New Issue - CRM not saving records

elentz · 3 September 2017 19:48

Thanks pgr

I have spent the last 30 minutes tryign to get it to fail, no such luck yet. I won’t have any other users to utilize the system until Tuesday. Maybe then it will rear its head again. Yeah that same system is running Samba but only for sharing an external drive for files. I’ll look into why it thinks it needs to run cups. I will check the drive as you suggest.

elentz · 3 September 2017 20:08

Might have found something. There was a log for btmp that was 247M from yesterday and one for 10M today. I looked through it and found a lot of entries for IPs from China. Google said that log was from brute force attacks on the system on port 22. I checked our firewall and port 22 was forwarded to that system. I closed it. I will check in a few hours to see if the log has grown. The drives were all at 10% or less. Maybe a denial of service kinda thing?

pgr · 3 September 2017 21:26

It’s probably not intended as a denial of service, unless somebody has a reason to hurt your business. Since they’re trying different passwords to SSH into your system, if they can get it they will use it for some money-making purpose, like spamming or spreading viruses, or whatever.

If that attack was very heavy, it could justify your system slowing them, yes.

Make sure you’re not getting this kind of attack:
https://github.com/salesagility/SuiteCRM/issues/3423
I don’t think you are, but check, just in case.

If it’s just an SSH attack, I suggest you install and configure Fail2Ban, and you should be defended against these guys and whoever comes next.

Also consider

manually black-listing some of the guilty IP addresses in your firewall;
moving your SSH to a different port, not 22
making sure your user is not “admin” or “root” or any other known thing. That way attackers would have to guess not only the password, but also the user. If your user is called “dvsfhcrejciwe” they can try one million passwords for “admin”, and they won’t get in

elentz · 3 September 2017 21:46

Normally we would have had Fail2Ban running, for some reason it wasn’t and wouldn’t start. I reinstalled it and it is running now. I also, found several holes in our firewall that office personnel were using to get to the CRM. I have closed ALL ports to that system from outside. I am going to implement a VPN policy with no exceptions. That should help out alot. I will ask the users to report immediately if they have any of those issues again. I won’t get them online until Tuesday because of the holiday.

elentz · 6 September 2017 23:57

I think maybe we found a bug. We have a Lead that is in the system and can be found from the filter in the Lead module but not from the Global search. This happens for random leads. I checked that the LEads module is included in the Global search. I think I found a search he made which resulted in a record not found.

Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][INFO] Query Execution Time:0.00070595741271973
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][INFO] Query:INSERT INTO tracker (monitor_id,user_id,module_name,item_id,item_summary,date_modified,action,session_id,visible ) VALUES ( '65c5b0dc-dbc1-8e69-bdd8-59b06262302b','e9852549-86a3-c788-c257-5908a886f5e0','Leads','a4f2c0e9-4d2c-33ef-4647-5925d0b9097c','Jim Beard','2017-09-06 21:01:13','detailview','gp74d2g1nnlbpnkpvegj7i2ce2','1')
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][INFO] Query Execution Time:0.00099015235900879
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] CSS File yui.css not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create_Lead_Vcard.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][INFO] Query:SELECT parent_id, parent_type FROM favorites WHERE assigned_user_id = 'e9852549-86a3-c788-c257-5908a886f5e0' AND deleted = 0 ORDER BY date_entered DESC
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][INFO] Query Execution Time:0.00059103965759277
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][DEBUG] Limit Query:SELECT item_id, item_summary, module_name, id FROM tracker WHERE id = (SELECT MAX(id) as id FROM tracker WHERE user_id = 'e9852549-86a3-c788-c257-5908a886f5e0' AND deleted = 0 AND visible = 1) Start: 0 count: 50
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][INFO] Query:SELECT item_id, item_summary, module_name, id FROM tracker WHERE id = (SELECT MAX(id) as id FROM tracker WHERE user_id = 'e9852549-86a3-c788-c257-5908a886f5e0' AND deleted = 0 AND visible = 1) LIMIT 0,50
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][INFO] Query Execution Time:0.010293006896973
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][INFO] Query:DELETE FROM tracker where id = '7084'
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][INFO] Query Execution Time:0.00095200538635254
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][INFO] Tracker: retrieving 10 items
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create_Contact_Vcard.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create_Lead_Vcard.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image View_Create_Email_Templates.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image View_Email_Templates.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image View_Diagnostics.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create_Person_Form.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Schedule_Meeting.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Schedule_Call.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Today.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Schedule_Call.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Schedule_Meeting.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image View_Email_Templates.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Create.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image List.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image Resource_Chart.gif not found
Wed Sep  6 17:01:13 2017 [18419][e9852549-86a3-c788-c257-5908a886f5e0][WARN] Image View_Project_Tasks.gif not found

There are alot of entries in not finding images.

pgr · 7 September 2017 08:12

Global search is powered by a totally different engine than normal search. It pre-indexes your records.

Consider doing this:

https://pgorod.github.io/Reindex-AOD/

but if your installation is very big, beware, it might take a LONG time, and slow down your server while indexing.

Make sure you backup first.

elentz · 7 September 2017 12:15

Thanks We will look at reindexing at a quiet time. Is there anything to make with all the .gif files not found?

pgr · 7 September 2017 12:32

You can safely ignore the Gif warnings

https://github.com/salesagility/SuiteCRM/pull/4169