Monday, November 16, 2009

Nagios Remote Plugin Executor ( NRPE ) installation in Ubuntu

( See also NRPE for monitoring Windows  )
The NRPE  (Nagios Remote Plugin Executor) addon is designed to allow you to execute Nagios plugins on remote Linux/Unix machines. The main reason for doing this is to allow Nagios to monitor "local" resources (like CPU load, memory usage, etc.) on remote machines. Since these public resources are not usually exposed to external machines, an agent like NRPE must be installed on the remote Linux/Unix machines.


DESIGN OVERVIEW



The NRPE addon consists of two pieces:
* The check_nrpe plugin, which resides on the local monitoring machine.
* The NRPE daemon, which runs on the remote Linux/Unix machine

When Nagios needs to monitor a resource of service from a remote Linux/Unix machine:
* Nagios will execute the check_nrpe plugin and tell it what service needs to be checked

*The check_nrpe plugin contacts the NRPE daemon on the remote host over an (optionally) SSL
protected connection.

*The NRPE daemon runs the appropriate Nagios plugin to check the service or resource.

*The results from the service check are passed from the NRPE daemon back to the check_nrpe
plugin, which then returns the check results to the Nagios process.

INSTALLATION

REMOTE HOST SETUP

1) Install nagios plugins

These instructions should be completed on the remote Linux/Unix host where the NRPE daemon to be installed .


i.Create a user account for nagios

/usr/sbin/useradd nagios
passwd nagios


ii. Install the Nagios Plugins .Download the source code tarball of the Nagios plugins (visit:
http://www.nagios.org/download

ii.Extract the Nagios plugins source code tarball.
tar xzf nagios-plugins-1.4.6.tar.gz
cd nagios-plugins-1.4.6 .


iv. Compile and install the plugins.
./configure
make
make install


v.The permissions on the plugin directory and the plugins will need to be fixed at this point,
chown nagios.nagios /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios/libexec


vi. Install xinetd
sudo apt-get install xinetd

2) Install the NRPE daemon

i.Download the source code tarball of the NRPE addon.
(visit:http://prdownloads.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz) .

ii.Extract the NRPE source code tarball.
tar xzf nrpe-2.8.tar.gz
cd nrpe-2.8


iii. Compile the NRPE addon.
./configure
make all


iv. Install the NRPE plugin , daemon, and sample daemon config file.
make install-plugin
make install-daemon
make install-daemon-config


v. Install the NRPE daemon as a service under xinetd.
make install-xinetd

vi. Edit the /etc/xinetd.d/nrpe file and add the IP address of the monitoring server to the
only_from directive.
only_from = 127.0.0.1

vii. Add the following entry for the NRPE daemon to the /etc/services file.
nrpe 5666/tcp # NRPE

viii. Restart the xinetd service.
service xinetd restart

3) Test the NRPE daemon locally.

Its time to see if things are working properly. Make sure the nrpe daemon is running under xinetd.
Check the command :
netstat -at | grep nrpe

The output out this command should show something like this:
tcp 0 0 *:nrpe *:* LISTEN

Next, check to make sure the NRPE daemon is functioning properly. To do this, run the check_nrpe plugin that was installed for testing purposes.
/usr/local/nagios/libexec/check_nrpe -H localhost

You should get a string back that tells you what version of NRPE is installed, like this:
NRPE v2.8

So you finished the remote host part..Now you have to configure the monitoring host.

Instant File sharing in LAN

Do you wanna share something in the local area network quickly..without wasting your time with apache or any daemons..here is the technique for that..

First of all, open a terminal and move into the folder you wanna share.Say i want to share /home/xxx/Downloads folder..So open a terminal and then cd /home/xxx/Downloads.

Then type this command

python -c "import SimpleHTTPServer; SimpleHTTPServer.test();"




Then your folder can be accessed through web browser by typing http://your_ip:8000/.



Njoy

Friday, November 13, 2009

NMAP: The Best network exploration tool

Nmap (“Network Mapper”) is an open source tool for network exploration. It was designed to rapidly scan large networks, although it works fine against single hosts.

WHAT IT CAN DO FOR YOU ?
Nmap determines what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, is there any open unfiltered ports and dozens of other characteristics.
Systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime and firewall monitoring.
In between the lines, it says that nmap is an unavoidable tool for a hacker..

INSTALLATION::

sudo apt-get install nmap

USAGE:

nmap -parameters -options target_specification

PORT SCANNING USING nmap::

What are ports? Don't think that they are the one you see behind your pc , used to insert the LAN cable and USB..these are not that physical ports..these are logical ones ..you can't see them.But they are the ways by which two computers can communicate. Processes in a computer will have ports associated with them..like port 80 for HTTP, port 22 for ssh etc.. So if you want to access some other computer, you should find a open unfiltered port in that..

Ports can have these stages:
1) open : these ports have some application linked to it( Attackers can attack this way..)
2) closed : these ports are accessible but there is no application listening to it..so no use
3) filtered: these are being monitored by firewalls..
4)unfiltered: Not under monitoring..may be open or closed.

There are different types of port scanning.

1) TCP SYN scan ( -sS )

> These are default and quick
> clearly differentiates open,closed and filtered ports
> Does not establish TCP connection..so nobody catches u
> it takes less time

2) TCP connect Scan (-sT )

> creates connection with target..so this takes more time

3) ACK scan ( -sA )

> This doesn't determine a port is closed or open.
> It differentiaties only filtered and non filtered.

The list goes on..i am not listing all here..

WHAT ELSE CAN YOU DO ?

> You can detect the Operating System of the target you specified. (option -O )

> You can scan an entire subnet and find the hosts .

> You can specify particular ports to scan.( -p <port ranges>)

> You can detect the services(and their versions ) running in these ports. (option -sV)

I will show u a few examples



nmap -v -O 192.168.75.97
This will scan the system and detect the operating systems used .Output of this command is shown here and you can see detected operating system is marked.




nmap -sS -p 22,53,110,143,4564 198.168.75.1-127
This will scan specified ports(22,53..) in host in specified ip range..

Njoy

Creating Permanent Aliases

I am too lazy to type long commands like "ssh username@remote_server_addres" ..etc...So Aliases came to help me..Now i just type 'aaa" to login to server..Ya it's true..commands make the life simpler..

So how to do this ? here you go..

1) gedit ~/.bash_aliases

Opens the file .bash_aliases [ even if it is not there now]

2) Type all aliases you want to give here..

alias any_name='ssh username@remote_address'

and save it

3) gedit ~/.bashrc

opens the .bashrc file

4) find following lines

if [ -f ~/.bash_aliases ]; then
. ~/.bash_aliases
fi


5) If you got the above lines, uncomment it ( remove the # at the begining ,if any).

DONE..start a new terminal and type the name you gave as alias any_name,,it will connect to your server..
You can do this for any commands..like if u always want to list all files and folders(including hidden) in the current direcotry you do ls -a. In such case, create alias named ls as 'ls -a'..So typing ls will list hidden also.


Njoy.

SSH without Password Authentication

I feel very difficult to type passwords always when i login to our institution's remote server Athena. Recently i found this tip helped me a lot. I am sure it will help you.
Here we are using some cryptographic approach of generating a public key and private key pair.Don't think it's difficult ..i am not going to teach u about cryptography..


So follow these steps:[ with each command i will giv u a little explanation. You should know what you are doing ] .I assume that you have got ssh installed in your system(it will be there by default in many distros) and you have an account in remote server.

1) ssh-keygen -t dsa

Here you are generating key pair.The program will ask a series of prompted questions. For our purposes, it is Ok to just keep pressing the "enter key" for the defaults.

2) ls -l ~/.ssh

It will show like this. The file id_dsa.pub is the public key file.
total 12
-rw------- 1 irfan irfan 736 2009-11-12 23:45 id_dsa
-rw-r--r-- 1 irfan irfan 604 2009-11-12 23:45 id_dsa.pub
-rw-r--r-- 1 irfan irfan 2210 2009-11-12 18:43 known_hosts


3) chmod 700 ~/.ssh
chmod 600 ~/.ssh/*


This will make sure the user have necessary permissions with the file.( i will explain chmod in my coming posts..)

4) Copy the id_dsa.pub file to ~/.ssh folder of your account in remote server.I do it as:

scp id_dsa.pub username@server_address:~/.ssh

[Don't forget the colon : ]

5) Now login to your remote server

ssh username@remote_address

6) append contents of file id_dsa.pub to the file named authorized_keys2 . follow this command:

cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys2

[ do this even if the file named authorized_keys2 is not found in .ssh folder ]

7) Ensure the permissions once more

chmod 700 ~/.ssh chmod 600 ~/.ssh/*

DONE..

Next time onwards when you login to the server it wont ask you the password.

//Feel free to ask any clarifications

Wednesday, November 11, 2009

installing NAGIOS in Ubuntu 10.04+

This post has been updated on 24th July 2012:
For the completion of my computer Networking course, i done a project on implementation and configuring NAGIOS and configuring some addons also..So here i would like to share with you some thing about Nagios.

Nagios® is a system and network monitoring application. It watches hosts and services that you specify, alerting you when things go bad and when they get better.
Some of the many features of Nagios include:
  • Monitoring of network services (SMTP, POP3, HTTP, NNTP, PING, etc.)
  • Monitoring of host resources (processor load, disk usage, etc.)
  • Simple plugin design that allows users to easily develop their own service checks
  • Parallelized service checks
  • Ability to define network host hierarchy using "parent" hosts, allowing detection of and distinction between hosts that are down and those that are unreachable
  • Contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method)
  • Ability to define event handlers to be run during service or host events for proactive problem resolution
  • Automatic log file rotation
  • Support for implementing redundant monitoring hosts
  • Optional web interface for viewing current network status, notification and problem history, log file, etc.
visit Nagios official website(http://www.nagios.org/) for documentation.
Below picture shows the frontend of nagios which works in web browser.

PRE-REQUISITES FOR INSTALLATION

A webserver preferably Apache is required for viewing Nagios. So if not done , Install Apache and make sure it works!
sudo apt-get install apache2
// TESTING APACHE: go to http://localhost/ if it shows "It Works" you are done.

NAGIOS INSTALLATION
You can install nagios by two methods.
  1. Installing using Package manager . Use this for a easy to go installation within few steps. I prefer this
  2. By downloading Source code and then compiling it .Use this if you want the latest version of Nagios to be installed. For this , you should have some idea about source code compilings
Method 1: Install using package manager

Go Type sudo apt-get install nagios3 nagios-nrpe-plugin from command line and You will be asked to enter a password for the nagiosadmin user.
Done ! that's it

Method 2: By compiling source code

  1. Download Nagios Source code from the website: http://www.nagios.org/download/core/ and Nagios Plugin source code from http://www.nagios.org/download/plugins
  2. keep your downloaded file in home directory
  3. Extract the tar ball file
  4. sudo tar -zxvf nagios-3.2.0.tar.gz
  5. Go into the directory
  6. cd nagios-3.2.0
  7. Create a user to run the service and a group to run external commands:
    • sudo useradd -m nagios
    • sudo passwd nagios
    • sudo groupadd nagcmd
    • sudo usermod -a -G nagcmd nagios
    • sudo usermod -a -G nagcmd www-data
  8. Now install the Nagios tarballs that were downloaded previously:
    • sudo ./configure --with-command-group=nagcmd
    • sudo make all
    • sudo make install
    • sudo make install-init
    • sudo make install-config
    • sudo make install-commandmode
    • sudo make install-webconf
  9. Add a user for the Nagios interface:
    sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
  10. Restart Apache:
    sudo /etc/init.d/apache2 restart
  11. INSTALLING NAGIOS PLUGIN:

  12. Extract and compile the plugins that were downloaded earlier:
    • cd ~/
    • tar -zxvf nagios-plugins-1.4.13.tar.gz
    • cd nagios-plugins-1.4.13
    • sudo ./configure --with-nagios-user=nagios --with-nagios-group=nagios
    • sudo make
    • sudo make install
  13. Create a link to start the service:
    sudo ln -s /etc/init.d/nagios /etc/rcS.d/S99nagios

  14. Verify the config:
    sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
  15. Start Nagios:
    sudo /etc/init.d/nagios start
Done.

After Installation
After Nagios installation by either methods, you should be able to log into the Nagios web interface (http://localhost/nagios or http://localhost/nagios3 depending upon your Nagios version) using the nagiosadmin user and password.

Next task is to configure NAGIOS to monitor your network like adding your routers, servers and services . You can check out this post for NAGIOS configurations . Nagios without addons is of not much use. You can check out this post for NRPE addon.NRPE

Njoy

Thursday, November 05, 2009

GnomeShell- the next Desktop environment

The GNOME Shell is a major component proposed for GNOME 3.0. It takes over the window management and application launching roles and provides an intuitive unified experience as the user navigates between tasks and documents.The GNOME Shell redefines user interactions with the GNOME desktop. In particular, it offers new paradigms for launching applications, accessing documents, and organizing open windows in GNOME. Later, it will introduce a new applets eco-system and offer new solutions for other desktop features, such as notifications and contacts management. The GNOME Shell is intended to replace functions handled by the GNOME Panel and by the window manager in previous versions of GNOME. The GNOME Shell has rich visual effects enabled by new graphical technologies.

The preview of GNOME Shell 2.28 was released on October 7, 2009 and most distributions should have the preview packages. If you are interested in having the latest GNOME Shell features from the repository or in developing GNOME Shell, here are the instructions for building and running it yourself, which are quite straight forward. The plan for GNOME Shell is to be the desktop for GNOME 3.0.

Installation

It’s important to note right away that Gnome Shell is still in fairly early development. There is no stable release or package, we’ll be downloading and installing from source code using an auto build script. While I had no trouble at all with the installation, things could change at any moment so there’s certainly no guarantees that it will build, let alone run. That said, Gnome Shell has so far given me no trouble at all.

First, we’ll need jhbuild, a tool that’ll help with the installation. It’s probably in your distro’s repositories. Debian/Ubuntu users an fetch it with:

sudo apt-get install jhbuild

Next we download and run the installation script:
wget http://git.gnome.org/cgit/gnome-shell/plain/tools/build/gnome-shell-build-setup.sh

bash gnome-shell-build-setup.sh
jhbuild build


This will take a little while.

Running

BEFORE RUNNING GNOME SHELL, make sure to disable Compiz if you’ve got it running. Ubuntu users can do this by opening your normal Gnome panel to System -> Preferences -> Appearance and turning off desktop effects. Once you’re sure any desktop effects have been disabled, save any work you’re not willing to risk, and enter the following in your terminal:
~/gnome-shell/source/gnome-shell/src/gnome-shell --replace

Related Links
GnomeShell
Gnome live

Wednesday, November 04, 2009

NAUTILUS-OPEN-TERMINAL

This is an introduction to a package i feel most useful for me. nautilus-open-terminal. The package nautilus-open-terminal does just what you might guess it does. It allows you to launch a gnome-terminal whereever you want by a right-click within that folder..
Package description says: "nautilus-open-terminal is a proof-of-concept Nautilus extension
which allows you to open a terminal in arbitrary local folders."

To install:
sudo apt-get install nautilus-open-terminal
And then restart nautilus(First quit nautilus using nautilus -q and press ALT+F2 and type nautilus ).
Done.
Afterwards you’ll have a “open terminal” button on your right-click menu anywhere within nautilus or gnome-desktop area. Enjoy.

AFTER INSTALLING KARMIC ?

After a fresh install of ubuntu, it is difficult for a common user to install essential packages and codecs manually.What if we have a script to do it for you . Yes , Here it is... just run it after your fresh install of ubuntu karmic koala.
All credits goes to Piotr Miros 'Epul' and translation to english from web upd8.

The script works on Ubuntu 9.10 Karmic Koala only (both 32bit and 64bit) and can automatically or manually (it asks you if you want each application / customization) install or configure the following:

- adds the recommended repositories,
- downloads and installs the latest updates,
- installs Ubuntu Tweak,
- installs codecs, web browser plugins (Java, Flash),
additional support for archives (RAR, 7-Zip) and additional fonts
- installs MPlayer,
- sets Mplayer and Totem character encoding to Central / Western European (Windows-1250),
you can disable this by removing lines: 64 and 69,70,71,72,73,74,75,
- uninstalls Empathy and replaces it with Pidgin"
|###################################
Download the code here
##################################|

Tuesday, November 03, 2009

KARMIC KOALA STABLE VERSION RELEASED


Stable version of Ubuntu version 9.10 named Karmic Koala released officially. You can download the iso images from here.(Click me)

If you want to upgrade from ubuntu 9.04 jaunty to 9.10 , you can either upgrade online from update manager or you can use the alternate cd.
Using Alternate CD to upgrade to 9.10
1. Download the alternate cd image from here.
2. Burn the iso image to a CD and the insert the disk to upgrade.
OR
No need of wasting a cd for burning the image if the image is in the computer to be upgraded.
Mount the image using the command " sudo mount -o loop ~/Desktop/
ubuntu-9.10-alternate-i386.iso /media/cdrom0"
Then a dialog will b displayed offering oportunity to upgrade. If the
dialog box didnt come up, run the command using
ALT+F2 gksu "sh /cdrom/cdromupgrade" ;
( I recommend upgrading online..using alternate cd may leave some configuration files back)