≡ Menu

Suse Linux

Nagios: System and Network Monitoring Book

Nagios is a popular open source computer system and network monitoring application software. You can easily monitor all your hosts, network equipment and services. It can send alert when things go wrong and again when they get better.

The convenience and reliability that monitoring programs offer system administrators is astounding. Whether at home, commuting, or on vacation, admins can continuously monitor their networks, learning of issues long before they become catastrophes.

Nagios, the most popular open source solution for system and network monitoring, is extremely robust, but it's also intensely complex. This eagerly anticipated revision of the highly acclaimed Nagios: System and Network Monitoring, has been updated to address Nagios 3.0 and will help readers take full advantage of the many powerful features of the new version. Ethan Galstad, the main developer of Nagios, called the first edition of Nagios "incredibly detailed." He went on to say, "I don't think I could have gone into that much detail if I wrote a book myself."

Nagios, which runs on Linux and most *nix variants, can be configured to continuously monitor network services such as SMTP, POP3, HTTP, NNTP, SSH, and FTP. It can also supervise host resources (processor load, disk and memory usage, running processes, log files, and so on) and environmental factors, such as temperature and humidity. Readers of Nagios learn how to:

  • Install and configure the Nagios core, all standard plugins, and selected third-party plugins
  • Configure the notification system
  • Program event handlers to take automatic action when trouble occurs
  • Write Perl plugins to customize Nagios for unique system needs
  • Quickly understand Nagios data using graphing and visualization tools
  • Monitor Windows servers, SAP systems, and databases

This dense, all-inclusive guide to Nagios also contains a chapter that highlights the differences between Nagios versions 2 and 3 and gives practical migration and compatibility tips. Nagios, 2nd Edition is a key resource for any system and network administrator and will ease the pain of network monitoring migraines in no time.

Wolfgang Barth has written several books for professional network administrators, including The Firewall Book (Suse Press), Network Analysis (Suse Press), and Backup Solutions with Linux (Open Source Press). He is a professional system administrator with considerable experience using Nagios.

Book Info

  • Title: Nagios: System and Network Monitoring, 2nd Edition
  • Author: Wolfgang Barth
  • Pub Date: October 2008, 720 pp
  • ISBN 9781593271794, $59.95 USD
  • Download free chapter 18: "NagVis" (PDF)
  • Order info: order@oreilly.com // 1-800-998-9938 // 1-707-827-7000
  • Support nixCraft: Order Nagios: System and Network Monitoring from Amazon.

Install Linux on Fujitsu Siemens ESPRIMO E5720

I was trying to install Redhat ( RHEL 5) / CentOS 5 server on a Fujitsu Siemens ESPRIMO E5720 and got problem with the installer.

The base resolution for CentOS / RHEL Linux 5 is 800x600x32, which requires 2MB video memory. In order to boot or install Linux on the Fujitsu Siemens ESPRIMO E5720, set the reserved amount of video RAM to 8MB in BIOS.

You also need to add pci=nommconf parameter to grub.conf boot option file. While installing Linux on Fujitsu Siemens ESPRIMO E5720, you need to type the following at a boot prompt (excluding boot: word itself):
boot: linux pci=nommconf
Once server is installed, edit /etc/grub.conf or /boot/grub/grub.conf and append pci=nommconf at the end of kernel line:

title Red Hat Enterprise Linux Server (2.6.18-128.el5)
	root (hd0,0)
	kernel /vmlinuz-2.6.18-128.el5 ro root=LABEL=/ console=tty0 console=ttyS1,19200n8 pci=nommconf
	initrd /initrd-2.6.18-128.el5.img

There are three ways to open any file under Gnome Linux / UNIX Desktop. gnome-open is the quickest and easiest way to open any file or url. Let us see how to open a pdf file quickly.

Open a File Using Application itself (time consuming)

Click on Application > Select App > File > Open > Select File

Open a File Using Run Application Dialog box

The Run Application dialog gives you access to the command line.
Hit Alt+F2 > Type file name > Enter

Fig.01: Run File / Command Dialog box

Please note that when you run a command in the Run Application dialog, you cannot receive output from the command.

Open a File Using The Command Line

gnome-open will open file using your preferred application. To open a pdf file, enter:
gnome-open file.pdf

Other common usage

Write email:
gnome-open 'mailto:user@example.com'
Open example.com website:
gnome-open example.com
Play mp3s:
gnome-open *.mp3
Open file browser in current directory:
gnome-open .
gnome-open /share/docs/

Put the following alias to speed up operation:
echo 'alias o="gnome-open $@"' >>~/.bashrc
$ o /path/to/file.pdf
$ o theos.in

How do configure preferred application?

Use the Preferred Applications preference tool to specify the applications that
you want the GNOME Desktop to use when the GNOME Desktop starts an application
for you.

Simply click on System > Preferences > Preferred Application

Fig.02: Preferred Applications

Fig.02: Preferred Applications

You can customize the preferences for the Preferred Applications preference tool in the following functional areas.

  1. Web Browser
  2. Mail Reader
  3. Terminal

There is a new growing trend in enterprise, adopt community based distribution such as Ubuntu or CentOS Linux. I can confirm the same. Last month, I helped one my client to move from RHEL 4.x to CentOS and Debian boxes. I also trained their existing staff to work with Debian. This was done to cut the cost and they found that Red Hat support is not worth paying huge money. They were totally dissatisfied with the cost of support services.

Companies are increasingly choosing free community-driven Linux distributions instead of commercial offerings with conventional support options. Several factors are driving this trend, particularly dissatisfaction with the cost of support services from the major distributors. Companies that use and deploy Linux internally increasingly have enough in-house expertise to handle all of their technical needs and no longer have to rely on Red Hat or Novell.

I've client with over 500 RHEL servers. I always found that Google is the best hunting tool for solving Linux related problems. Red Hat staff will always forced to do a sysreport before you moved to 2nd or 3rd level support to get quality support (it may take 2-3 days). So what is the use of support if I had to go though tier 1 each time?

On a bright side, you may wanna use Red Hat or Novell support:

  1. If you like to point fingers at someone else with 24/7
  2. Large Business most likely going to have support option
  3. Red Hat and Novell also help to grow open source software. They pay full-time Linux developers and kernel hackers.
  4. Some kernel bugs and issues can only be fixed by vendor as there is no work around.

Personally, I use Debian and FreeBSD on all my servers. Cyberciti.biz server is powered by RHEL 5.2. I always suggest to have RHEL for all business / mission critical systems.

Read more: Analyst: Ubuntu, community distros ready for the enterprise

Debugging Linux pppd / PPTP VPN Problems

I've already written about setting up PPTP VPN client for proprietary Microsoft Point-to-Point vpn server using Linux pptp client. Learn how to troubleshoot and resolve common PPTP network connection problems.

You need to run pppd in debug mode by passing debug option. The debug option enables connection debugging facilities. If this option is given, pppd will log the contents of all control packets sent or received in a readable form. The packets are logged through syslog with facility daemon and level debug.

Step # 1: Find out location of your debug file, enter:
# grep debug /etc/syslog.conf
Sample output:

*.=debug;\
        news.none;mail.none     -/var/log/debug
#       *.=debug;*.=info;\
        *.=debug;*.=info;\

/var/log/debug is your debug file.
Step # 2: Start pppd with debug option, enter:
# pppd debug call office.vpn
To see debug log, enter:
# tail -f /var/log/debug
Sample output:

Jul 30 16:10:56 vivek-desktop pppd[30951]: using channel 28
Jul 30 16:10:57 vivek-desktop pppd[30951]: sent [LCP ConfReq id=0x1    ]
Jul 30 16:10:58 vivek-desktop pppd[30951]: rcvd [LCP ConfReq id=0x89     ]
Jul 30 16:10:58 vivek-desktop pppd[30951]: sent [LCP ConfAck id=0x89     ]
Jul 30 16:10:58 vivek-desktop pppd[30951]: rcvd [LCP ConfAck id=0x1    ]
Jul 30 16:10:58 vivek-desktop pppd[30951]: sent [LCP EchoReq id=0x0 magic=0xa3123563]
Jul 30 16:10:58 vivek-desktop pppd[30951]: rcvd [CHAP Challenge id=0x1 , name = ""]
Jul 30 16:10:58 vivek-desktop pppd[30951]: sent [CHAP Response id=0x1 <23962ce1340a0315661377969b543b870000000000000000f69db90c5ba79e5207ac61b073af5d732fbd6a605a7740d000>, name = "vivekgite"]
Jul 30 16:10:58 vivek-desktop pppd[30951]: rcvd [LCP EchoRep id=0x0 magic=0x61a31410]
Jul 30 16:11:07 vivek-desktop pppd[30951]: rcvd [CHAP Failure id=0x1 "E=691 R=0 M=Login incorrect"]
Jul 30 16:11:07 vivek-desktop pppd[30951]: sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]
Jul 30 16:11:07 vivek-desktop pppd[30951]: rcvd [LCP TermReq id=0x8a]
Jul 30 16:11:07 vivek-desktop pppd[30951]: sent [LCP TermAck id=0x8a]
Jul 30 16:11:07 vivek-desktop pppd[30951]: rcvd [LCP TermAck id=0x8b]
Jul 30 16:11:07 vivek-desktop pppd[30951]: Script pptp offcie.vpn  --nolaunchpppd finished (pid 30952), status = 0x0

You can see my password or username failed (vpn authentication problem) to authenticate itself against the VPN server. Without debug message I won't able to solve any problem. You can fix chap authentication by editing /etc/ppp/chap-secrets file. See setting up PPTP VPN client tutorial for other debugging techniques.

Mozilla hat issued important security update for Firefox package that that fix various security issues are now available from Mozilla, Red Hat, and other distributions. Mozilla announced Firefox 2.0.0.15 security and stability update available for download. This update has been rated as having critical security impact by the Mozialla. All Mozilla Firefox users should upgrade to this updated package, which contains backported patches that correct many issues.

How do I update FireFox 3.x or 1.5.x or 2.x under Red Hat / CentOS Linux?

Simply type the following command at a shell prompt:
# yum update

How do I update Firefox under Debian / Ububtu Linux?

Open terminal and type the following commands:
$ apt-get update
$ apt-get upgrade

After a standard system upgrade you need to restart Firefox to effect the necessary changes.

Security Issues Details

From the CVE database:
Various flaws were discovered in the browser engine. By tricking a user into opening a malicious web page, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2798, CVE-2008-2799)

Several problems were discovered in the JavaScript engine. If a user were tricked into opening a malicious web page, an attacker could perform cross-site scripting attacks. (CVE-2008-2800) Collin Jackson discovered various flaws in the JavaScript engine which allowed JavaScript to be injected into signed JAR files. If a user were tricked into opening malicious web content, an attacker may be able to execute arbitrary code with the privileges of a different website or link content within the JAR file to an
attacker-controlled JavaScript file. (CVE-2008-2801)

It was discovered that Firefox would allow non-privileged XUL documents to load chrome scripts from the fastload file. This could allow an attacker to execute arbitrary JavaScript code with chrome privileges. (CVE-2008-2802)

A flaw was discovered in Firefox that allowed overwriting trusted objects viaozIJSSubScriptLoader.loadSubScript(). If a user were tricked into opening a malicious web page, an attacker could execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2803)

Claudio Santambrogio discovered a vulnerability in Firefox which could lead to stealing of arbitrary files. If a user were tricked into opening malicious content, an attacker could force the browser into uploading local files to the remote server. (CVE-2008-2805)

Gregory Fleischer discovered a flaw in Java LiveConnect. An attacker could exploit this to bypass the same-origin policy and create arbitrary socket connections to other domains. (CVE-2008-2806) Daniel Glazman found that an improperly encoded .properties file in an add-on can result in uninitialized memory being used. If a user were tricked into installing a malicious add-on, the browser may be able to see data from other programs.(CVE-2008-2807)

Masahiro Yamada discovered that Firefox did not properly sanitize file URLs in directory listings, resulting in files from directory listings being opened in unintended ways or not being able to be
opened by the browser at all. (CVE-2008-2808)

John G. Myers discovered a weakness in the trust model used by Firefox regarding alternate names on self-signed certificates. If a user were tricked into accepting a certificate containing alternate name entries, an attacker could impersonate another server. (CVE-2008-2809)

A flaw was discovered in the way Firefox opened URL files. If a user were tricked into opening a bookmark to a malicious web page, the page could potentially read from local files on the user's computer. (CVE-2008-2810)

A vulnerability was discovered in the block reflow code of Firefox. This vulnerability could be used by an attacker to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. (CVE-2008-2811)

It happens all the time. Sooner or later, every organization may run out of qualified UNIX system administrator / staff because of various issues. As a single admin you may have to do lots of work because other people in accouting, sales, or programmers may not have all the skills required to run servers. Also, I don't trust new people or people with Windows background. I also don't have a time for UNIX admin training for new person.

In short, to avoid overloading yourself, I recommend sudo. It allows you to delegate authority to give certain users or groups of users the ability to run some commands as root or another user while providing an audit trail of the commands and their arguments via a log file. With sudo you don't have to share root password with anybody. Another option is Pluggable Authentication Modules (PAM) under UNIX / Linux. Command tasks such can be delegated via sudo program:

  1. Start / stop / restart common services and configurations, e.g. Jboss, Tomcat, Apache, Mysql etc
  2. Shutdown / reboot server
  3. Backup data to tape
  4. Run other individuate tasks and commands as per requirements and so on.

Once you started to trust their skills sets, grant them more privileges or may be promote them as full time UNIX sys admins.

In totally unrelated news : Bill Gates, retired as chairman. Checkout the hits and misses of his leadership of Microsoft.