SlideShare ist ein Scribd-Unternehmen logo

Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers With Nagios

Nagios
Nagios

Mike Weber's training class on monitoring Linux mail servers with Nagios. The training session was held during the Nagios World Conference North America held Sept 27-29th, 2011 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna

TechnologieBusiness
1 von 32
Downloaden Sie, um offline zu lesen
Monitoring a Linux Mail Server Mike Weber mweber@spidertools.com]
Various Methods to Monitor Mail Server Public Ports SMTP on Port 25 POPS on Port 995 IMAPS on Port 993 SNMP Amavis on Port 10024 Reinjection Port on 10025 Spamassassin on Port 783 NRPE Virus Signatures Virus Activity Virus Numbers Perl Plugin Email Delivery Verify Read Email Headers Verify Read Headers and Content 2011 2
Various Methods to Monitor Mail Server SSH Amavis on Port 10024 Reinjection Port on 10025 Spamassassin on Port 783 Virus Signatures Virus Activity Virus Numbers Email Delivery Verify Read Email Headers Verify Read Headers and Content 2011 3
Monitor Public Mail Ports SMTP Port 25 Port Status Response Times Graph Response Times IMAPS Port 993 Port Status Response Times Graph Response Times POP3S Port 995 Port Status Response Times Graph Response Times 2011 4
Monitor Email Delivery 2011 5
Monitor Public Mail Ports Port Status – Connection Time define service{         use                           generic­service         hostgroup_name                debian­servers         service_description           Postfix Port         check_command                 check_tcp!25 ­w 03 ­c 05 }define service{         use                           generic­service         hostgroup_name                debian­servers         service_description           Secure IMAPS         check_command                 check_tcp!993 ­w 03 ­c 06 } define service{         use                           generic­service         host_name                     db         service_description           POP3S Port 995         check_command                 check_tcp!995 ­w 03 ­c 06 }   2011 6
Monitor Public Mail Ports 2011 7
Monitoring Content Filter, Reinjection and Spamassassin with SNMP Content Filter Port 10024 Reinjection Port 10025 Spamassassin Port 783 2011 8
Monitoring Content Filter and Reinjection 2011 9
Creating Bash Scripts for SNMP Command Definition define command{         command_name    check_amavis          command_line    $USER1$/check_amavis          }  Service Definition define service{         use                             generic­service          host_name                       mail          service_description             Amavis: Virus Protection          check_command                   check_amavis          } Script Using SNMP #!/bin/bash amavis=$(snmpnetstat ­v 2c 192.168.5.191 ­c public ­Ca | grep 10024 |wc ­l) if (($amavis >= 1 )) then echo "Amavis is Running" stateid=0 else echo "Danger: Amavis is NOT running, no virus protection" stateid=2 fi exit $stateid  2011 10
Creating Bash Scripts for SNMP snmpnetstat ­v 2c 192.168.5.45 ­c public ­Ca  Active Internet (tcp) Connections (including servers) Proto Local Address          Remote Address         (state) tcp   *.ssh                  *.*                   LISTEN tcp   *.smtp                 *.*                   LISTEN tcp   *.pop3                 *.*                   LISTEN tcp   *.sunrpc               *.*                   LISTEN tcp   *.imap                 *.*                   LISTEN tcp   *.imaps                *.*                   LISTEN tcp   *.pop3s                *.*                   LISTEN tcp   *.5666                 *.*                   LISTEN tcp   *.38922                *.*                   LISTEN tcp   localhost.ipp          *.*                   LISTEN tcp   localhost.783          *.*                   LISTEN tcp   localhost.10025        *.*                   LISTEN tcp   192.168.5.45.smtp      192.168.5.4.37932     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.39143     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.44947     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.46752     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.50184     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.55465     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.55674     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.59800     CLOSEWAIT tcp   192.168.5.45.34091     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.34094     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.34095     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.34096     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.34097     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.34098     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.53845     a69­192­195­51.d.httpsCLOSEWAIT 2011 11
Checking Amavis - SNMP Install Script Install any script you want to use in the /usr/local/nagios/libexec with the correct permissions Create Command Whenever you use your own script, you will need to create a command to access the script. Create Check Once the command has been created you will be able to use it for any hosts. 2011 12
Checking Amavis - SNMP 2011 13
Checking Spamassassin - SNMP Install Script Install any script you want to use in the /usr/local/nagios/libexec with the correct permissions Create Command Whenever you use your own script, you will need to create a command to access the script. Create Check Once the command has been created you will be able to use it for any hosts. 2011 14
Checking Spamassassin - SNMP 2011 15
Monitor Virus Activity with NRPE Virus Signatures Quarantine Status Number of Viruses Captured 2011 16
Checking Virus Signatures – NRPE Daemon You will need to install xinetd and make sure you have a file in /etc/xinetd.d called nrpe on  the client and it looks like this: # default: off  # description: NRPE (Nagios Remote Plugin Executor)  service nrpe  {          flags           = REUSE          type            = UNLISTED          port            = 5666          socket_type     = stream          wait            = no          user            = nagios          group           = nagios          server          = /usr/sbin/nrpe          server_args     = ­c /usr/local/nagios/etc/nrpe.cfg ­­inetd          log_on_failure  += USERID          disable         = no          only_from       = 127.0.0.1 192.168.5.50  }  2011 17
Checking Virus Signatures - NRPE define command{ command_name    check_nrpe command_line    $USER1$/check_nrpe ­H $HOSTADDRESS$ ­c $ARG1$ } define service{         use                             generic­service         host_name                       mail         service_description             Virus Signatures         check_command                   check_nrpe!check_signatures         } command[check_signatures]=/usr/local/nagios/libexec/check_signatures Bash shell script  #!/bin/bash dbase=$(tail ­300 /var/log/clamav/clamd.log| grep "Database correctly reloaded"|wc ­l) sigs=$(tail ­300 /var/log/clamav/clamd.log| grep "Database correctly reloaded"| awk ­F( '{print  $2}'|tail ­1) dbdate=$(tail ­300 /var/log/clamav/clamd.log| grep "Database correctly reloaded"| awk ­F' '  '{print $1,$2,$3}'|tail ­1) if [ "$dbase" ­eq 0 ] then echo "Virus Signatures Out of Date" stateid=2 else echo "Virus Database Updated $dbdate with ($sigs" stateid=0 fi exit $stateid 2011 18
Checking Virus Signatures - NRPE 2011 19
Checking Virus Activity - NRPE Command Definition define command{ command_name    check_nrpe command_line    $USER1$/check_nrpe ­H $HOSTADDRESS$ ­c $ARG1$ } Service Definition define service{         use                             generic­service         host_name                       mail         service_description             Quarantine Status         check_command                   check_nrpe!check_virus_activity         } NRPE Command command[check_virus_activity]=/usr/local/nagios/libexec/check_virus_activity Bash Shell Script #!/bin/bash vmail=$(ls /var/virusmails | grep virus|wc -l) echo "Virus Activity $vmail" exit 1 2011 20
Checking Quarantine - NRPE Command Definition define command{ command_name    check_nrpe command_line    $USER1$/check_nrpe ­H $HOSTADDRESS$ ­c $ARG1$ } Service Definition define service{         use                             generic­service         host_name                       mail         service_description             Quarantine Status         check_command                   check_nrpe!check_virusmail         } NRPE Command command[check_virusmail]=/usr/local/nagios/libexec/check_virusmail Bash Shell Script #!/bin/bash vmail=$(ls /var/virusmails | grep virus|wc ­l) vmail_date=$(ls ­l /var/virusmails | grep virus| awk ­F' ' '{print $6,$7,$8}'|tail ­1) if [ "$vmail" ­eq 0 ] then echo "No Viruses in Quarantine" stateid=0 else echo "Viruses Detected!!! Last Virus Captured $vmail_date" stateid=1 fi exit $stateid 2011 21
Monitor Email Delivery – Perl Plugin Delivery Confirmation to INBOX Verify that mail was is deliverable. Delivery Confirmation: Read Header Read mail header to verify delivery. Delivery Confirmation: Read Header/Content Read header and content to verify readability. 2011 22
Checking Mail Delivery 2011 23
Checking Email Delivery Create Command Whenever you use your own script, you will need to create a command to access the script. Create Check This example “hard codes” the check until you know it works, then add arguments. 2011 24
Monitor with SSH Proxy: Secure Communication Amavis -SNMP Reinjection Port -SNMP Spamassassin - SNMP Virus Signatures Quarantine Status Number of Viruses Captured 2011 25
SSH Proxy This wizard monitors the remote host using SSH to execute the plugins and scripts. Download and install the SSH Proxy wizard. Once it is installed select the wizard from the list. 2011 26
SSH Proxy In Step 2 you will need to add an IP Address or fully qualified domain name. You will also need to select the operating system of the machine you will connect up to using SSH. 2011 27
SSH Proxy In Step 2 you will need to add an IP Address or fully qualified domain name. You will also need to select the operating system of the machine you will connect up to using SSH. 2011 28
SSH Proxy 2011 29
SSH Proxy -C "/usr/local/nagios/libexec/check_amavis" 2011 30
SSH Proxy – Creating Keys The key to getting the whole thing to work is setting up the passwordless login ability of the  nagios user.   On the XI box login as the nagios user: su – nagios cd /home/nagios ssh­keygen Use ENTER to select all options as you want to take default locations and you want a password that  is empty(be sure to set up the security requirements listed below). On the host to be monitored follow the same steps.  Then on the XI server, log in as nagios and go  to the ssh directory. su – nagios cd /home/nagios/sssh cp id_rsa.pub nagios_key scp nagios_key nagios@remote_client:/home/nagios/.ssh/nagios_key You copy the public key to a different name, otherwise you will wipe out the public key on the  remote client.  Now log into the remote client as nagios and move to the /home/nagios/.ssh  directory.  Execute these commands: cat nagios_key > authorized_keys chmod 600 authorized_keys ls ­l ­rw­­­­­­­ 1 nagios nagios  394 Sep 14 16:24 authorized_keys ­rw­­­­­­­ 1 nagios nagios 1671 Sep 14 16:18 id_rsa ­rw­r­­r­­ 1 nagios nagios  418 Sep 14 16:18 id_rsa.pub You should now be able to log in to the remote host from Nagios XI without a password. 2011 31
SSH Proxy – Security If you are using the nagios login without a password and with an empty key­phrase, it is important  that you set a firewall rule to only allow connections using SSH from trusted hosts.  Here is an  iptables rule (on a CentOS box) which uses one rule to allow the Nagios XI to use several  different ports.  Notice the rule order is used with this rule being “7” so that you can block all  access after this rule. Firewall iptables ­I RH­Firewall­1­INPUT 7 ­p tcp  ­m state ­­state NEW ­m multiport ­s 192.168.1.1  ­­dports 110,995,993,9202,22 ­j ACCEPT In addition set your tcp_wrappers file in /etc/hosts.allow so that only trusted hosts can get  access to the server using SSH.  Be sure to edit this file carefully so you do not lock yourself  out.  You will also need to edit /etc/hosts.deny to deny everything you do not allow. # hosts.allow   This file describes the names of the hosts which are #               allowed to use the local INET services, as decided #               by the '/usr/sbin/tcpd' server. # ALL:    127.0.0.1 SSHD:   192.168.1.1 SMTP:   ALL POP3:   ALL IMAPS:  ALL  # hosts.deny ALL:   ALL  2011 32

Empfohlen

Introduction to InSpec and 1.0 release update
Introduction to InSpec and 1.0 release updateIntroduction to InSpec and 1.0 release update
Introduction to InSpec and 1.0 release updateAlex Pop
 
2019 Chef InSpec Jumpstart Part 2 of 2
2019 Chef InSpec Jumpstart Part 2 of 22019 Chef InSpec Jumpstart Part 2 of 2
2019 Chef InSpec Jumpstart Part 2 of 2Larry Eichenbaum
 
Continuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierContinuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierCarlos Sanchez
 
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios
 
InSpec Workshop at Velocity London 2018
InSpec Workshop at Velocity London 2018InSpec Workshop at Velocity London 2018
InSpec Workshop at Velocity London 2018Mandi Walls
 
Linux administration ii-parti
Linux administration ii-partiLinux administration ii-parti
Linux administration ii-partiSehla Loussaief Zayen
 
Symfony 4.0 + - Track Technique eZ Roadshow 2019 - PARIS
Symfony 4.0 + - Track Technique eZ Roadshow 2019 - PARISSymfony 4.0 + - Track Technique eZ Roadshow 2019 - PARIS
Symfony 4.0 + - Track Technique eZ Roadshow 2019 - PARISeZ Systems
 
digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...
digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...
digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...digitalSTROM.org
 

Empfohlen

Introduction to InSpec and 1.0 release update
Introduction to InSpec and 1.0 release updateIntroduction to InSpec and 1.0 release update
Introduction to InSpec and 1.0 release updateAlex Pop
 
2019 Chef InSpec Jumpstart Part 2 of 2
2019 Chef InSpec Jumpstart Part 2 of 22019 Chef InSpec Jumpstart Part 2 of 2
2019 Chef InSpec Jumpstart Part 2 of 2Larry Eichenbaum
 
Continuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierContinuous Delivery: The Next Frontier
Continuous Delivery: The Next FrontierCarlos Sanchez
 
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...
Nagios Conference 2014 - Mike Weber - Expanding NRDS Capabilities on Linux Sy...Nagios
 
InSpec Workshop at Velocity London 2018
InSpec Workshop at Velocity London 2018InSpec Workshop at Velocity London 2018
InSpec Workshop at Velocity London 2018Mandi Walls
 
Linux administration ii-parti
Linux administration ii-partiLinux administration ii-parti
Linux administration ii-partiSehla Loussaief Zayen
 
Symfony 4.0 + - Track Technique eZ Roadshow 2019 - PARIS
Symfony 4.0 + - Track Technique eZ Roadshow 2019 - PARISSymfony 4.0 + - Track Technique eZ Roadshow 2019 - PARIS
Symfony 4.0 + - Track Technique eZ Roadshow 2019 - PARISeZ Systems
 
digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...
digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...
digitalSTROM Developer Day 2011: Wie Heimelektronik und digitalSTROM zusammen...digitalSTROM.org
 
Docker Runtime Security
Docker Runtime SecurityDocker Runtime Security
Docker Runtime SecuritySysdig
 
Security and dev ops for high velocity organizations
Security and dev ops for high velocity organizationsSecurity and dev ops for high velocity organizations
Security and dev ops for high velocity organizationsChef
 
NAS Botnet Revealed - Mining Bitcoin
NAS Botnet Revealed - Mining Bitcoin NAS Botnet Revealed - Mining Bitcoin
NAS Botnet Revealed - Mining Bitcoin Davide Cioccia
 
當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)
當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)
當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)Ruoshi Ling
 
Check Your Privilege (Escalation)
Check Your Privilege (Escalation) Check Your Privilege (Escalation)
Check Your Privilege (Escalation) Bishop Fox
 
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru OtsukaTake a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru OtsukaCODE BLUE
 
Lessons from running potentially malicious code inside Docker containers
Lessons from running potentially malicious code inside Docker containersLessons from running potentially malicious code inside Docker containers
Lessons from running potentially malicious code inside Docker containersBen Hall
 
Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Ben Hall
 
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04Instalasi Network Monitoring System (Nagios) Ubuntu 12.04
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04Febi Gelar Ramadhan
 
Lessons from running potentially malicious code inside containers
Lessons from running potentially malicious code inside containersLessons from running potentially malicious code inside containers
Lessons from running potentially malicious code inside containersBen Hall
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]RootedCON
 
Ubuntu安装SVN总结
Ubuntu安装SVN总结Ubuntu安装SVN总结
Ubuntu安装SVN总结wensheng wei
 
Running Docker in Development & Production (DevSum 2015)
Running Docker in Development & Production (DevSum 2015)Running Docker in Development & Production (DevSum 2015)
Running Docker in Development & Production (DevSum 2015)Ben Hall
 
Hyperledger composer
Hyperledger composerHyperledger composer
Hyperledger composerwonyong hwang
 
Real World Lessons on the Pain Points of Node.js Applications
Real World Lessons on the Pain Points of Node.js ApplicationsReal World Lessons on the Pain Points of Node.js Applications
Real World Lessons on the Pain Points of Node.js ApplicationsBen Hall
 
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David ShawBeginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David ShawRedspin, Inc.
 
Speech for Windows Phone 8
Speech for Windows Phone 8Speech for Windows Phone 8
Speech for Windows Phone 8Marco Massarelli
 
Real World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionReal World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionBen Hall
 
Continuous Security
Continuous SecurityContinuous Security
Continuous SecuritySysdig
 
Be Mean to Your Code
Be Mean to Your CodeBe Mean to Your Code
Be Mean to Your CodeJames Wickett
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slidesDocker, Inc.
 

Weitere ähnliche Inhalte

Was ist angesagt?

Docker Runtime Security
Docker Runtime SecurityDocker Runtime Security
Docker Runtime SecuritySysdig
 
Security and dev ops for high velocity organizations
Security and dev ops for high velocity organizationsSecurity and dev ops for high velocity organizations
Security and dev ops for high velocity organizationsChef
 
NAS Botnet Revealed - Mining Bitcoin
NAS Botnet Revealed - Mining Bitcoin NAS Botnet Revealed - Mining Bitcoin
NAS Botnet Revealed - Mining Bitcoin Davide Cioccia
 
當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)
當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)
當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)Ruoshi Ling
 
Check Your Privilege (Escalation)
Check Your Privilege (Escalation) Check Your Privilege (Escalation)
Check Your Privilege (Escalation) Bishop Fox
 
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru OtsukaTake a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru OtsukaCODE BLUE
 
Lessons from running potentially malicious code inside Docker containers
Lessons from running potentially malicious code inside Docker containersLessons from running potentially malicious code inside Docker containers
Lessons from running potentially malicious code inside Docker containersBen Hall
 
Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Ben Hall
 
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04Instalasi Network Monitoring System (Nagios) Ubuntu 12.04
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04Febi Gelar Ramadhan
 
Lessons from running potentially malicious code inside containers
Lessons from running potentially malicious code inside containersLessons from running potentially malicious code inside containers
Lessons from running potentially malicious code inside containersBen Hall
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices Nebulaworks
 
Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]RootedCON
 
Ubuntu安装SVN总结
Ubuntu安装SVN总结Ubuntu安装SVN总结
Ubuntu安装SVN总结wensheng wei
 
Running Docker in Development & Production (DevSum 2015)
Running Docker in Development & Production (DevSum 2015)Running Docker in Development & Production (DevSum 2015)
Running Docker in Development & Production (DevSum 2015)Ben Hall
 
Hyperledger composer
Hyperledger composerHyperledger composer
Hyperledger composerwonyong hwang
 
Real World Lessons on the Pain Points of Node.js Applications
Real World Lessons on the Pain Points of Node.js ApplicationsReal World Lessons on the Pain Points of Node.js Applications
Real World Lessons on the Pain Points of Node.js ApplicationsBen Hall
 
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David ShawBeginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David ShawRedspin, Inc.
 
Speech for Windows Phone 8
Speech for Windows Phone 8Speech for Windows Phone 8
Speech for Windows Phone 8Marco Massarelli
 
Real World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionReal World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionBen Hall
 
Continuous Security
Continuous SecurityContinuous Security
Continuous SecuritySysdig
 

Was ist angesagt? (20)

Docker Runtime Security
Docker Runtime SecurityDocker Runtime Security
Docker Runtime Security
 
Security and dev ops for high velocity organizations
Security and dev ops for high velocity organizationsSecurity and dev ops for high velocity organizations
Security and dev ops for high velocity organizations
 
NAS Botnet Revealed - Mining Bitcoin
NAS Botnet Revealed - Mining Bitcoin NAS Botnet Revealed - Mining Bitcoin
NAS Botnet Revealed - Mining Bitcoin
 
當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)
當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)
當專案漸趕,當遷移也不再那麼難 (Ship Your Projects with Docker EcoSystem)
 
Check Your Privilege (Escalation)
Check Your Privilege (Escalation) Check Your Privilege (Escalation)
Check Your Privilege (Escalation)
 
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru OtsukaTake a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
Take a Jailbreak -Stunning Guards for iOS Jailbreak- by Kaoru Otsuka
 
Lessons from running potentially malicious code inside Docker containers
Lessons from running potentially malicious code inside Docker containersLessons from running potentially malicious code inside Docker containers
Lessons from running potentially malicious code inside Docker containers
 
Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)Running Docker in Development & Production (#ndcoslo 2015)
Running Docker in Development & Production (#ndcoslo 2015)
 
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04Instalasi Network Monitoring System (Nagios) Ubuntu 12.04
Instalasi Network Monitoring System (Nagios) Ubuntu 12.04
 
Lessons from running potentially malicious code inside containers
Lessons from running potentially malicious code inside containersLessons from running potentially malicious code inside containers
Lessons from running potentially malicious code inside containers
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices A Hands-on Introduction on Terraform Best Concepts and Best Practices
A Hands-on Introduction on Terraform Best Concepts and Best Practices
 
Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]Hernan Ochoa - WCE Internals [RootedCON 2011]
Hernan Ochoa - WCE Internals [RootedCON 2011]
 
Ubuntu安装SVN总结
Ubuntu安装SVN总结Ubuntu安装SVN总结
Ubuntu安装SVN总结
 
Running Docker in Development & Production (DevSum 2015)
Running Docker in Development & Production (DevSum 2015)Running Docker in Development & Production (DevSum 2015)
Running Docker in Development & Production (DevSum 2015)
 
Hyperledger composer
Hyperledger composerHyperledger composer
Hyperledger composer
 
Real World Lessons on the Pain Points of Node.js Applications
Real World Lessons on the Pain Points of Node.js ApplicationsReal World Lessons on the Pain Points of Node.js Applications
Real World Lessons on the Pain Points of Node.js Applications
 
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David ShawBeginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
Beginner's Guide to the nmap Scripting Engine - Redspin Engineer, David Shaw
 
Speech for Windows Phone 8
Speech for Windows Phone 8Speech for Windows Phone 8
Speech for Windows Phone 8
 
Real World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and ProductionReal World Experience of Running Docker in Development and Production
Real World Experience of Running Docker in Development and Production
 
Continuous Security
Continuous SecurityContinuous Security
Continuous Security
 

Ähnlich wie Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers With Nagios

Be Mean to Your Code
Be Mean to Your CodeBe Mean to Your Code
Be Mean to Your CodeJames Wickett
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slidesDocker, Inc.
 
BuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec WorkshopBuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec WorkshopMandi Walls
 
Compliance as Code: Velocity with Security - Fraser Pollock, Chef
Compliance as Code: Velocity with Security - Fraser Pollock, ChefCompliance as Code: Velocity with Security - Fraser Pollock, Chef
Compliance as Code: Velocity with Security - Fraser Pollock, ChefAlert Logic
 
5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Mano5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Manovideos
 
Lab Zero Lunchdown: Deploying Elixir and Phoenix Applications
Lab Zero Lunchdown: Deploying Elixir and Phoenix ApplicationsLab Zero Lunchdown: Deploying Elixir and Phoenix Applications
Lab Zero Lunchdown: Deploying Elixir and Phoenix Applicationsbrien_wankel
 
Nagios Conference 2012 - Mike Weber - NRPE
Nagios Conference 2012 - Mike Weber - NRPENagios Conference 2012 - Mike Weber - NRPE
Nagios Conference 2012 - Mike Weber - NRPENagios
 
Automating Compliance with InSpec - Chef Singapore Meetup
Automating Compliance with InSpec - Chef Singapore MeetupAutomating Compliance with InSpec - Chef Singapore Meetup
Automating Compliance with InSpec - Chef Singapore MeetupMatt Ray
 
Ingite Slides for InSpec
Ingite Slides for InSpecIngite Slides for InSpec
Ingite Slides for InSpecMandi Walls
 
A Docker-based Development Environment Even I Can Understand
A Docker-based Development Environment Even I Can UnderstandA Docker-based Development Environment Even I Can Understand
A Docker-based Development Environment Even I Can UnderstandJeremy Gimbel
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy Systemadrian_nye
 
Linecook - A Chef Alternative
Linecook - A Chef AlternativeLinecook - A Chef Alternative
Linecook - A Chef Alternativethinkerbot
 
Pythonic Deployment with Fabric 0.9
Pythonic Deployment with Fabric 0.9Pythonic Deployment with Fabric 0.9
Pythonic Deployment with Fabric 0.9Corey Oordt
 
Workshop Consul .- Service Discovery & Failure Detection
Workshop Consul .- Service Discovery & Failure DetectionWorkshop Consul .- Service Discovery & Failure Detection
Workshop Consul .- Service Discovery & Failure DetectionVincent Composieux
 
Python Hashlib & A True Story of One Bug
Python Hashlib & A True Story of One BugPython Hashlib & A True Story of One Bug
Python Hashlib & A True Story of One Bugdelimitry
 
40 Methods for Privilege Escalation Part 1
40 Methods for Privilege Escalation Part 140 Methods for Privilege Escalation Part 1
40 Methods for Privilege Escalation Part 1Hadess
 

Ähnlich wie Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers With Nagios (20)

Be Mean to Your Code
Be Mean to Your CodeBe Mean to Your Code
Be Mean to Your Code
 
Docker Security workshop slides
Docker Security workshop slidesDocker Security workshop slides
Docker Security workshop slides
 
Pentest and Security Discussion
Pentest and Security DiscussionPentest and Security Discussion
Pentest and Security Discussion
 
BuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec WorkshopBuildStuff.LT 2018 InSpec Workshop
BuildStuff.LT 2018 InSpec Workshop
 
Compliance as Code: Velocity with Security - Fraser Pollock, Chef
Compliance as Code: Velocity with Security - Fraser Pollock, ChefCompliance as Code: Velocity with Security - Fraser Pollock, Chef
Compliance as Code: Velocity with Security - Fraser Pollock, Chef
 
5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Mano5. hands on - building local development environment with Open Mano
5. hands on - building local development environment with Open Mano
 
Testing Terraform
Testing TerraformTesting Terraform
Testing Terraform
 
New Virtualization Technologies
New Virtualization TechnologiesNew Virtualization Technologies
New Virtualization Technologies
 
Lab Zero Lunchdown: Deploying Elixir and Phoenix Applications
Lab Zero Lunchdown: Deploying Elixir and Phoenix ApplicationsLab Zero Lunchdown: Deploying Elixir and Phoenix Applications
Lab Zero Lunchdown: Deploying Elixir and Phoenix Applications
 
Nagios Conference 2012 - Mike Weber - NRPE
Nagios Conference 2012 - Mike Weber - NRPENagios Conference 2012 - Mike Weber - NRPE
Nagios Conference 2012 - Mike Weber - NRPE
 
Automating Compliance with InSpec - Chef Singapore Meetup
Automating Compliance with InSpec - Chef Singapore MeetupAutomating Compliance with InSpec - Chef Singapore Meetup
Automating Compliance with InSpec - Chef Singapore Meetup
 
Ingite Slides for InSpec
Ingite Slides for InSpecIngite Slides for InSpec
Ingite Slides for InSpec
 
A Docker-based Development Environment Even I Can Understand
A Docker-based Development Environment Even I Can UnderstandA Docker-based Development Environment Even I Can Understand
A Docker-based Development Environment Even I Can Understand
 
Presentación1
Presentación1Presentación1
Presentación1
 
A Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy SystemA Fabric/Puppet Build/Deploy System
A Fabric/Puppet Build/Deploy System
 
Linecook - A Chef Alternative
Linecook - A Chef AlternativeLinecook - A Chef Alternative
Linecook - A Chef Alternative
 
Pythonic Deployment with Fabric 0.9
Pythonic Deployment with Fabric 0.9Pythonic Deployment with Fabric 0.9
Pythonic Deployment with Fabric 0.9
 
Workshop Consul .- Service Discovery & Failure Detection
Workshop Consul .- Service Discovery & Failure DetectionWorkshop Consul .- Service Discovery & Failure Detection
Workshop Consul .- Service Discovery & Failure Detection
 
Python Hashlib & A True Story of One Bug
Python Hashlib & A True Story of One BugPython Hashlib & A True Story of One Bug
Python Hashlib & A True Story of One Bug
 
40 Methods for Privilege Escalation Part 1
40 Methods for Privilege Escalation Part 140 Methods for Privilege Escalation Part 1
40 Methods for Privilege Escalation Part 1
 

Mehr von Nagios

Nagios XI Best Practices
Nagios XI Best PracticesNagios XI Best Practices
Nagios XI Best PracticesNagios
 
Jesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture OverviewJesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture OverviewNagios
 
Trevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodTrevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodNagios
 
Sean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient NotificationsSean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient NotificationsNagios
 
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise EditionMarcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise EditionNagios
 
Janice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios PluginsJanice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios PluginsNagios
 
Dave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceDave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceNagios
 
Mike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service ChecksMike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service ChecksNagios
 
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationMike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationNagios
 
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...Nagios
 
Matt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With NagiosMatt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With NagiosNagios
 
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.Nagios
 
Eric Loyd - Fractal Nagios
Eric Loyd - Fractal NagiosEric Loyd - Fractal Nagios
Eric Loyd - Fractal NagiosNagios
 
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Nagios
 
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...Nagios
 
Nagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson OpeningNagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson OpeningNagios
 
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNagios
 
Nagios Log Server - Features
Nagios Log Server - FeaturesNagios Log Server - Features
Nagios Log Server - FeaturesNagios
 
Nagios Network Analyzer - Features
Nagios Network Analyzer - FeaturesNagios Network Analyzer - Features
Nagios Network Analyzer - FeaturesNagios
 
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing NagiosNagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing NagiosNagios
 

Mehr von Nagios (20)

Nagios XI Best Practices
Nagios XI Best PracticesNagios XI Best Practices
Nagios XI Best Practices
 
Jesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture OverviewJesse Olson - Nagios Log Server Architecture Overview
Jesse Olson - Nagios Log Server Architecture Overview
 
Trevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The HoodTrevor McDonald - Nagios XI Under The Hood
Trevor McDonald - Nagios XI Under The Hood
 
Sean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient NotificationsSean Falzon - Nagios - Resilient Notifications
Sean Falzon - Nagios - Resilient Notifications
 
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise EditionMarcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
Marcus Rochelle - Landis+Gyr - Monitoring with Nagios Enterprise Edition
 
Janice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios PluginsJanice Singh - Writing Custom Nagios Plugins
Janice Singh - Writing Custom Nagios Plugins
 
Dave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical ExperienceDave Williams - Nagios Log Server - Practical Experience
Dave Williams - Nagios Log Server - Practical Experience
 
Mike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service ChecksMike Weber - Nagios and Group Deployment of Service Checks
Mike Weber - Nagios and Group Deployment of Service Checks
 
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios InstallationMike Guthrie - Revamping Your 10 Year Old Nagios Installation
Mike Guthrie - Revamping Your 10 Year Old Nagios Installation
 
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
Bryan Heden - Agile Networks - Using Nagios XI as the platform for Monitoring...
 
Matt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With NagiosMatt Bruzek - Monitoring Your Public Cloud With Nagios
Matt Bruzek - Monitoring Your Public Cloud With Nagios
 
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
Lee Myers - What To Do When Nagios Notification Don't Meet Your Needs.
 
Eric Loyd - Fractal Nagios
Eric Loyd - Fractal NagiosEric Loyd - Fractal Nagios
Eric Loyd - Fractal Nagios
 
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
Marcelo Perazolo, Lead Software Architect, IBM Corporation - Monitoring a Pow...
 
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
Thomas Schmainda - Tracking Boeing Satellites With Nagios - Nagios World Conf...
 
Nagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson OpeningNagios World Conference 2015 - Scott Wilkerson Opening
Nagios World Conference 2015 - Scott Wilkerson Opening
 
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios CoreNrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
Nrpe - Nagios Remote Plugin Executor. NRPE plugin for Nagios Core
 
Nagios Log Server - Features
Nagios Log Server - FeaturesNagios Log Server - Features
Nagios Log Server - Features
 
Nagios Network Analyzer - Features
Nagios Network Analyzer - FeaturesNagios Network Analyzer - Features
Nagios Network Analyzer - Features
 
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing NagiosNagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
Nagios Conference 2014 - Dorance Martinez Cortes - Customizing Nagios
 

Kürzlich hochgeladen

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 

Kürzlich hochgeladen (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 

Nagios Conference 2011 - Mike Weber - Training: Monitoring Linux Mail Servers With Nagios

  • 1. Monitoring a Linux Mail Server Mike Weber mweber@spidertools.com]
  • 2. Various Methods to Monitor Mail Server Public Ports SMTP on Port 25 POPS on Port 995 IMAPS on Port 993 SNMP Amavis on Port 10024 Reinjection Port on 10025 Spamassassin on Port 783 NRPE Virus Signatures Virus Activity Virus Numbers Perl Plugin Email Delivery Verify Read Email Headers Verify Read Headers and Content 2011 2
  • 3. Various Methods to Monitor Mail Server SSH Amavis on Port 10024 Reinjection Port on 10025 Spamassassin on Port 783 Virus Signatures Virus Activity Virus Numbers Email Delivery Verify Read Email Headers Verify Read Headers and Content 2011 3
  • 4. Monitor Public Mail Ports SMTP Port 25 Port Status Response Times Graph Response Times IMAPS Port 993 Port Status Response Times Graph Response Times POP3S Port 995 Port Status Response Times Graph Response Times 2011 4
  • 6. Monitor Public Mail Ports Port Status – Connection Time define service{         use                           generic­service         hostgroup_name                debian­servers         service_description           Postfix Port         check_command                 check_tcp!25 ­w 03 ­c 05 }define service{         use                           generic­service         hostgroup_name                debian­servers         service_description           Secure IMAPS         check_command                 check_tcp!993 ­w 03 ­c 06 } define service{         use                           generic­service         host_name                     db         service_description           POP3S Port 995         check_command                 check_tcp!995 ­w 03 ­c 06 }   2011 6
  • 7. Monitor Public Mail Ports 2011 7
  • 8. Monitoring Content Filter, Reinjection and Spamassassin with SNMP Content Filter Port 10024 Reinjection Port 10025 Spamassassin Port 783 2011 8
  • 9. Monitoring Content Filter and Reinjection 2011 9
  • 10. Creating Bash Scripts for SNMP Command Definition define command{         command_name    check_amavis          command_line    $USER1$/check_amavis          }  Service Definition define service{         use                             generic­service          host_name                       mail          service_description             Amavis: Virus Protection          check_command                   check_amavis          } Script Using SNMP #!/bin/bash amavis=$(snmpnetstat ­v 2c 192.168.5.191 ­c public ­Ca | grep 10024 |wc ­l) if (($amavis >= 1 )) then echo "Amavis is Running" stateid=0 else echo "Danger: Amavis is NOT running, no virus protection" stateid=2 fi exit $stateid  2011 10
  • 11. Creating Bash Scripts for SNMP snmpnetstat ­v 2c 192.168.5.45 ­c public ­Ca  Active Internet (tcp) Connections (including servers) Proto Local Address          Remote Address         (state) tcp   *.ssh                  *.*                   LISTEN tcp   *.smtp                 *.*                   LISTEN tcp   *.pop3                 *.*                   LISTEN tcp   *.sunrpc               *.*                   LISTEN tcp   *.imap                 *.*                   LISTEN tcp   *.imaps                *.*                   LISTEN tcp   *.pop3s                *.*                   LISTEN tcp   *.5666                 *.*                   LISTEN tcp   *.38922                *.*                   LISTEN tcp   localhost.ipp          *.*                   LISTEN tcp   localhost.783          *.*                   LISTEN tcp   localhost.10025        *.*                   LISTEN tcp   192.168.5.45.smtp      192.168.5.4.37932     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.39143     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.44947     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.46752     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.50184     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.55465     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.55674     CLOSEWAIT tcp   192.168.5.45.smtp      192.168.5.4.59800     CLOSEWAIT tcp   192.168.5.45.34091     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.34094     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.34095     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.34096     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.34097     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.34098     192.168.5.4.http      TIMEWAIT tcp   192.168.5.45.53845     a69­192­195­51.d.httpsCLOSEWAIT 2011 11
  • 12. Checking Amavis - SNMP Install Script Install any script you want to use in the /usr/local/nagios/libexec with the correct permissions Create Command Whenever you use your own script, you will need to create a command to access the script. Create Check Once the command has been created you will be able to use it for any hosts. 2011 12
  • 13. Checking Amavis - SNMP 2011 13
  • 14. Checking Spamassassin - SNMP Install Script Install any script you want to use in the /usr/local/nagios/libexec with the correct permissions Create Command Whenever you use your own script, you will need to create a command to access the script. Create Check Once the command has been created you will be able to use it for any hosts. 2011 14
  • 15. Checking Spamassassin - SNMP 2011 15
  • 16. Monitor Virus Activity with NRPE Virus Signatures Quarantine Status Number of Viruses Captured 2011 16
  • 17. Checking Virus Signatures – NRPE Daemon You will need to install xinetd and make sure you have a file in /etc/xinetd.d called nrpe on  the client and it looks like this: # default: off  # description: NRPE (Nagios Remote Plugin Executor)  service nrpe  {          flags           = REUSE          type            = UNLISTED          port            = 5666          socket_type     = stream          wait            = no          user            = nagios          group           = nagios          server          = /usr/sbin/nrpe          server_args     = ­c /usr/local/nagios/etc/nrpe.cfg ­­inetd          log_on_failure  += USERID          disable         = no          only_from       = 127.0.0.1 192.168.5.50  }  2011 17
  • 18. Checking Virus Signatures - NRPE define command{ command_name    check_nrpe command_line    $USER1$/check_nrpe ­H $HOSTADDRESS$ ­c $ARG1$ } define service{         use                             generic­service         host_name                       mail         service_description             Virus Signatures         check_command                   check_nrpe!check_signatures         } command[check_signatures]=/usr/local/nagios/libexec/check_signatures Bash shell script  #!/bin/bash dbase=$(tail ­300 /var/log/clamav/clamd.log| grep "Database correctly reloaded"|wc ­l) sigs=$(tail ­300 /var/log/clamav/clamd.log| grep "Database correctly reloaded"| awk ­F( '{print  $2}'|tail ­1) dbdate=$(tail ­300 /var/log/clamav/clamd.log| grep "Database correctly reloaded"| awk ­F' '  '{print $1,$2,$3}'|tail ­1) if [ "$dbase" ­eq 0 ] then echo "Virus Signatures Out of Date" stateid=2 else echo "Virus Database Updated $dbdate with ($sigs" stateid=0 fi exit $stateid 2011 18
  • 19. Checking Virus Signatures - NRPE 2011 19
  • 20. Checking Virus Activity - NRPE Command Definition define command{ command_name    check_nrpe command_line    $USER1$/check_nrpe ­H $HOSTADDRESS$ ­c $ARG1$ } Service Definition define service{         use                             generic­service         host_name                       mail         service_description             Quarantine Status         check_command                   check_nrpe!check_virus_activity         } NRPE Command command[check_virus_activity]=/usr/local/nagios/libexec/check_virus_activity Bash Shell Script #!/bin/bash vmail=$(ls /var/virusmails | grep virus|wc -l) echo "Virus Activity $vmail" exit 1 2011 20
  • 21. Checking Quarantine - NRPE Command Definition define command{ command_name    check_nrpe command_line    $USER1$/check_nrpe ­H $HOSTADDRESS$ ­c $ARG1$ } Service Definition define service{         use                             generic­service         host_name                       mail         service_description             Quarantine Status         check_command                   check_nrpe!check_virusmail         } NRPE Command command[check_virusmail]=/usr/local/nagios/libexec/check_virusmail Bash Shell Script #!/bin/bash vmail=$(ls /var/virusmails | grep virus|wc ­l) vmail_date=$(ls ­l /var/virusmails | grep virus| awk ­F' ' '{print $6,$7,$8}'|tail ­1) if [ "$vmail" ­eq 0 ] then echo "No Viruses in Quarantine" stateid=0 else echo "Viruses Detected!!! Last Virus Captured $vmail_date" stateid=1 fi exit $stateid 2011 21
  • 22. Monitor Email Delivery – Perl Plugin Delivery Confirmation to INBOX Verify that mail was is deliverable. Delivery Confirmation: Read Header Read mail header to verify delivery. Delivery Confirmation: Read Header/Content Read header and content to verify readability. 2011 22
  • 24. Checking Email Delivery Create Command Whenever you use your own script, you will need to create a command to access the script. Create Check This example “hard codes” the check until you know it works, then add arguments. 2011 24
  • 25. Monitor with SSH Proxy: Secure Communication Amavis -SNMP Reinjection Port -SNMP Spamassassin - SNMP Virus Signatures Quarantine Status Number of Viruses Captured 2011 25
  • 26. SSH Proxy This wizard monitors the remote host using SSH to execute the plugins and scripts. Download and install the SSH Proxy wizard. Once it is installed select the wizard from the list. 2011 26
  • 27. SSH Proxy In Step 2 you will need to add an IP Address or fully qualified domain name. You will also need to select the operating system of the machine you will connect up to using SSH. 2011 27
  • 28. SSH Proxy In Step 2 you will need to add an IP Address or fully qualified domain name. You will also need to select the operating system of the machine you will connect up to using SSH. 2011 28
  • 29. SSH Proxy 2011 29
  • 30. SSH Proxy -C "/usr/local/nagios/libexec/check_amavis" 2011 30
  • 31. SSH Proxy – Creating Keys The key to getting the whole thing to work is setting up the passwordless login ability of the  nagios user.   On the XI box login as the nagios user: su – nagios cd /home/nagios ssh­keygen Use ENTER to select all options as you want to take default locations and you want a password that  is empty(be sure to set up the security requirements listed below). On the host to be monitored follow the same steps.  Then on the XI server, log in as nagios and go  to the ssh directory. su – nagios cd /home/nagios/sssh cp id_rsa.pub nagios_key scp nagios_key nagios@remote_client:/home/nagios/.ssh/nagios_key You copy the public key to a different name, otherwise you will wipe out the public key on the  remote client.  Now log into the remote client as nagios and move to the /home/nagios/.ssh  directory.  Execute these commands: cat nagios_key > authorized_keys chmod 600 authorized_keys ls ­l ­rw­­­­­­­ 1 nagios nagios  394 Sep 14 16:24 authorized_keys ­rw­­­­­­­ 1 nagios nagios 1671 Sep 14 16:18 id_rsa ­rw­r­­r­­ 1 nagios nagios  418 Sep 14 16:18 id_rsa.pub You should now be able to log in to the remote host from Nagios XI without a password. 2011 31
  • 32. SSH Proxy – Security If you are using the nagios login without a password and with an empty key­phrase, it is important  that you set a firewall rule to only allow connections using SSH from trusted hosts.  Here is an  iptables rule (on a CentOS box) which uses one rule to allow the Nagios XI to use several  different ports.  Notice the rule order is used with this rule being “7” so that you can block all  access after this rule. Firewall iptables ­I RH­Firewall­1­INPUT 7 ­p tcp  ­m state ­­state NEW ­m multiport ­s 192.168.1.1  ­­dports 110,995,993,9202,22 ­j ACCEPT In addition set your tcp_wrappers file in /etc/hosts.allow so that only trusted hosts can get  access to the server using SSH.  Be sure to edit this file carefully so you do not lock yourself  out.  You will also need to edit /etc/hosts.deny to deny everything you do not allow. # hosts.allow   This file describes the names of the hosts which are #               allowed to use the local INET services, as decided #               by the '/usr/sbin/tcpd' server. # ALL:    127.0.0.1 SSHD:   192.168.1.1 SMTP:   ALL POP3:   ALL IMAPS:  ALL  # hosts.deny ALL:   ALL  2011 32