Yes, it seems I did not anticipate such traffic and my autoscaling settings did not allow the front end web servers pool to expand big enough. It is times like this I wonder why I switched back to WordPress compared to hosting statically generated content on S3 + Cloud Front :-(. It should be back now, apologies.
Yep, the site already uses a caching plugin (w3TotalCache) and it is configured with memcached at the backend. Unfortunately, even with this the site still makes a couple of DB calls with each page load, but nowhere near as many as without the caching. Maybe I'll shove varnish in front of it too for good measure :joy:
If you're using nginx (haven't checked it) microcaching for a bunch of seconds, let's say five seconds, can solve most of this problems and you don't need to add more components.
I think this would not work because the HonSSH server with the HonSSH user is hosting a proxy service. The user gets dumped into an actual vanilla looking Linux host at the backend.
UIs suck anyway, just make a kick ass API and then for the front end just cobble something together in Bootstrap and use a free starter template. At the end of the day your SaaS product will sell itself on it's features if it has some good USP.
This is a super cool application for this, unfortunately our water meters and stuff in the UK are very basic mechanical devices in most cases still which sucks so none of this fun for me... This does remind me I probably should check out a few other things though, such as ZigBee protocol on my home automation stuff.
The SMETS1 and SMETS2 smart meters that you will be getting soon will have ZigBee.... but secured and tied down so although you will be able to sniff the comms... everything will be encrypted.
...We're far too privacy and security conscious in the UK to allow plaintext personal data go over the airwaves...
Been meaning to look into the smart meters here in the U.K. after having them fitted recently. I had horrible thoughts of it all being clear text, so it's nice to know that no one can snoop on my gas and electric usage. I had assumed they were at least working on the 2.4Ghz frequency as it'd dropped out a few times due to interference with other kit.
All comms are end-to-end encrypted, each meter has unique certifications and keys and the data also tends to be stored encrypted on FLASH.
The certification also requires the standards authorities to view the source and have strict guidelines on security, robustness, sanitisation of data, etc.
> All comms are end-to-end encrypted... The certification also requires ...strict guidelines on security...
So what you're saying is that, in the UK, your water meter and electrical appliances are required to have a higher level of security than your online browsing is allowed to have?
You have to consider tho, that the smart meters don't operate on the public internet, its all on a proprietary WAN (government specified).
There are many, many wacky design decisions regarding the UKs smart metering design but they do at least make an effort regarding security and robustness.
The flashing light on an electric meter (assuming you don't have the really old dial type) flashes once per watt-hour, which can be used for measuring.
Not sure if this is a good idea or not, security by obscurity never really fools anyone in my opinion... Anyway I think that the HonSSH logs are not visible to the attacker, they are on the man in the middle node so hence the hacker doesn't get to see them, for the most part it looks very very similar to a legitimate SSH connection.
I'd agree this probably isn't a great idea,
-- it may attract unnecessary attention which would have not already been there.
If an attack is automated (where it may not consider the hostname at all) it will have no effect.
If it is a targeted attack, the attacker will most likely be well versed in the behaviour of default honeypots. As such if you're machine behaves differently (as it almost always will) the attacker will not be deterred. One example of this includes response time of a failed SSH login -- a HP might reply sub-seconds faster than a real system (especially true in industrial environments).
Really wanted to give this a go but unfortunately when I try and create a server it doesn't do anything, just refreshes to the main dashboard. No error or any other detail is shown. But overall nice idea, would probably use it to provide demos of a script / project for a fixed 2 hour window.
