Bài đăng

Đang hiển thị bài đăng từ Tháng 3, 2014

Auto restart Linux service using zabbix

Hình ảnh
Configuration Those remote commands that are executed on Zabbix agent (custom scripts) must be first enabled in the respective zabbix_agentd.conf . Make sure that the EnableRemoteCommands parameter is set to 1 and uncommented. Restart agent daemon if changing this parameter. Remote commands do not work with active Zabbix agents. Then, when configuring a new action in Configuration→Actions : In the Operations tab, select the Remote command operation type Select the remote command type ( IPMI , Custom script, SSH , Telnet, Global script) Enter the remote command For example: sudo /etc/init.d/apache restart In this case, Zabbix will try to restart an Apache process. With this command, make sure that the command is executed on Zabbix agent (mark the respective radio button against Execute on ). Note the use of sudo - Zabbix user does not have permissions to restart system services by default. See below for hints on how to configure sudo . Zabbix agent

Auto restart Windows service using zabbix

Hình ảnh
In the event that a critical application service stops unexpectedly or fails to start up for unknown reasons or your web server fails to respond and you are no where near your system, you can setup zabbix to proactively restart such services. For the purpose of this post, I will configure zabbix to restart ‘ Active Directory Domain Service ‘ when service goes down. - Log onto zabbix → click on Configuration/Actions → click Create action (top right corner) → Enter Action name and leave rest as default - Click on Conditions tab → Leave condition label (A) → remove any other conditions and add a new Trigger condition (new condition would be ‘ Trigger = <click select and select the trigger created for NTDS >) → click Add to add the new condition - Click on Operations tab → Operation type is ‘Remote command’ → Enter new Target as ‘Current host’ → Type equals ‘Custom script’ → Execute equals ‘Zabbix agent’ → Command enter ‘ cmd /c “net start “NTDS” ‘ → cli

How to setup SSH tunnel, Web Proxy, Bitvise Tunnelier, sock browsing

First, In order to have SSH tunnel web proxy, you need to have a shell account. you can get shell account from RisingNet.com  The reason that we choose Risingnet because they provide Dedicated IP address which mean only you can use your own personal IP and it is not share with anyone else. Moreover, you can choose any TCP port that you wish the SSH server to listen. Second, you need an SSH client so you can setup tunnel or web proxy to the shell account. I use Bitvise Tunnelier, you can download it from their website, it is free. SETUP Bitvise Tunnelier 1) Install Bitvise Tunnelier on your windows OS. 2) Put in the login/password information Hostname: (put in the SSH IP or hostname) Port: (put in your SSH port number, default is 22) Username: (put in the username that your provider assign to you) Initial method: (password) Check on (Store encrypted password in profile) 3) Next - Click on "Options" Under: "On Login" Un check on ( Open Ter

SSH Tunneling Explained

Hình ảnh
Recently I wanted to set up a remote desktop sharing session from home pc to my laptop. While going through the set up guide I came across ssh tunneling. Even though there are many articles on the subject still it took me a considerable amount of googling, some experimenting and couple of Wireshark sessions to grasp what’s going under the hood. Most of the guides were incomplete in terms of explaining the concept which left me desiring for a good article on the subject with some explanatory illustrations. So I decided to write it my self. So here goes… Introduction A SSH tunnel consists of an encrypted tunnel created through a SSH protocol connection. A SSH tunnel can be used to transfer unencrypted traffic over a network through an encrypted channel. For example we can use a ssh tunnel to securely transfer files between a FTP server and a client even though the FTP protocol itself is not encrypted. SSH tunnels also provide a means to bypass firewalls that prohibits or

Open-AudIT - Network auditing application

Hình ảnh
About Open-AudIT Open-AudIT is a network auditing application. It is based on the scripting languages of PHP, Bash and VBScript. It can tell you what is on your network, how it is configured and when it changes. Data is retrieved with Bash and/or VBScript, stored in a database and viewed through a web interface. The server only needs a web server (Apache and IIS have both been tested) and a MySQL install. Both of these applications are free to use. Your network devices can be queried and audited. Results are stored in a database for viewing, reporting and change auditing. All interaction is via standards compliant web pages. To setup Open-AudIT you will need the following - a webserver (IIS or Apache will do), PHP installed on the webserver, a MySQL database (usually residing on the webserver), the gd and imagick extensions for PHP. Once these are installed and working, simply download the application (download the SVN Trunk for the latest version). Extract the

Piwik - Open Analytics Platform

Hình ảnh
What is Piwik? Piwik is an open analytics platform currently used by individuals, companies and governments all over the world. With Piwik, your data will always be yours. Learn why Piwik is the right web analytics tool for you below. What can I use Piwik for? Web analytics Whether your site has a few visits per day or a few million, Piwik can help you gather and analyze important information about your users. Track Key Performance Indicators such as visits, goal conversion rates, downloads, keywords and many more. Expand Piwik functionality by adding new plugins from the Piwik Marketplace. Features Piwik prides itself on continually innovating and improving the analytics experience for users. Please read below for an introductory tour to some of the ever-expanding features Piwik offers. Otherwise, you can access the complete list of features in Piwik Analytics . Profile your audience Full insight on your users and their engagement

Ajenti - Server admin panel

Hình ảnh
Ajenti , the only open source feature rich, powerful and lightweight control panel that provides responsive web interface for managing small server set-ups and also best suitable for Dedicated and VPS hosting. It comes with many built-in pre-made plugins for configuring and managing server software’s and services such as Apache , Nginx , MySQL , FTP , Firewall , File System , Cron , Munin , Samba , Squid and many other programs like File Manager , Code Editor for developers and Terminal access. Feature highlights Easy installation Ajenti is installed through your system's package manager. Installation only takes a minute. Existing configuration Picks up your current configuration and and works on your existing system as-is, without any preparation. Caring Does not overwrite your config files, options and comments. All changes are non-destructive. Batteries included Includes lots of plugins fo

ISPConfig - Hosting Control Panel Software (Open Source)

Hình ảnh
Manage multiple servers from one control panel Web server management (Apache2 and nginx) Mail server management (with virtual mail users) DNS server management (BIND and MyDNS) Virtualization (OpenVZ) Administrator, reseller and client login Configuration mirroring and clusters Open Source software ( BSD license ) What’s new in ISPConfig 3.0.5 - APS package installer. See   http://www.apsstandard.org   for a list of available packages. - New web backup system which includes the website databases. - Mailuser login. - PHP version selector. Use different PHP versions for different websites. - Subdomains as virtualhost with separate directory inside the directory tree of the main website without rewriting. - Support for mod_perl2. - Improved default theme. - Global search function. - PHP-FPM support for Apache servers. - PHP-FPM mode selector in website options. - Hardened the website folder structure with new folder protection feature and stricter secur

Installing and Setting a Zabbix agent securely

Hình ảnh
Installing a Zabbix agent Installing a Zabbix agent is very easy. All you need to do is install the package and edit the  /etc/zabbix/zabbix_agentd.conf  and change the following: Server=zabbix-srv.example.com,127.0.0.1 Hostname=srv1.example.com But this would expose all the data between the Zabbix Agent and the Zabbix Server, since it is not encrypted. If you take your job serious, you always encrypt your data. You don't know what kind of data you will be exchanging tomorrow. Perhaps it's something sensitive, this way you won't have to worry about that. Setting it up securely To make the communication secure, we can use  autossh  to make sure we have working SSH tunnels to and from the Zabbix Server. We will simply forward Zabbix Server port (10051) to all the servers running the agent software and reverse another SSH tunnel from every Zabbix Agent (port 10050) to the Server. Before we can start to make the tunnels, we need a SSH account we can connect to. The

Zabbix Agent Over an SSH Tunnel

Today I set up Zabbix monitoring of a bunch of boxes. A couple have public IP addresses – the load-balancers – so they were pretty standard. However, most of them are sitting behind a NAT, so are a little trickier. I played around with Zabbix proxy for a while – whose purpose is to solve this exact problem. In the end though, just to be different/awkward, I opted to set up ssh tunnels and just pass the Zabbix traffic through the load-balancer boxes. The Zabbix agent config was fiddly and took a lot of trial and error to get right, so, maybe this will help someone else. First of all, the ssh tunnels. This is the command I used, but you’ll probably want to set up ssh keys and use autossh or some such thing. This is run on the load-balancer box, as it’s acting as a bridge between the public network and the NAT’ed network. ssh -f user@10.0.0.25 -L0.0.0.0:14050:10.0.0.25:10050 -N Breaking this down: -f : Background the ssh process user@10.0.0.25 : these

Installing Zabbix GUI on Debian Wheezy (with dotdeb, MySQL and lighttpd)

Hình ảnh
Swift installation process of how to get the Zabbix GUI up and running on Debian Wheezy But Why? Everybody knows how important it is to monitor your servers, so you know what is going on at all times of the day. This also applies when when you want to have time of with friends and family. Everybody knows this, but it can be hard to make happen for yourself. Enter Zabbix! Yes, there are alternatives like Cacti and probably other good monitoring systems, but while Zabbix is ugly as shit, it also is very powerful, easy to setup (sort of) and widely used. How does it work? Zabbix is very modular. There are 3 parts that make up the system; Server, GUI and Agent(s). I assume that you want to host the GUI on the same machine as the Server. This means that the finished setup could look something like this: Environment Before we get started, we need to make sure some things are setup correctly. First of we need to add the dotdeb main repository to your

The Browser Exploitation Framework Project

Hình ảnh
What is BeEF? BeEF is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual security posture of a target environment by using client-side attack vectors. Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context. Contribute to BeEF The BeEF project uses GitHub to track issues and host its git repository. To checkout a read only copy of the repository you can issue

Mantis Bug Tracker (MantisBT)

Hình ảnh
MantisBT is a full-featured bug-tracking system that not only keeps track of bugs, but includes a user system so that multiple users can interact and multiple projects can be tracked. If your company creates its own software, has its own Web site, or needs to keep track of software-related issues, then you need a bug tracking tool. Naturally, there are tons of such tools available. Many of these tools are either complex to use or complex to install. MantisBT, on the other hand, is both simple to use and simple to install. This open source bug tracker is written in PHP, uses MySQL, and can be installed on Linux, Windows, Mac, OS/2, and more. Requirements Operating System: Windows, OS X, OS/2, Linux, Solaris, BSD (all) Web Server: Microsoft IIS and Apache PHP: Version 5.2 or higher Database: MySQL 4.1 or higher, MS SQL, PostgreSQL, and DB2 Additional information from vendor For a closer look, check out the TechRepublic

How to Install Redmine on CentOS (Detailed)

Introduction I spent a fair bit of time looking for a good issue tracking / project management solution. Having considered extensively both open source and commercial solutions (up to about $200/month price range like Jira+Confluence and Zoho Projects) I decided to go with Redmine as it offers a good mix of issue tracking and project management capability, most specifically status workflows, sub-tasking and task dependencies and everything else we need. However, when I decided to deploy Redmine I encountered numerous difficulties, as at my workplace we use PHP and are not familiar with Ruby on Rails and setting up Ruby on Rails for anyone not familiar with it is rather difficult, largely due to the various version dependencies and incompatibilities and lack of decent detailed documentation on how to do it. I managed to setup Redmine on Windows XP using MySQL, Apache and Mongrel, but when I tried to install the same setup on Windows Server 2008 I encountered all sorts

Project management web application - Redmine

Redmine is a flexible project management web application written using Ruby on Rails framework. Link: http://www.redmine.org Redmine Redmine is a flexible project management web application. Written using the Ruby on Rails framework, it is cross-platform and cross-database. Redmine is open source and released under the terms of the GNU General Public License v2 (GPL). Features Some of the main features of Redmine are: Multiple projects support Flexible role based access control Flexible issue tracking system Gantt chart and calendar News, documents & files management Feeds & email notifications Per project wiki Per project forums Time tracking Custom fields for issues, time-entries, projects and users SCM integration (SVN, CVS, Git, Mercurial, Bazaar and Darcs) Issue creation via email Multiple LDAP authentication support User self-registration support Multilanguage support Multiple databases support Read more about Redmine features . Documentat