Nagios: System and Network Monitoring Book

Posted on in Categories Book Review, Linux, Monitoring, RedHat/Fedora Linux, Suse Linux, Sys admin, Troubleshooting, Ubuntu Linux, UNIX, Windows server last updated October 18, 2008

The convenience and reliability that monitoring programs offer system administrators is astounding. Whether at home, commuting, or on vacation, admins can continuously monitor their networks, learning of issues long before they become catastrophes.

Nagios, the most popular open source solution for system and network monitoring, is extremely robust, but it’s also intensely complex.

Linux / UNIX: Python programming tutorial for system administrators

Posted on in Categories Beyond nixCraft, Howto, Linux, Sys admin, Tips, UNIX last updated September 6, 2007

Generally I use Perl and Shell script for automation or to make system administration easier for me. Python is an interpreted, interactive, object-oriented programming language that combines remarkable power with very clear syntax. Python runs on Windows, Linux/Unix, Mac OS X, OS/2, Amiga, Palm Handhelds, and Nokia mobile phones.

You can easily adopt Python to manage UNIX and Linux systems while incorporating concepts of good program design. Python is an easy-to-learn, open source scripting language that lets system administrators do their job more quickly. It can also make tasks more fun:

As a system administrator, you run across numerous challenges and problems. Managing users, disk space, processes, devices, and backups can cause many system administrators to lose their hair, good humor, or sanity. Shell scripts can help, but they often have frustrating limitations. This is where a full-featured scripting language, such as Python, can turn a tedious task into an easy and, dare I say it, fun one.

The examples in this article demonstrate different Python features that you can put to practical use. If you work through them, you’ll be well on your way to understanding the power of Python.

=> Python for system administrators

Nokia E90 Review (Good for sys admins)

Posted on in Categories Beyond nixCraft, Linux Embedded devices last updated July 26, 2007

I’m still stuck with Blackberry and Nokia 6130, good folks at Osnews has posted a nice review of Nokia E90 business phone:

The E90 is a Communicator-class device and very popular among businessmen, but also among system administrators too (one of our friends, sysadmin at Google, is using Nokia’s qwerty/wifi devices specifically for SSH access). Read on for our review of the impressive E90.

Also checkout Nokia E90 and N95 side by side feature chat. I don’t have any plan to get new phone but I might try out Nokia 800 Internet Tablet PC soon :D.

BTW, do have an iPhone? If you have let me know your experience…

FreeBSD Enable Security Port Auditing to Avoid Vulnerabilities With portaudit

Posted on in Categories FreeBSD, Howto, Security, Sys admin, Tip of the day, Tips last updated September 26, 2005

This is new nifty and long term demanded feature in FreeBSD. A port called portaudit provides a system to check if installed ports are listed in a database of published security vulnerabilities. After installation it will update this security database automatically and include its reports in the output of the daily security run. If you get message like as follows

Vulnerability check disabled, database not found

You need install small port called portaudit. From the man page:

portaudit checks installed packages for known vulnerabilities and generates reports including references to security advisories. Its intended audience is system administrators and individual users. portaudit checks installed packages for known vulnerabilities and generates reports including references to security advisories. Its intended audience is system administrators and individual users.

Install portaudit

1) Install port auditing (login as root)
# cd /usr/ports/ports-mgmt/portaudit
Please note that old portaudit port was located at /usr/ports/security/portaudit/.
2) Install portaudit:
# make install clean
Output:

===>  WARNING: Vulnerability database out of date, checking anyway
===>  Extracting for portaudit-0.5.12
===>  Patching for portaudit-0.5.12
===>  Configuring for portaudit-0.5.12
===>  Building for portaudit-0.5.12
===>  Installing for portaudit-0.5.12
===>   Generating temporary packing list
===>  Checking if ports-mgmt/portaudit already installed
===>   Compressing manual pages for portaudit-0.5.12
===>   Registering installation for portaudit-0.5.12
===>  Cleaning for portaudit-0.5.12

3) Fetch the database so that port auditing get activated immediately. By default it install a shell script ‘portaudit’ in /usr/local/etc/periodic/security/:
# /usr/local/sbin/portaudit -Fda
Output:

auditfile.tbz                                 100% of   47 kB  405 kBps
New database installed.
Database created: Wed Feb 27 06:10:01 CST 2008
0 problem(s) in your installed packages found.

Where,

  • -F: Fetch the current database from the FreeBSD servers.
  • -d: Print the creation date of the database.
  • -a: Print a vulnerability report for all installed packages

4) portaudit script automatically get called via FreeBSD’s periodic (cron job) facility. So your database get updated automatically everyday.

Let us assume you would like to install a port called sudo. If it has known vulnerabilities it will not install sudo:
# cd /usr/ports/security/sudo
# make install clean

===>  sudo-1.6.8.7 has known vulnerabilities:
=> sudo -- local race condition vulnerability.
   Reference: &tt;http://www.FreeBSD.org/ports/portaudit/3bf157fa-
e1c6-11d9-b875-0001020eed82.html>
=> Please update your ports tree and try again.
*** Error code 1

Stop in /usr/ports/security/sudo.

For more information refer portaudit man page:
$ man portaudit