[App_rpt-users] ASL Deployed on a VPS in under 1 hour as HUB

[Mike]

As a follow-up...

The host at Vultr has blocked the ports on this instance thereby 
rendering it useless.

In trying to remedy this, they claim I am over using the CPU on a other 
instance running a full version of asterisk on a server with 3x the 
resources, which has been under constant hack attack. But what I did not 
know is that they had started blocking ports back then (months ago) and 
in a effort to fix what I thought was corruption, did a lot of 
re-loading of software, intensifying the cpu usage. SO, it may be 
advisable if you think you want to reload and reconfig a instance such 
as I outlined here, to start a new instance, copy the files needed from 
your old one and destroy the old instance. You will have a new IP 
address with the new.

Same on yet one other instance for a web server only intended for email. 
But I have to say, if not for the blocking of the email ports in the 
first place and without warning, I might have been inform by the scripts 
I have on those servers of the hacking attempts to the first server.

Kinda a catch 22 I guess. But I thought the advantage of VPS is that you 
can not and do not 'SHARE RESOURCES"

You are suppose to get just what you pay for nothing more or 
less.....    Go Figure !

Anyway, I will give you guys 1 more follow-up as I redeploy this "ON 
SOME OTHER HOST" because they seem reluctant to open ports 25,465,4569 & 
5060 in one direction or the other.

Here is a nice online tool for checking your inbound udp/tcp ports...

https://www.yougetsignal.com/tools/open-ports/

While I do not wish to slight vultr, it does not seem they handle issues 
very well. And the hack activity there is high. Do not run a instance 
there without configserver (CSF) or some statefull firewall, but I guess 
that goes for anywhere. But for whatever reason, if you don't get it 
deployed and locked down there in the 1st few hours, you may have plenty 
of issues. The IP's there are high on the hacker hit list. And I have 
seen plenty of 'reflections' attacks there.

But, if many should start to deploy these hubs on VPS, I would say we do 
need some separate communication between us as to hack activity and ip 
address sharing of those attacks. Perhaps a email list of the output of 
CSF & LFD from each instance. Then you can start-up with the knowledge 
of previous attacks addresses the moment you deploy. Just a thought.

Follow-up to come...

...mike/kb8jnm



On 5/15/2018 2:36 AM, Mike wrote:
>
> Just wanted to let those know that have had a wish-list of a 
> deployment of a hub on a VPS, and  know that it was quite easy.
>
> On the down side for me is that I am a CentOS guy. I run over a dozen 
> centos64 servers now. Started with centos in v3 I think.
>
> Debian is new for me.
>
> Struggled a little. And on the plus side for time, I had a old config 
> for the same from ACID .
>
> Here is the quick what/where... (I am not endorsing anyone)
>
> I used a 1 core 500mb / 25gb VPS from Vultr.com
>
> ...you may need to 'change server locations' to find that small cheap 
> one @ $2.50/month
>
> Once you have a server picked-out and deployed (5min) and it's loaded 
> and ready,
>
> You will need to load a custom ISO of the ASL from the http-link 
> address at allstarlink.org of the 'ISO' image.
>
> After it has loaded in the tray (few min) reboot the server 
> loading/booting custom iso.
>
> Watch the top right hand side of the screen for the local/console 
> monitor button to see what you are doing.
>
> For me it loaded up in less than 15min but that's a guess. It was 
> pretty darn quick.
>
> But while you are waiting, you can ready your ssh shell with new ip if 
> you want or do your set-up at allstarlink etc.
>
> But do not alter the server setting at Vultr while the process is 
> ongoing. Before or after would be in order here.
>
> You will need to unload that iso from the tray and reboot at the end 
> to continue from the vultr server setup page.
>
>
> I will say for me... I had to set myself up as root ssh right away or 
> it would have taken me twice as long or more to edit the files and 
> 'stuff' since I'm not use to debian linux. but it does not seem all so 
> different. But I rarely run as sudo.
>
> When I'm done, I revert back to locking up root. But I am sure it will 
> take most a little bit longer to deploy as i am use to the menu at 
> vultr since a load a experimental server there all the time and 
> destroy it after my tests.
>
> Anyway, hope that gets some folks thinking of new possibilities and 
> trying some new things out.
>
> For me... this node number is 29999 and I had ask for it in advance of 
> hitting the 30000 mark and was intended to be just what I am doing 
> with it now. But I do intend to build many repeater toys in this 
> central spot to be used by other repeater/nodes I have. Perhaps then I 
> can slim down my computer boards driving the repeaters.
>
> But I would like to see a bunch of activity on this 29999/hub over the 
> next week to examine how much activity will load it down so I have 
> some idea in real terms what it will handle. So if you all can help me 
> out with that great ! Connect up and shoot some round tables for a bit.
>
> I may in the future sponsor some tech nets/how 2's on this hub. But I 
> do have in mind a experiment with a http html5 webtransiever when I 
> have time. It would be for emergency use only. Think of all the 
> possibilities for yours and go for it !
>
> One other note I am playing with...
>
> I have pointed a FQDN domain at the server for now and it is 
> 29999.link (port  80 not opened yet, not till I get csf config'd) and 
> I just wanted those that might have that in mind in the future to 
> perhaps think of using the '.LINK' extension for these things. They 
> are cheap and available for most 5number names. Unlike .com/.net/.org 
> since 5number names are well taken as zipcodes in the us. (node#.LINK)
>
> But all in all... Guys/Gals Thanks for all the hard work from those on 
> the new ASL Debian versions. Thank You !
>
> A Very smooth and accurate deployment.
>
> ...mike/kb8jnm
>
> _______________________________________________
> App_rpt-users mailing list
> App_rpt-users at lists.allstarlink.org
> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users
>
> To unsubscribe from this list please visit 
> http://lists.allstarlink.org/cgi-bin/mailman/listinfo/app_rpt-users 
> and scroll down to the bottom of the page. Enter your email address 
> and press the "Unsubscribe or edit options button"
> You do not need a password to unsubscribe, you can do it via email 
> confirmation. If you have trouble unsubscribing, please send a message 
> to the list detailing the problem.