nhouck Posted September 4, 2008 Share Posted September 4, 2008 Is there anything that can be done about frequent monitor crashes? In particular, with the onslaught of people trying to hack into TCAdmin servers lately the frequency of monitors crashing seems to have gone up. I have the monitors set to restart every day, but I still get crashes where clients cannot use TCAdmin, ftp etc. because of it. Often but not always when I check the monitor log I see someone tried to brute force attack it with a login script. It seems this is overloading things. I had a MySQL crash lately, something about out of xyz, can't remember what it was sorry. It seems that all the hits for logins are overloading the monitor in some way and crashing it after a while. Am I the only one with users getting exasperated with the constant webadmin/ftp downtime and having to restart the monitors several times a week? We need a monitor for the monitor to see if it's crashed and restart it. Maybe one idea is an ftp login script, if it fails, restart the monitor. Has anyone written something like this? Link to comment Share on other sites More sharing options...
studeggle Posted September 4, 2008 Share Posted September 4, 2008 I just altered the monitor service manually and told windows if it crased to restart it. So now I just keep an eye on the logs to see what is occuring but no more headaches of down monitor. Link to comment Share on other sites More sharing options...
ECF Posted September 4, 2008 Share Posted September 4, 2008 As stated above you can set the actual windows service to restart if it fails. You should also change your security settings in TCAdmin to auto-ban any IP that these attacks come from. Link to comment Share on other sites More sharing options...
nhouck Posted September 4, 2008 Author Share Posted September 4, 2008 Dunno why I didn't think of that. Thanks! I did set the IP to autoban, but then I still get thousands of lines saying "Your IP is banned" showing up in the monitor log. What might be cool would be a script or functionality so that when an IP is banned, it is added to the windows firewall rules automatically. Link to comment Share on other sites More sharing options...
ECF Posted September 4, 2008 Share Posted September 4, 2008 Sounds like someone wants to get you bad Link to comment Share on other sites More sharing options...
nhouck Posted September 4, 2008 Author Share Posted September 4, 2008 Actually looking back at it I found I had set the service to auto restart and just forgot I had done that, this is what happens when you work two jobs, lol? I still get users reporting it is not working and have been manually restarting it. I will look deeper into the issue next time to see if maybe the problem lies on the master or db or something. I did have that one DB crash that seemed to be caused by the ridiculous amount of hack attempts. I will try to document it better if it happens again. Link to comment Share on other sites More sharing options...
nhouck Posted September 4, 2008 Author Share Posted September 4, 2008 Sounds like someone wants to get you bad Well our servers are pretty bad ass so I could see why they would want control of one lol. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.