[Gllug] network monitoring
Neil Levine
levine at yoyo.org
Tue Feb 19 18:19:01 UTC 2002
On Tue, Feb 19, 2002 at 05:58:21PM -0000, Paul Brazier a ecrit:
> What recommendations do people have for free software for monitoring
> remote servers?
>
> I'm looking at the MRTG webpage ( http://www.mrtg.org ) which looks
> good.
The newer program that has superceded MRTG is rrdtool but its a lot
more complicated to setup as it uses a database backend. MRTG is used
by just about all ISPs I know.
> What I'm after is some thing that can monitor things like bandwidth
> usage etc. and alert me by email if some h4x0rs are using them for ftp
> warez or mail relays or installing rootkits or whatever.
Well MRTG does an SNMP GET and shoves the data into a file. You could
write a script that monitors values in the file if you wanted.
> Hopefully the setup is secure enough that this wouldn't happen in the
> first place but you never know...
> Or just if the server goes down due to power failure or something.
MRTG is mainly used for monitoring interfaces. If you want to monitor
anything else you are better off using the UCD SNMP daemon and using
PERL which has some good modules for it, to write your own scripts.
What might be better is something like NOCOL or Netsaint which are
into boolean values (is this port up or down, can i ping this etc)
which are already designed to mail,sms,page you as necessary.
> Could running a SNMP daemon be a security risk in itself?
Of course, opening up any port is always a security risk. Thats what
IPTABLES was invented for. :-) SNMP has had some very bad press
recently due to bad implementations but its still a great protocol.
Neil
--
------------------------------------------------------------------
Neil Levine http://www.yoyo.org
------------------------------------------------------------------
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list