nagios-3.0.6.tarGeneral Options:
-------------------------
Nagios executable: nagios
Nagios user/group: nagios,nagios
Command user/group: nagios,nagios
Embedded Perl: no
Event Broker: yes
Install ${prefix}: /usr/local/nagios
Lock file: ${prefix}/var/nagios.lock
Check result directory: ${prefix}/var/spool/checkresults
Init directory: /etc/rc.d/init.d
Apache conf.d directory: /etc/httpd/conf.d
Mail program: /bin/mail
Host OS: linux-gnu
Web Interface Options:
------------------------
HTML URL: http://localhost/nagios/
CGI URL: http://localhost/nagios/cgi-bin/
Traceroute (used by WAP): /usr/sbin/traceroute
Review the options above for accuracy. If they look okay,
type 'make all' to compile the main program and CGIs.
30-mar-09
I edited the /etc/httpd/conf.d/nagios.conf file so that no password would be needed to access the nagios web interface page at http://localhost/nagios/.
I commented out the lines that pertained to authorization:
AuthName
AuthType
AuthUserFile
Require valid-user
ALSO: To use without authorization you must edit the following line in /usr/local/nagios/etc/cgi.cfg:
use_authentication=1
Change it to:
use_authentication=0
Then you must restart nagios so it will read the cgi.cfg file.
7-apr-09 Got Nagios to actually start seeing Jupiter on network. I had to "Allow incoming echo request" (ICMP) on the Windows firewall on Jupiter. That made the nagios "host status" of Jupiter change from down to up. But the service tests (amount of disk space, uptime, etc) were still showing red instead of green. To fix it, I had to open port 12489 tcp on the Jupiter Windows firewall. I figured out which port by turning logging on on the Jupiter Windows firewall and watching which packets were being dropped.
19-apr-09 Figured out how to view the main nagios status webpage from a location remote from Shamrock. When I tried to view the nagios webpage from my apartment, all I got was the Apache default index.html page that says "It works". I had typed "208.115.xx.xx" into my brower address bar. That default page is in the /var/www/html directory on legacy.
But all you have to do to see nagios is change the url from 208.115.xx.xx to 208.115.xx.xx/nagios and you will be able to see the page. I'm not sure why this works, but there is a line in /etc/httpd/conf.d/nagios.conf that says:
Alias /nagios "usr/local/nagios/share"
So that must do it. But when I comment that line out and restart httpd, it still finds the nagios webpage by typing localhost/nagios/ into browser. ???????? You must include the trailing "/".
Also there are the following 2 lines in /usr/local/nagios/etc/cgi.cfg:
physical_html_path=/usr/local/nagios/share
url_html_path=/nagios
Maybe they help.
---------------------------------------------------------------------
24-apr-09 If you add a computer to the host definitions in /usr/local/nagios/etc/objects/windows.cfg, AND you use the windows server template, then that computer automatically gets a ping test because there is a ping test (check-host-alive) included in the windows template. So for most of my computers, all I have to do is add the computer to the list of computers to be monitored by creating a host entry for it in windows.cfg and it will be pinged. You don't have to add a service definition unless you are going to do something fancier than a ping.
Monday, March 30, 2009
Wednesday, March 25, 2009
opening and closing ports
An open port simply means that some program is running and listening for input on that port. The program may or may not respond.
A closed port means that no program is listening on that port.
So to "open" a port, you have to start a program that will listen on that port. To close it again, stop that program.
A "stealth" port is a port that does not respond to "knocks" from the Internet (pings, I guess), whereas a closed port might respond to a knock saying "I'm here but closed" even though there is no program actively using the port. That would let a hacker know that there was a computer at that port.
A closed port means that no program is listening on that port.
So to "open" a port, you have to start a program that will listen on that port. To close it again, stop that program.
A "stealth" port is a port that does not respond to "knocks" from the Internet (pings, I guess), whereas a closed port might respond to a knock saying "I'm here but closed" even though there is no program actively using the port. That would let a hacker know that there was a computer at that port.
ip addresses
7144vw#203 75.66.44.180 (26-apr-09)
7144vw#203 75.66.58.99 (31-may-09)
7880 Grove Ct E #204 75.66.42.204 (26-may-10)
Cotton Plant 64.16.231.180 (old)
Cotton Plant 216.212.76.40 (26-may-10)
Shamrock 208.115.11.214
2350kwc (margie) 74.226.120.216
grc.com 4.79.142.200
25-mar-09 Was able to ping CP from 2350kwc
25-mar-09 was NOT able to ping 2350kwc from CP or Shamrock
25-mar-09 Was able to ping CP from Shamrock
25-mar-09 was NOT able to ping Shamrock from 7144 Vineyard Way
9-apr-09 Was NOT able to ping CP from Shamrock - I don't know why
7144vw#203 75.66.58.99 (31-may-09)
7880 Grove Ct E #204 75.66.42.204 (26-may-10)
Cotton Plant 64.16.231.180 (old)
Cotton Plant 216.212.76.40 (26-may-10)
Shamrock 208.115.11.214
2350kwc (margie) 74.226.120.216
grc.com 4.79.142.200
25-mar-09 Was able to ping CP from 2350kwc
25-mar-09 was NOT able to ping 2350kwc from CP or Shamrock
25-mar-09 Was able to ping CP from Shamrock
25-mar-09 was NOT able to ping Shamrock from 7144 Vineyard Way
9-apr-09 Was NOT able to ping CP from Shamrock - I don't know why
Tuesday, March 17, 2009
notes about sockets and icmp
An easy, clear definition of what sockets are:
from www.angryziber.com:
While only IP protocol is fine for sending of packets between hosts, there is a need to differentiate multiple senders and receivers on each host (sockets). This possibilities are provided by transport protocols UDP (User Datagram Protocol), TCP (Transmission Control Protocol), and their companion, ICMP (Internet Control Message Protocol). All these protocols are independent of whether IPv4 or IPv6 is used underneath.
from wikipedia:
Internet sockets constitute a mechanism for delivering incoming data packets to the appropriate application process or thread, based on a combination of local and remote IP addresses and port numbers. Each socket is mapped by the operational system to a communicating application process or thread.
Now on to ICMP......
I normally think of ICMP as being at the network level, but it's really at the transport level.
from systemdisc.com:
ICMP works, from a technical point of view, at the transport layer of the OSI model. However, it differs from other transport protocols such as TCP or UDP in the following way; as a control protocol, ICMP does not carry any application data but information on the status of the network.
from www.angryziber.com:
While only IP protocol is fine for sending of packets between hosts, there is a need to differentiate multiple senders and receivers on each host (sockets). This possibilities are provided by transport protocols UDP (User Datagram Protocol), TCP (Transmission Control Protocol), and their companion, ICMP (Internet Control Message Protocol). All these protocols are independent of whether IPv4 or IPv6 is used underneath.
from wikipedia:
Internet sockets constitute a mechanism for delivering incoming data packets to the appropriate application process or thread, based on a combination of local and remote IP addresses and port numbers. Each socket is mapped by the operational system to a communicating application process or thread.
Now on to ICMP......
I normally think of ICMP as being at the network level, but it's really at the transport level.
from systemdisc.com:
ICMP works, from a technical point of view, at the transport layer of the OSI model. However, it differs from other transport protocols such as TCP or UDP in the following way; as a control protocol, ICMP does not carry any application data but information on the status of the network.
Subscribe to:
Posts (Atom)