Differences

This shows you the differences between two versions of the page.

--- misc:2015revew [2015/01/27 14:26]
tschulz [Operates/manages the District- wide area network. (Desaster Recovery)]
+++ misc:2015revew [2015/01/27 15:21] (current)
tschulz [Responsible for troubleshooting hardware/software problems/Devise and administer security on the administrative network. (Managed Java Plugin Updates)]
@@ Line 1: / Line 1: @@
 ====== 2015 Review ======
-===== Operates/manages the District- wide area network. (Desaster Recovery)=====
+====== Goals going Well ======
+===== Operates/manages the District- wide area network. (Disaster Recovery)=====
+==== SAN Snapshots and Replication ====
   * All primary server virtual machines (VM) are stored on a two(primary and secondary) node storage area network (SAN).  Each VM stores it's live data on the primary SAN node (zfs1.sebeka.k12.mn.us).  The primary SAN node currently is storing 15 daily snapshots.  Every night daily changes are sent to the secondary SAN node(zfs2.sebeka.k12.mn.us).<file bash>
 #output of "zfs list -t all" on zfs1.sebeka.k12.mn.us
@@ Line 46: / Line 50: @@
 tank/vol1@2015-01-27      0      -  2.70T  -
 </file>
+==== Conventional Backups ====
   * In addition the SAN snapshots every virtual machine is backed up using conventional full and differential backups.  All non-file servers are backed up every school day and numerious backups are kept for recovery.  All file servers have full backups on Sunday morning and differential backups every school day.  I keep enough file server backups to provide multiple days of daily backups<file>*list volume
 Pool: AcademyPool
@@ Line 335: / Line 341: @@
 | 153     | sfs-0153   | Used      | 1       | 131249626810 | 30       | 950400       | 1       | 0    | 0         | File      | 2015-01-25 20:35:41 |
 +---------+------------+-----------+---------+--------------+----------+--------------+---------+------+-----------+-----------+---------------------+</file>
-  * Unordered List have plans of storing backups on google drive.  Due the extreme size of the data set I need to figure out a schedule so that the upload doesn't affect internet speed for the Freshwater cluster
+==== Offsite Backups ====
+  * I have plans of storing weekly backups on google drive.  Due the extreme size of the data set I need to figure out a schedule so that the upload doesn't affect internet speed for the Freshwater cluster.
+===== Devise and administer security on the administrative network (Intrusion Protection) =====
+  * This fall we had numerous attacks on our Wordpress site and the attackers were able to exploit an unpatched vulnerability in Wordpress to that allowed them to modify files.  Before the vulnerability was patched I devised a permission structure that prevented further intrusions.   I also added intrusions detection measures to the school firewall that now detects and blocks access at the firewall to any internet address that is trying to break into one of our web servers<file bash secure_perms.sh>
+#!/bin/sh
+chmod -R 555 .
+FILES="`find . -type f |  sed \"s\ \+\g\"`"
+for i in $FILES
+do
+        #chmod 644 $i
+        NEWPATH="`echo $i | sed \"s\+\ \g\"`"
+        ##echo $NEWPATH
+        chmod 444 "$NEWPATH"
+        chown www-data:www-data "$NEWPATH"
+done
+chmod -R 755 ./wp-content/blogs.dir
+chown -R www-data:www-data ./wp-content/blogs.dir
+FILES="`find ./wp-content/blogs.dir -type f |  sed \"s\ \+\g\"`"
+for i in $FILES
+do
+        #chmod 644 $i
+        NEWPATH="`echo $i | sed \"s\+\ \g\"`"
+        ##echo $NEWPATH
+        chmod 644 "$NEWPATH"
+        chown www-data:www-data "$NEWPATH"
+done
+</file><file>pass in on {$ext_if1, $ext_if2} proto {tcp,udp} from any to $WEBSERVER port $WEBPORTS flags S/SA keep state (max-src-conn 100, max-src-conn-rate 30/5, overload <abusive_hosts> flush)</file>
+====== Goals Inprogress ======
+===== Responsible for troubleshooting hardware/software problems/Devise and administer security on the administrative network. (Managed Java Plugin Updates) =====
+  * Currently there is no established way to keep the Java Plugin software updated.  Since this plugin is required for the Infinite Campus gradebook, Infinite Campus food service, Pearson Online testing.  It is critical that this software kept up to date.  I had to create server and client software to push out the updates.  I am currently rolling the client software to faculty computer.  We should have fully transparent and managed java updates before the end of Winter.  As the update system stands right now it is able to push put automatic updates as long as there is no web browsers preventing the updates to the plugin software.  I plan to implement a notification that all web browsers need to be terminated.  This will close all browsers unless the user cancels the update.
+===== Operates/manages the District- wide area network. =====
+  * I would like to implement some sort of cable management in the school's server room.  The biggest problem by far are the many analog video cables that will need to be rerouted and probably reterminated.  The ethernet cable could be address by putting in a 48 port patch panel so that the cable runs are a lot cleaner and clearly labeled.  This is not anything terribly difficult, but it would require the nearly everything to be powered down at some point while the cables are rerouted.

ISD 820 Knowledge Base

User Tools

Site Tools

Differences

Page Tools