kontakt: Anfrage(at)domains-leasing.eu

Viele Grüsse

Der Webmaster

QWDQ.com

MXXQ.com

YVEV.com

DYYV.com

Let’s call the 2 servers ‘SOURCESERVER’ and ‘DESTSERVER’ for
SOURCESERVER = Source server (the server we’re connecting from to upload the data)
DESTSERVER = Destination server (the server we’re connecting to receive the data)

Part 1 - Setting up SSH key authentication

First, we need to make sure the DESTSERVER has the ability to use key authentication enabled. Find your sshd configuration file (usually ‘/etc/ssh/sshd_config’) and enable the following options if they are not already set.

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

If you edit the file be sure to restart sshd afterwards.

# /etc/init.d/sshd restart

Next, on the SOURCESERVER we will create the public / private key pair to be used for authentication with the following command.

# ssh-keygen -t rsa

*Note: Do not enter a passphrase for this, just hit enter when prompted.

This should create 2 files, a public key file and a private key file.
The public key file (usually [homedir]/.ssh/id_rsa.pub) we will upload to the DESTSERVER.
The private key file (usually [homedir]/.ssh/id_rsa) we will keep on the SOURCESERVER.
*Be sure to keep this private key safe. With it anyone will be able to connect to the DESTSERVER that contains the public key.

Now we will plant the public key we created on to the DESTSERVER.
Choose the user account which you will use to connect to on DESTSERVER, we’ll call this user ‘destuser’ for now.
In that account’s home directory, create a ‘.ssh’ subdirectory, and in that directory create a new text file called ‘authorized_keys’. If it already exists, great, use the existing file.
Open the ‘authorized_keys’ file and paste in the contents of the public key you created in the previous step (id_rsa.pub). It should look something like the following

ssh-rsa <lots and lots of characters…> sourceuser@SOURCESERVER

Save the file and change the permissions to 600 for the file and 700 for the ‘.ssh’ directory.

Now to test that the keys are working.
From the SOURCESERVER try logging in as normal using ssh to the DESTSERVER.

# ssh destuser@DESTSERVER

If all is working you should not be prompted for a password but instead connected directly to a shell on the DESTSERVER.

Part 2 - Creating the rsync script

Now for the rsync script.
I use a simple script such as the following

——————————————-

#!/bin/bash

SOURCEPATH=’/source/directory’
DESTPATH=’/destination’
DESTHOST=’123.123.123.123′
DESTUSER=’destuser’
LOGFILE=’rsync.log’

echo $’\n\n’ >> $LOGFILE
rsync -av –rsh=ssh $SOURCEPATH $DESTUSER@$DESTHOST:$DESTPATH 2>&1 >> $LOGFILE
echo “Completed at: `/bin/date`” >> $LOGFILE

——————————————-

Copy this file into the home directory of the sourceuser on the SOURCESERVER
and modify the first 4 variables in the file.
SOURCEPATH (Source path to be synced)
DESTPATH (Destination path to be synced)
DESTHOST (Destination IP address or host name)
DESTUSER (User on the destination server)
Save it as something like ‘rsync.sh’
Set the permissions on the file to 700.
# chmod 700 rsync.sh

Now you should be able to run the script, have it connect to the DESTSERVER, and transfer the files all without your interaction.
The script will send all output to the ‘rsync.log’ file specified in the script.

Part 3 - Setting up the cron job

Assuming everything has worked so far all that’s left is to setup a cron job to run the script automatically at a predefined interval.

As the same sourceuser use the ‘crontab’ command to create a new cron job.

# crontab -e

This will open an editor where you can schedule the job.
Enter the following to have the script run once every hour

——————————————-
# Run my rsync script once every hour
0 * * * * /path/to/rsync.sh
——————————————-

Your 2 servers should now be syncing the chosen directory once every hour.
Hope this helped, let me know if you have any questions.

I've got hundreds of names aquired over the years so it'll be interesting to see how much these names fetch here at auction.

Monte, Moniker's top guy, is introducing the event now.

Hey, I just won a $200 credit for having signed up online. (didn't use it - few name I'd want in this batch)

Reverselinesofcredirt.co and earlybirdiscounts.com just sold for 200 each...

seoproduct.com $300

Wow, shoppingservices.com just fetched 30,000 from room bidding.

They closed ctr.com , not going to allow bigs under 50k . Realestatedirect.com closed at 100k! Seems very, very high to me.

Ad.com: Wow, this just went for $350,000 after an online bid for 300k.

Update - this did NOT sell and I'm not understanding what happened. The process is frantic and I think designed more to get people in the frenzy of bidding than anything.

I'm wondering how you regulate the ease with which you could boost prices with fake bids (I do NOT think they are doing that since the credibility hit would ruin them forever, but it's odd seeing bids come in from the internet, invisible).

OK, so the auction went way over time, then to add an insult to the deal when I got to the Vivid party thrown by Moniker and Webmaster Radio at 9pm the place was way too loud to talk, the "open bar" was not open, the plentiful food was not there, and there was some VIP thing going for ... the special people?

Not impressed at all.

Specifically, global catalogues. In any Windows-based domain environment, the domain is hosted by one or more domain controllers.

In the case of a single domain controller, all domain server roles are serviced by a single machine. While this is simplest, it is also not fault-tolerant.

In the case of multiple domain controllers (not member servers), domain server roles can be delegated amongst the available servers. i.e. the main server can be the PDC (primary domain controller), hosting the Global catalog while other servers take the RID and Infrastructure roles. While the RID, PDC, and Infrastructure roles are generally only delegated to provide load balancing, the Global Catalog role should be shared by multiple servers. The reason? The looming death of your domain, that's what.

The Global Catalog is critical to the function of your domain. Without a live global catalog no one can authenticate. No authentication means to function. This was something I had missed. Small, superscripted in the corner of the documentation. Missed. I had 2 DC's, with full replication of all domain data, including both Active Directory and DNS. But I only had one server hosting the Global Catalog. That one server happened to be the one that pooched, resulting in a secondary domain controller that assumed all roles (as it should have) but did not have a copy of the catalog. There were hours of hope, when I toiled deep in the recesses of that dank and dusty dungeon of dns and domain services. Hours of hope that turned to bitter despair as I learned of my folly. Global Catalog! How did I miss thee!

Suffice it to say, it is now standard practice, to enable each domain controller as a global catalog. (Active Directory Sites and Services->Sites->Site->Servers->Server->NTDS Settings->Click the check box!). I will only have 3 DC's (and then 2 DC's when the VMWare server is retired), so having each DC as a Global Catalog won't cause any network congestion. It WILL cause some redundancy, allowing my users to continue functioning even in the event of a catastrophic failure of any one server. Note to self: test that theory.

The other item I learned, is that Veritas can be...difficult to use, when it comes to restoring exchange mailboxes to any server but the one you backed them up from. For this reason it is of no value; the only time I need to restore mailboxes is in the event that the original server is defunct. For this reason I will be moving to a lower-level database backup instead of mailbox backup, which should work more reliably on replacement servers. For now a full dump of the virtual machine will suffice.

Earlier this year: server hiccups. Restarts spontaneously. Noted event log with vague statement concerning raid device not responding. No hard errors on any drives, all drives optimal. Anomoly?

Middling this year: server...burps. Hangs on blue screen, to the effect of inaccessable device. Same event logged as previous. No hard errors on any drives, all drives optimal. Cold boot restored function. Problem repeated shortly therafter. Determined that secondary hang was caused by the RAID controller attempting to initialize the RAID array during operation. Some 2 years after being initialized during the install. Difinitive anomoly. Cancelled initialization, barred future auto-intilization. Server back up, running smooth.

5 weeks ago (several months after last hang). Server crashes, hard. Fails to boot to raid array. When array finally boots, fails to boot windows. Intermittantly returns a BSOD or Blue Screen. Tried to determine if it was a hard drive issue or controller issue. No errors found in either court. Shut down, disconnected power. Left. Fired up a Windows Server 2003 vmware guest, started the process of rebuilding the DC and all related services from scratch. Well, not entirely.

In the first 48 hours after the crash (my poor weekend), I was able to recover all user data from the downed server. I was also able to recover all exchange mailboxes from the downed server. As well as all financial data. Note that I DID have a viable copy of all critical data available if necessary. I would have recovered the mailboxes from the backup, if the Veritas backup was capable of restoring to exchange. It was not. Due to Veritas' epic failure as a usable backup system for Exchange....I've ditched it and will use a simpler yet still effective method. I'll still use Veritas for everything else, just not Exchange. Nemisis! I was...frustrated by that. Moving on. Moved all data to a newer server (leaving the VMWare server to do the thinking), and set to fixing the myriad of services obliterated by the server failure. Note that none of these services needed to fail. I'll comment on THAT nugget of wisdom later. To sum: everything is back up and running, and is STILL running.

Warning: This is not to be done by the unexperienced admins bad things could happen. Hire someone.

Sometimes if you get hacked or boot with a bad kernel you need to have the datacenter mount your old drive, and install a new one with a fresh installation of redhat. First things first lets make sure you have an updated kernel, we will do it with up2date for ease of use:

up2date -f kernel

check the grub.conf /or lilo config to ensure the settings are right. (if using lilo run this command aswell /sbin/lilo -v -v and check for errors)

Now reboot the server

shutdown -r now
I. Mount the backup Drive

First check to see if there are any drives mounted.

df -h

You should get something simular to this if it isent mounted yet:

[root@localhost root]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda2 37G 1.4G 33G 4% /
/dev/hda1 101M 7.7M 88M 9% /boot
none 125M 0 125M 0% /dev/shm
[root@localhost root]#

if it is mounted you will see something like this:

-bash-2.05b# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda3 53G 31G 20G 62% /
/dev/hda1 99M 14M 80M 15% /boot
none 248M 0 248M 0% /dev/shm
/dev/hdc3 53G 31G 20G 61% /mnt/old
-bash-2.05b#

as you can see hdc3 is the old drive, and it is mounted as /mnt/old. Yours will be diffent possibly. But keep in mind you need to know the mount point for the backup drive for the following steps.

Lets mount if not already mounted.

fdisk -l

check for additional drives, in this tutorial we will use /dev/hdc3.

mount /dev/hdb3 /mnt/old

now that the drive is mounted you can browse files like:

ls /mnt/old/home

II. Rsync the files

Do these commands one by one,

rsync -vrplogDtH /mnt/old/usr/local/apache/conf /usr/local/apache
rsync -vrplogDtH /mnt/old/var/named /var
rsync -vrplogDtH /mnt/old/home/* /home
rsync -vrplogDtH /mnt/old/usr/local/cpanel /usr/local
rsync -vrplogDtH /mnt/old/var/lib/mysql /var/lib
rsync -vrplogDtH /mnt/old/var/cpanel /var
rsync -vrplogDtH /mnt/old/usr/share/ssl /usr/share
rsync -vrplogDtH /mnt/old/var/ssl /var
rsync -vrplogDtH /mnt/old/usr/local/cpanel/3rdparty/mailman /usr/local/cpanel/3rdparty
rsync -vrplogDtH /mnt/old/var/log/bandwidth /var/log
rsync -vrplogDtH /mnt/old/usr/local/frontpage /usr/local
rsync -vrplogDtH /mnt/old/var/spool/cron /var/spool

Next Step - Get some important files from etc:

cd /mnt/old/etc
rsync -vrplogDtH secondarymx domainalias valiases vfilters exim* proftpd* pure-ftpd* passwd* group* *domain* *named* wwwacct.conf cpupdate.conf quota.conf shadow* *rndc* ips* ipaddrpool* ssl /etc

Now would be a good time to change your password for root:

passwd

III. Updating software and restarting services

/scripts/upcp
/scripts/updatenow
/scripts/sysup
/scripts/fixeverything
/scripts/exim4
/scripts/easyapache
/scripts/securetmp

This is needed to update cpanel information. Please note, sshd might fail and not start after running fixeverything. You have to login to whm, and go to the rpm installer and "FORCE" install opensshd-server, opensshd, opensshd-client and then restart sshd from whm.

IV. Restarting services

/scripts/restartsrv httpd
/scripts/restartsrv cpanel
/scripts/restartsrv mysql
/scripts/restartsrv named
/scripts/restartsrv exim

After you are pleased that everything is working fine, restart the entire server.

This tutorial works 100% on redhat, 7.3, 8.0, 9.0 and fedora. it has been tested on those boxes. But remember, if you dont know what your doing them hire someone to check your server out.

If you check out your PHP.ini file you'll notice that your mail program is set to: /usr/sbin/sendmail and 99.99% of PHP scripts will just use the built in mail(); function for PHP - so everything will go through /usr/sbin/sendmail =)

Requirements:
We assume you're using Apache 1.3x, PHP 4.3x and Exim. This may work on other systems but we're only tested it on a Cpanel/WHM Red Hat Enterprise system.

Time:
10 Minutes, Root access required.

Step 1)
Login to your server and su - to root.

Step 2)
Turn off exim while we do this so it doesn't freak out.
/etc/init.d/exim stop

Step 3)
Backup your original /usr/sbin/sendmail file. On systems using Exim MTA, the sendmail file is just basically a pointer to Exim itself.
mv /usr/sbin/sendmail /usr/sbin/sendmail.hidden

Step 4)
Create the spam monitoring script for the new sendmail.
pico /usr/sbin/sendmail

Paste in the following:

#!/usr/local/bin/perl

# use strict;
use Env;
my $date = `date`;
chomp $date;
open (INFO, ">>/var/log/spam_log") || die "Failed to open file ::$!";
my $uid = $>;
my @info = getpwuid($uid);
if($REMOTE_ADDR) {
print INFO "$date - $REMOTE_ADDR ran $SCRIPT_NAME at $SERVER_NAME n";
}
else {

print INFO "$date - $PWD -  @infon";

}
my $mailprog = '/usr/sbin/sendmail.hidden';
foreach  (@ARGV) {
$arg="$arg" . " $_";
}

open (MAIL,"|$mailprog $arg") || die "cannot open $mailprog: $!n";
while (<STDIN> ) {
print MAIL;
}
close (INFO);
close (MAIL);

Step 5)
Change the new sendmail permissions
chmod +x /usr/sbin/sendmail

Step 6)
Create a new log file to keep a history of all mail going out of the server using web scripts
touch /var/log/spam_log

chmod 0777 /var/log/spam_log

Step 7)
Start Exim up again.
/etc/init.d/exim start

Step 8)
Monitor your spam_log file for spam, try using any formmail or script that uses a mail function - a message board, a contact script.
tail - f /var/log/spam_log

Sample Log Output

Mon Apr 11 07:12:21 EDT 2005 - /home/username/public_html/directory/subdirectory -  nobody x 99 99   Nobody / /sbin/nologin

Log Rotation Details
Your spam_log file isn't set to be rotated so it might get to be very large quickly. Keep an eye on it and consider adding it to your logrotation.

pico /etc/logrotate.conf

FIND:
# no packages own wtmp -- we'll rotate them here
/var/log/wtmp {
monthly
create 0664 root utmp
rotate 1
}

ADD BELOW:

# SPAM LOG rotation
/var/log/spam_log {
monthly
create 0777 root root
rotate 1
}

Notes:
You may also want to chattr + i /usr/sbin/sendmail so it doesn't get overwritten.

Enjoy knowing you can see nobody is actually somebody

How to install MRTG on Your Cpanel Server

The Multi Router Traffic Grapher or just simply MRTG is free software for monitoring the traffic load on network links. It allows the user to see traffic load on a network over time in graphical form. MRTG generates HTML pages containing graphical images which provide a LIVE visual representation of this traffic. How does it work? MRTG uses the Simple Network Management Protocol (SNMP) to send requests with two object identifiers (OIDs) to a device. The device, which must be SNMP-enabled, will have a management information base (MIBs) to lookup the OID's specified. After collecting the information it will send back the raw data encapsulated in an SNMP protocol. MRTG records this data in a log on the client along with previously recorded data for the device. The software then creates an HTML document from the logs, containing a list of graphs detailing traffic for the selected device.

This is a "How to" for installing MRTG (2.9.17) on a cpanel server. Let's start:

# Download the software (http://oss.oetiker.ch/mrtg/) and move it to your download folder on your server. Or use the RPM installation information further down below.
cd /root/downloads

# Unninstall any older version in case we have an old/broken installation
rpm -e mrtg

# Get the latest rpm. The RPM might not reflect the latest available stand-alone version
wget http://www.dedicated-resources.com/files/mrtg-2.9.17-1cpanel.i386.rpm
# Or grab a newer version from here: http://rpmfind.net/linux/rpm2html/search.php?query=mrtg

# Installing the application
rpm -Uvh mrtg-2.9.17-1cpanel.i386.rpm

# Moving libpng
cd /usr/lib
mv libpng.so.2 libpng.so.2.OLD

# Creating the symlink
ln -s libpng.so.3 libpng.so.2

# Edit language at and specify only "en_US"
pico /etc/sysconfig/i18n

# Restarting MRTG
service mrtg restart

# Configure MRTG to allow only your local IP to see the reports at http://IP/mrtg - Important: If your local IP changes due to DHCP very often, you should skip this step.
# This can be happening often when being on DSL.

pico /usr/local/apache/conf/httpd.conf

#Search for the line (CTRL+W):
# It should look like this:
Options Indexes FollowSymlinks MultiViews
AllowOverride None
Order allow,deny
Allow from all
#After the last line () paste this and change allowed IPs:
order deny,allow
allow from [ SERVER IP ]
allow from [YOUR LOCAL IP]
deny from all
# Restarting httpd
service httpd restart

# Let's put MRTG to start with the system
chkconfig --level 0123456 mrtg on

# Important: Add MRTG to the up2date skip-list of your server. If you don't do this, after the system updates your MRTG installation will be broken.
up2date --configure
# Select the skip-list option
# Add mrtg to the skip-list
"mrtg*"
After this final step, your MRTG report should be available at: http://SERVER_IP/mrtg ]]>