Server and Network Monitoring using MRTG – Part 1

This is the 1st series of articles highlighting the usage of MRTG for server and network monitoring.

In my previous article, I touched upon the basics of installing MRTG, Net-SNMP and used the cfgmaker tool to generate simple MRTG graphs. In this article, we further move on to the topic of creating MRTG graphs for a single Linux/Unix machine using only shell scripts.

The final goal or mission of these series of articles is to provide users concrete and professional examples of monitoring their servers and network devices using MRTG. In the end of these series of articles, we will round up and unite all these MRTG graphs to our web based network monitoring system called Nagios.

Continue reading →

Effective User management under Linux/Unix

In this article, we look into the topic of managing our users on our local Linux/Unix box. As we know it, Linux/Unix is a multiuser environment, therefore, one of the main tasks of a system administrator is to create user accounts and provide a secure environment for users to do their work in.

Adding and removing users is still one of the most important task of a system administrator. Therefore, we as system administrators need a good understanding of how the Linux/Unix accounting system works in order to provide good network services to our users and clients.

Good account management is also the key determinant to system security. Infrequently used accounts are prime targets for crackers. So are accounts with weak passwords.

Continue reading →

System integrity using Files, Permissions, Processes, Root and Sudo

To be a good in system administration, we have to understand the basics of files, processes and permissions of our Linux/Unix hosts. Therefore, in this article, we will cover the basic stuffs regarding files, processes, permissions, the SUPERUSER “root” account and the sudo program.

Every file and process on a Linux/Unix system is owned by a particular user account. Every file has both an owner and a group owner. What this means is that the owner of the file enjoys one special property that is not shared with everyone on the system. This property is the ability to modify the permissions of the file.

Other users on the system can’t access files belonging to others without the owner’s permission, so this restriction helps protect a user’s files against “malicious” users!

Continue reading →

Network Management using Nagios

If you are reading this article, then you should be well aware that there are various and different types of network devices, servers, electronic gadgets, transport mediums, media converters, etc, which are somehow connected to each other to form the Internet.

The internet is the biggest network in the world consisting of billions of computers, servers, workstations, routers, switches, printers, mainframes, mobile devices, etc, connected to each other in one way or another.

1 question certainly arises, which is, how do we keep track of this giant network and it’s billions of network devices connected to the Internet?

Continue reading →

Monitoring your Linux/Unix servers and network devices using MRTG and SNMP

This tutorial will guide you to create MRTG graphs for your Linux/Unix Server or just about any network device which supports SNMP.

This guide will present you the layout in a practical way and will not go in depth to explain the theories behind how they work. This is because the users will explore and learn them by themselves.

SNMP stands for Simple Network Management Protocol.

Continue reading →

WWW, Open Source and Nepal

I am diverting from my regular technical articles regarding operating systems and softwares to a different topic. This article represents the general aspect of the internet services provided in Nepal and also gives general information of my country.

The Internet is making the world smaller, that’s the latest buzz we hear everyday. A day never goes and passes by without the mention of the word “GOOGLE”. Everybody around the world seems to be bracing social networking such as Facebook, Orkut, Bebo or Myspace.

However, to a 3rd world country like Nepal, does it really matter?

Let me brief the audience about Nepal in a few sentences.

Continue reading →

An Encounter with Solaris 10

2 weeks ago, our main festival started for which we had 5 days off! Now that is a considerable amount of free time to any system administrator. Free time to system administrators gives us the ability to think freely from the daily workload and unnecessary pressure.

Before the holidays started, I had decided to learn something new to further enhance my experience and understanding about the open source operating systems world. I am not really an expert on Linux or BSD based operating systems. However, I do have some years of experience with Redhat and Debian based Linux operating systems. Since 2 years back, I have been running some server stuffs mostly on FreeBSD operating systems.

Trying out Gentoo has always been on my mind but I thought it’s Linux after all and suddenly Solaris came to my mind. I have to admit that I had always been biased to Solaris. I thought that it was not really an open source operating system and it ran only on those weird looking SPARC boxes manufactured by Sun Microsystems.

But I was wrong! Solaris seems to be full of promises and definitely seems to be the operating system of the future. In fact, it is probably the only Unix operating system which still contains the original Unix code when Unix was first developed in the 1970s. That may explain why it’s stability is so rock solid.

Continue reading →

Managing your Linux/Unix log files using logrotate

This How-To details the steps required to manage and rotate your server’s log files. A simple truth about Linux/Unix logs are that they are everywhere. Your kernel, program daemons, firewalls, etc, generate their respective log files. In fact, there are so many log files of various levels that sometimes, it can be a nightmare to maintain them. Hence, this guide is a simple step towards maintaining those log files to keep your system in check and in good health.

Log files are one of the most important files where almost all precious and sometimes unnecessary information are stored in regard to your server’s running state. For example, if your system’s security has been breached or compromised, it’s these log files which will come to your rescue to help you identity where or what went wrong.

In case if you don’t know, your Linux/Unix server is currently logging kernel and security logs in the file called /var/log/messages. Just do a simple ” tail -f /var/log/messages ” to get feel and see the actual current logs generated by various daemons running on your system.

Now if your server also has a Apache Web server or a Squid Proxy server running and you want to manage their respective logs in your own fashion, then the following information might help you out.

Continue reading →

Running A Transparent Linux Squid Bridge / Turn your Linux box into a Cisco like Catalyst switch

This How-To guides you to run your Linux box with Squid in a transparent bridge mode.

Let us face some facts. Not everybody, especially a small office network or a small home network can afford a Cisco catalyst switch. To replicate the features of a sophisticated switch like a Cisco catalyst switch, we can setup a Linux box with more than 2 network interfaces to run in bridging mode. Or more simply, a Linux bridged box having switching capabilities.

A bridge is a way to connect two Ethernet segments together in a protocol independent way. Packets are forwarded based on Ethernet address, rather than IP address (like a router). Since forwarding is done at Layer 2, all protocols can go transparently through a bridge. Continue reading →

Configuring WCCP2 on a Cisco 3620/7206 router with Squid-2.6.18 running on FreeBSD-6.x

This How-To details the steps required to configure WCCP version 2 with a Cisco 3620 or 7206 router together with Squid-2.6.STABLE18 running on FreeBSD-6.2.

Cisco’s WCCP (Web Cache Control Protocol) version 2 is used for sending web requests from clients to 1 or more Squid proxy servers. WCCP feature allows us to redirect Web traffic to our proxy servers which in turn provides Web caching, filtering, or other services, thus reducing transmission costs and downloading time.

With WCCP, we can build a “cache cluster” for load balancing, scaling, and fault tolerance.

For example, in the case of 2 proxy severs, if 1 proxy server goes down, WCCP redirects clients requests to the 2nd working proxy server.

In the rare circumstance where both or all of your proxy servers should go down, WCCP will determine the dead proxy servers and will route clients web requests directly from your cisco router.

Note: Only Cisco IOS Release 12.1 and later releases allow the use of either Version 1 (WCCPv1) or Version 2 (WCCPv2) of the WCCP.

Continue reading →