Technical infrastructure checklist

From FreekiWiki
Revision as of 11:27, 24 October 2013 by Vagrant (talk | contribs) (→‎Software and Systems: updated expiration date.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Resources on this list should be checked regularly to see that they are in working order.

During "walkthrough"

Services

italicized text is checked on a per room basis

Software and Systems

  • Check each server up and up-to-date? http://monitor/cgi-bin/nagios3/tac.cgi
    • HINT: A report is also emailed to asswatch every night at midnight. If you want to use the command line, there are three scripts: list_problems (lists everything that has a problem, and what that problem is), down (lists down servers), and needs_upgrading (lists servers that need to be "aptitude dist-upgrade"ed). These scripts live on monitor.
  • web services administration (wiki, todo, dev/svn, dev/projects, mail, www, others...)
    • clarification needed: what part of these services need checking?
    • integrate this with nagios? Ryan will look into what can and needs to be integrated. (any service marked with http seems to get checked by nagios)
  • check if there are any open security announcement tickets.
    • HINT: Search for open RT tickets created by ass-security@our_domain. If you like the command line, then you can use this (mainly self explanatory, just run it) script: ./ass/scripts/security/show_security
  • certificate and gpg key expiration dates
    • check the https (Sep 1st, 2016) and imaps/smtps (Sep 23rd, 2016) ssl certs
      • openssl x509 -noout -text -in /path/to/FOO.crt
    • check apt signing key (expires February 1st, 2015; Update 6 months before expiration)
  • check to see if our mail server(s) have been blacklisted:
  • off-site backups are current
  • on-site backups are current

Servers & Security

  • Security cameras
    • Software set up correctly and running.
    • pointing in correct direction
    • check for old (over two weeks?) unarchived events
    • check for archived events ... then what?
  • visual inspection
    • look for things like bad fans on servers
    • dust/vaccuum servers, switches
    • look dangerous cable tangles, stress/tension on punched-down cables
  • UPS check
    • Tests successfully
    • Balanced load
    • Battery installation within 3 years
  • kill-a-watt monitoring
    • log the current server's kilowatt's for the past cycle
    • move kill-a-watt to new server
  • Look for rogue wireless access points
    • trace all cables connected to:
      • credit card machine network (at least monthly, log in asssvm/docs/logs/credit-card-network)
      • wireless network (is this needed? more we're looking for wireless where it shouldn't be)
    • policy and procedure discussion

Phones

Printers

  • are there paper jams (walk around)
  • are they free of non-standard paper
  • are they all running under [cups]

hubs/switches/networking

  • check network ports around room
  • check for bad fans

Rooms

Meeting Room

  • Projector
  • Network hub (plugged into wall correctly)
  • Phone (plugged in?)

Classroom

  • All terminals
  • Printer
  • networking around room
  • Wireless access point

Reception

  • Printer (toner low? paper?)
  • Terminals and monitors functioning well?

upstairs and downstairs office

  • terminals
  • networking
  • phones

Production

  • Advanced testing
    • lots of networking
    • testers functioning
  • build (+mac +laptop +enterprise)
    • networking
    • terminals and images.

Taken care of by somebody/something else

  • watch all of the asswatch scripts, and makes sure that they are working. (Ryan does this)
  • rootmail cleanup/checkup (Ryan) and current owner of RT#10988
  • check each server is listed in purpose (asswatch)
  • backups working on each server (asswatch)
  • check each server with maintenance notes and script, check rootmail is working (Ryan does this every so often, probably doesn't need to be done often)
  • Are all printers on, ready, and without stalled jobs?? (nagios)
  • mailing list moderation (handled by freegeek moderators)
    • reply to subscription requests to determine sentience
  • Outgoing Phone Message (handled by front desk)