Monitor Crashes - What can we do?

[nhouck]

Is there anything that can be done about frequent monitor crashes? In particular, with the onslaught of people trying to hack into TCAdmin servers lately the frequency of monitors crashing seems to have gone up. I have the monitors set to restart every day, but I still get crashes where clients cannot use TCAdmin, ftp etc. because of it.

 

Often but not always when I check the monitor log I see someone tried to brute force attack it with a login script. It seems this is overloading things. I had a MySQL crash lately, something about out of xyz, can't remember what it was sorry. It seems that all the hits for logins are overloading the monitor in some way and crashing it after a while.

 

Am I the only one with users getting exasperated with the constant webadmin/ftp downtime and having to restart the monitors several times a week? We need a monitor for the monitor to see if it's crashed and restart it. Maybe one idea is an ftp login script, if it fails, restart the monitor. Has anyone written something like this?

[studeggle]

I just altered the monitor service manually and told windows if it crased to restart it. So now I just keep an eye on the logs to see what is occuring but no more headaches of down monitor.

[ECF]

As stated above you can set the actual windows service to restart if it fails. You should also change your security settings in TCAdmin to auto-ban any IP that these attacks come from.

[nhouck]

Dunno why I didn't think of that. Thanks!

 

I did set the IP to autoban, but then I still get thousands of lines saying "Your IP is banned" showing up in the monitor log.

 

What might be cool would be a script or functionality so that when an IP is banned, it is added to the windows firewall rules automatically.

[ECF]

Sounds like someone wants to get you bad

[nhouck]

Actually looking back at it I found I had set the service to auto restart and just forgot I had done that, this is what happens when you work two jobs, lol?

 

I still get users reporting it is not working and have been manually restarting it. I will look deeper into the issue next time to see if maybe the problem lies on the master or db or something. I did have that one DB crash that seemed to be caused by the ridiculous amount of hack attempts. I will try to document it better if it happens again.

[nhouck]

Sounds like someone wants to get you bad

Well our servers are pretty bad ass so I could see why they would want control of one lol.