We have seen this issue a few times; always in association with dedicated servers located in hosted data centers. DreamHost is one example that we’ve seen multiple times.

The issue in these cases has been tracked down to the host provider deploying linux with ‘grsec’ enabled in the kernel.

Is a grsec-enabled linux kernel the root cause of MY problem?

Select an affected server on your RevealCloud Dashboard, then click on Details.

In the System Details panel at the top of the page, notice the OS and OS Release fields.

If the OS is Linux, and the OS Release string contains ‘grsec’, (for example, ‘2.6.32.45-grsec-2.2.2-r3’), then the heightened security provided by the grsec kernel is the cause of your inability to view network traffic details.

Is there a work-around?

Not from CopperEgg. But there may be a solution available from your provider. Here are the facts:

  1. The CopperEgg collector is being denied access to network traffic details (and perhaps other system details) by your host provider, by way of security policies enforced by the grsec kernel.
  2. Your host provider has deployed the grsec patches in an effort to protect your security, and that of all of its customers. Which is a good thing to do!
  3. The CopperEgg collector gathers many details from the operating system, including details about network traffic, in order to provide clear, simple metrics to you to help you understand the performance of your applications and servers. 
  4. Your trust in CopperEgg is very important to us. To that end, our services are also engineered with your security in mind:
    1. the collector does not run as a ‘root’ user; 
    2. the metrics derived from the gathered information are transmitted to CopperEgg over an encrypted link;
    3. the encrypted transmission contains only metadata … not your data;
    4. the collector does not sniff network traffic.

The solution is to discuss this with your host provider. If they understand the problem, and are made aware of the facts above, they may be able to make some tweaks to their security policies. 

We’d love to solve this issue as many of our customers as we can. Let us know how things work out!

Links:

http://en.wikipedia.org/wiki/Grsecurity