LowEndBox - Cheap VPS, Hosting and Dedicated Server Deals

Nodes and Modes: Maintaining Galera Replication for MariaDB

Tags: , , , , Date/Time: September 23, 2021 @ 12:00 am, by raindog308

GaleraIn a previous tutorial, we showed you how to setup Galera replication for MariaDB so you could have multi-node, multi-master clusters.  We also saw how MariaDB painlessly replicates data.  In this tutorial, we’re doing to forcibly interject a little pain into the process by seeing how Galera deals with down loads and replaced nodes.

Once again, we’re using the following cluster setup:

In this design, I’m using the following cluster and anonymized IPs:

  • db1.lowend.party on 1.1.1.1
  • db2.lowend.party on 2.2.2.2
  • db3.lowend.party on 3.3.3.3

Bigger Data

Let’s start by making some bigger data.  We’re still using our Buffy the Vampire Slayer-themed table created in the previous tutorial, but if you didn’t follow that one, you can set it up easily:

root@dbsecure:~# mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 47
Server version: 10.3.22-MariaDB-0+deb10u1 Debian 10
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database gtest;
Query OK, 1 row affected (0.000 sec)

MariaDB [(none)]> use gtest;
Database changed

MariaDB [gtest]> create table buffy ( name varchar(30), team_role varchar(100) );
Query OK, 0 rows affected (0.012 sec)

MariaDB [gtest]> 

Now I’d like to load a bigger quantity of data.  Start by shutting down db2 and db3.  I’m doing this because we’re in synchronous mode and the initial data load will be much faster.  On db2 and db3:

systemctl stop mariadb

On db1, I’m going to load 250,000 rows.  Here’s the perl script I used to generate the random data.  Place this in /root/make_load.pl:

#!/usr/bin/perl -w

@lets = qw ( a b c d e f g h i j k l m n o p q r s t u v w x y z );

sub random_word {
  my $word = "";
  for ( my $i = 1; $i<=30; $i++ ) {
    $c = int(rand($#lets));
    $word .= $lets[$c];
  }
  return $word;
}

open (OUT,">load.sql");
print OUT "use gtest;\n";
for ( $i = 1; $i <=250000; $i++ ) {
  $name = random_word();
  $tr = random_word();
  print OUT "insert into buffy (name, team_role) values ( '$name', '$tr');\n";
  if ( $i % 10000 == 0 ) { print "$i done\n"; }
}

(More…)

Painless MariaDB Replication with Galera Clusters

Tags: , , , , , Date/Time: September 22, 2021 @ 12:00 am, by raindog308

GaleraGalera is MariaDB’s multi-master replication technology which makes it a snap to setup highly-available multi-node MariaDB clusters.  In this tutorial we’ll walk through setting up a cluster and also look at some replication events.

Cluster Design

For Galera, you want to use odd-number clustered sizes: 3 nodes, 5 nodes, etc.  It’s possible to run a 1-node Galera cluster but then you’re not replicating, so that’d be pointless.  The nodes can be anywhere in the world, but keep in mind that Galera is synchronous replication.  This means the more nodes and the further they are from each other, the more latency.

Note that we’re only referring to write latency.  If you have three nodes that are placed far from each other but there are only a few time-insensitive writes throughout the day and the bulk of interactions are read (e.g., a blog or news site) then this system can still work well.

In this design, I’m using the following cluster and anonymized IPs:

  • db1.lowend.party on 1.1.1.1
  • db2.lowend.party on 2.2.2.2
  • db3.lowend.party on 3.3.3.3

Installing MariaDB

I put each node’s DNS entries on each host’s /etc/hosts.  This is not strictly necessary because we’ll use IPs for cluster communications but it doesn’t hurt.

In /etc/hosts on each node:

1.1.1.1 db1.lowend.party
2.2.2.2 db2.lowend.party
3.3.3.3 db3.lowend.party

Now install MariaDB and also rsync on each node:

apt-get -y install mariadb-server rsync

Run the MariaDB installation security script on each node:

mysql_secure_installation

Now shut down MariaDB on all nodes:

systemctl stop mariadb

(More…)

The Most Ridiculous VPS Company of All Time

Tags: , , Date/Time: September 21, 2021 @ 12:00 am, by raindog308

VPSByCallWould you like a free 1.5GB RAM VPS with 20GB of disk, an ipv4, and unmetered bandwidth in Germany?  Well, in 2013 all you needed to do was dial a number and listen to ads.  A lot of ads.

Back then, a company named VPS By Call launched a service where potential users were instructed to call a phone number and listen to ads.  Each minute listening was worth 1.2 credits and you needed 5,000 credits to earn not just a cheap VPS but a free VPS.

That’s 5,000 per month.

If you do the math, you find that you’d need to sit on the phone for (5000 / 1.2 = 4166 minutes / 60 = ) 69.4 hours per month in order to qualify.  That’s nearly 3 full days of listening.  Or if you went at it for only 8 hours per day, that’d been 8.5 days per month of listening.

Of course, in theory you could dial and walk away, which is probably what nearly everybody instantly thought to do.  While VPS By Call limited calls to 60 minutes (according to their FAQ), how hard would it be to just notice your phone was hung up and hit dial again?  Suppose you did that when you went to bed and then may one other time during the day.  Over 30 days, that’d add up to 60 hours, so you’d just need to hit dial a couple more times…maybe when you’re having dinner.

I have to think advertisers quickly realized this as well.  Who did they think would sit on the phone hour after hour, paying the least attention to their ads?  Exactly no one.  The VPSByCall rep on LowEndTalk said “The ads are repeating and there are not that many yet, so you will listen to the same ads over and over. The advertisers are aware of this and thus pay verrry little. This is why users have to call for so long.”

Now a 1.5 GB VPS with unmetered (albeit 100mbps) VPS was not at all bad in 2013…but who would forfeit his sanity to listen to the same ads over and over for 69 hours a month?

The idea was quickly savaged on LowEndTalk and that thread makes for a funny read.  Alas, VPSByCall soon folded and the last reference I can find to their operation is April 2014.  But someone still owns the domain, so maybe one day…?

Full Time Hosting: Cheap VPS Offers in Frankfurt on Their Custom Panel! (€3.99/Mo for 1GB VPS!)

Tags: , , , , , Date/Time: September 20, 2021 @ 12:00 am, by raindog308

Full Time Hosting Logo

Hello, Full Time Hosting!  This is their first offer on LowEndBox and they’re bringing us a nice set of cheap VPS offers:

  • Get a 512MB VPS with unmetered transfer for €1.5 /Mo + €3 setup fee
  • A 1GB VPS goes for €3.99 /Mo
  • Or get a 2GB VPS for only €6.99 /Mo

These offers are in Frankfurt, Germany.

Full Time Hosting has invested in their business with a fully custom control panel.  No same-old Solus here.  Check out some screen shots below.

Their Terms of Service is available on their web site (Privacy Policy). They accept PayPal, Credit/Debit Cards, Crypto.

Here’s a little about Full Time Hosting in their own words:

“Full Time Hosting (FTH) was founded in 2016. Our main goal is to provide cheap Anti-DDoS GAME servers with 99.9% uptime and we focus on providing the best customer service. Our company is customer-focused and every decision is made keeping our beloved customers in mind. We started off our company as a hobby and we don’t focus on earning “profit” and we like to work at the break-even. Since this was started as a hobby, we re-invest the “surplus” amount to provide the best products and services to our customers.”

Screen shots of their custom VPS control panel:

FullTime Hosting Panel 4 FullTime Hosting Panel 4

FullTime Hosting Panel 3

FullTime Hosting Panel 2

FullTime Hosting Panel 1

Have you been a Full Time Hosting customer? Please share your experience in the comments below.

Now read more to see the offers!

(More…)

Hosterlabs Exits VPS Business

Tags: , , Date/Time: September 19, 2021 @ 8:28 pm, by raindog308

HosterlabsHosterlabs, who has been featured LowEndBox multiple times, has announced they are exiting the VPS market.

LowEndTalk member @brueggus shared a ticket response in which Hosterlabs stated:

“We will not longer be providing virtual servers and support thereof. Please contact us at help@hosterlabs.net to help with refund requests.”

We’ve featured Hosterlabs multiple times on our site.  They had a unique value proposition: part of their profits were donated to charity.

We wish Hosterlabs best wishes in their other services and hope users’ accounts are wrapped up fairly and efficiently.

Get 5 Additional Giveaway Entries from LowEndBoxTV!

Tags: , , , Date/Time: September 19, 2021 @ 12:00 pm, by raindog308

LowEndBoxTVIn our awesome September 2021 giveaway, there are 11 different ways you can earn entries. One of them is to enter secret codes from LowEndBoxTV videos.

All our videos released this month (September 2021) will have a secret code in them. All you have to do is enter that code and you’ll get 5 additional entries in the giveaway!

So be sure to check out our videos on LowEndBoxTV all this month.

Here are some videos that have already been released:

Gleam Secret Entries

Bullet Host is Back with a Sale on Shared, VPS, VPS Reseller, and RDP Services!

Tags: , , , , , , Date/Time: September 19, 2021 @ 12:00 am, by raindog308

Bullet Host Logo

Welcome back, Bullet Host!  We had them on back in March 3, 2021.  Now they’ve returned with a cool across-the-board sale.

  • Cheap shared hosting starting at $3/month or $20/year!
  • Cheap VPS starting at $3/month or $20/year!
  • A cool VPS reseller package (32GB of RAM, 16 cores) for $90/month!
  • Beefy RDP systems starting at $15/month!

We don’t see many VPS reseller offerings so that’s an interesting one.  Looks like a great way to start a VPS company – 32GB of RAM, 16 cores, unlimited transfer (previously 15TB), and 25 IPs to divvy up among your clients.

Bullet Host is registered in Bulgaria (206112702). Their Terms of Service is available on their web site. They accept Bitcoin, Paypal, Credit/Debit cards, and Perfect Money.

Here’s a little about Bullet Host in their own words:

“Hello, Bullethost is back with more discounts and offers on VPS servers for September – November 2021 exclusively for new customers from Lowendbox.com.  Currently we have a sale on VPS servers and VPS reseller cloud accounts, the promo code gives you a 20% Off the price and can be applied only if you haven’t been a customer of bullethost.net before.  The promotion applies only to VPS #1, VPS #2 and VPS Reseller, apply the code “lowendbox20” to take advantage of our sale.  Alternatively you can use the lifetime code “lowendbox10″ for 10% off on any service that Bullethost.net offers except Dedicated Servers.”

The LEB community thrives on reports from our readers about the companies they patronize, so please comment below about your experience with Bullet Host.

Now read more to see the offers!

(More…)

Microsoft Says Passwords are Passé

Tags: , , , , , Date/Time: September 18, 2021 @ 12:00 pm, by raindog308

My PasswordAre passwords a dying breed?

In a blog post published September 15, Microsoft Vice President of Security, Compliance, and Identity Vasu Jakkal entitled “The passwordless future is here for your Microsoft account” (yes, with bad capitalization, just like that), Microsoft announced that you could “completely remove the password from your Microsoft account”.  He continued:

“Use the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email to sign in to your favorite apps and services, such as Microsoft Outlook, Microsoft OneDrive, Microsoft Family Safety, and more. This feature will be rolled out over the coming weeks.”

Amusingly, the Microsoft CISO is quoted as saying “hackers don’t break in, they log in,” which certainly flies in the face of my experience with Microsoft products, but we’ll leave that for another post.

Jakkal’s argument is that either passwords are secure and users can’t remember them, or users can remember them and so they’re insecure.  Apparently he’s unfamiliar with password management apps.

I’ve been hearing that passwords are going the way of the dodo bird since the 1990s…and maybe someday they are, though there have been several biometric hype cycles that have come and gone.  Seems to me two-factor (password plus one of the other options Jakkal mentioned) is the more secure route.  That’s what I do on the cheap VPS systems I run.

(By the way, regarding the art for this post: amazingly, I have the same combination on my luggage!)

 

Easy Operating System Detection with nmap

Tags: , , Date/Time: September 18, 2021 @ 12:00 am, by raindog308

nmapRecently I was doing some discovery at work of some systems we inherited.  I didn’t yet have access but wanted to determine what type of OS was involved so I could coordinate with the proper teams.

You can often guess just by determining what ports are open, but the most efficient tool is the venerable nmap utility.  Using the -O (OS detection) and -sV (check ports to determine service/version info) flags, you get a complete report.

Under the covers, nmap is running through a set of heuristics to determine what OS is most likely, based on what ports are open and unique “fingerprinting” of the device’s IP stack.  nmap maintains a database of over 2,000 IP fingerprints.  Different operating systems will set different values for things like initial TTL, max segment size, window scaling value, etc. and by analyzing packets, nmap can make an educated guess of what kind of OS is running.

It’s not 100% and nmap lacks the ability to say “this is definitely Windows Server 2012 with Service Pack 2 applied” or “this is definitely Debian 9 and not Debian 10” because operating systems in the same family often us the same IP stack.  But it is often an excellent start towards identification.

For example, here is output of a Windows Server which is also running MySQL (all examples in this article have been slightly reformatted in terms of line breaks to fit the site’s theme):

# nmap -O -sV x.x.x.x
Starting Nmap 7.92 ( https://nmap.org ) at 2021-09-17 11:02 PDT
Nmap scan report for x.x.x.x
Host is up (0.22s latency).
Not shown: 994 closed tcp ports (reset)


PORT     STATE SERVICE       VERSION
135/tcp  open  msrpc         Microsoft Windows RPC
139/tcp  open  netbios-ssn   Microsoft Windows netbios-ssn
445/tcp  open  microsoft-ds?
2701/tcp open  cmrcservice   Microsoft Configuration Manager Remote Control service (CmRcService.exe)
3306/tcp open  mysql         MySQL 5.1.60-community-log
3389/tcp open  ms-wbt-server Microsoft Terminal Services

Aggressive OS guesses: Microsoft Windows Server 2016 (93%), 
Microsoft Windows Server 2008 R2 SP1 (92%), Microsoft Windows Server 2012 R2 (91%), 
Microsoft Windows 10 1607 (90%), Microsoft Windows Server 2008 R2 (90%), 
Microsoft Windows Server 2012 (89%), Microsoft Windows Server 2012 or 
Windows Server 2012 R2 (89%), Microsoft Windows Server 2008 R2 or Windows 8 (87%), 
Microsoft Windows Server 2008 R2 SP1 or Windows 8 (87%), Microsoft Windows 7 SP1 (86%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 18 hops
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows

OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 33.77 seconds

Here’s what a Debian 9 server I scanned looks like:

# time nmap -O -sV x.x.x.x
Starting Nmap 7.92 ( https://nmap.org ) at 2021-09-17 14:52 PDT
Nmap scan report for x.x.x.x
Host is up (0.0018s latency).
Not shown: 992 closed tcp ports (reset)
PORT     STATE SERVICE     VERSION
22/tcp   open  ssh         OpenSSH 7.4p1 Debian 10+deb9u7 (protocol 2.0)
25/tcp   open  smtp        Postfix smtpd
80/tcp   open  http        nginx 1.10.3
111/tcp  open  rpcbind     2-4 (RPC #100000)
139/tcp  open  netbios-ssn Samba smbd 3.X - 4.X (workgroup: EXAMPLE)
445/tcp  open  netbios-ssn Samba smbd 3.X - 4.X (workgroup: EXAMPLe)
587/tcp  open  smtp        Postfix smtpd
3306/tcp open  mysql       MySQL 5.5.5-10.1.48-MariaDB-0+deb9u2
MAC Address: MM:MM:MM:MM:MM:MM (Asustek Computer)
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.2 - 4.9
Network Distance: 1 hop
Service Info: Hosts:  example.example.com; OS: Linux; CPE: cpe:/o:linux:linux_kernel


OS and Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 13.52 seconds

And it’s really just that simple.  Next time you have a system on your network but are not sure what it is, try nmap’s OS detection tool to get a pretty good guess.

 

Community News – A RackNerd Review, Sharing Their Recent Accomplishments

RackNerd LogoContinuing on LowEndBox’s community news features, the following piece is something that RackNerd recently sent over to us. Seeing that there are quite a bit of RackNerd customers from the LowEndBox & LowEndTalk community, as well as the fact that they are voted a top provider by the community, we feel that this was an impressive progress update worth reading, no doubt – RackNerd is certainly making lots of noise within the hosting industry lately, and I’d say that’s because of their aggressive growth and accomplishments that they’ve made throughout the years.

If you really take a little bit of time to read and digest every piece of what they’ve done (in a relatively short period of time), it’s easy to see why they’re voted by the community members as the #1 provider and in my opinion, one of the reasons why they’re the most respected. They aren’t afraid to hustle, and I’ve noticed that Dustin and his team are always willing to put in the work to earn and maintain a great reputation from their customers based on the reviews we’re able to see, as well as putting in the work to build their brand and story. We truly believe that a lot of providers can benefit from putting in the small extra effort to participate with your audience here within the LowEndBox and LowEndTalk community, just like RackNerd has been. In fact, we’re always running different initiatives on LowEndBox to help providers gain additional exposure, such as interviews, guest posts, offers, and more. If you are a hosting provider, VPN provider, or similar – we’d like to hear from you! Please feel free to submit a ticket on our helpdesk.

Here is a copy of the guest post we received from Dustin B. Cisneros at RackNerd:

Racknerd Review

(More…)

Older Posts »