Open Source Tools for the Systems Administrator
Charles Profitt
Why Have Tools?
SfHp
Why Open Source?
BaCuSs
Four Tools
CaOsNmRtCacti
Ossec
nmap
RackTables
CaOsNmRtCacti
Ossec
nmap
RackTables
Cacti is a complete frontend to RRDTool, it stores all of the
necessary information to create graphs and populate them with data
in a MySQL database. The frontend is completely PHP driven. Along
with being able to maintain Graphs, Data Sources, and Round Robin
Archives in a database, cacti handles the data gathering. There is
also SNMP support for those used to creating traffic graphs with
MRTG.
Ability to add templates and custom scripts
Maintain historical data and display it visually to vendors and
management
CaCacti
OsOssec
OSSEC is a scalable, multi-platform, open source Host-based
Intrusion Detection System (HIDS). It has a powerful correlation
and analysis engine, integrating log analysis, file integrity
checking, Windows registry monitoring, centralized policy
enforcement, rootkit detection, real-time alerting and active
response. It runs on most operating systems, including Linux,
OpenBSD, FreeBSD, MacOS, Solaris and Windows.
Maintains logs beyond what is feasible for Windows to store
Makes searching logs from multiple servers much easier
Alerts can be setup for specific events and customized to go to
individuals responsible
OsOssec
OsOssec
Nmnmap
Nmap ("Network Mapper") is a free and open source (license)
utility for network discovery and security auditing. Many systems
and network administrators also find it useful for tasks such as
network inventory, managing service upgrade schedules, and
monitoring host or service uptime. It was designed to rapidly scan
large networks, but works fine against single hosts.
Establish baselines for servers and desktops.
Find intrusions
Ensure compliance
Nmap scan report for xxx.xxx.xxx.xxxHost is up (0.0011s
latency).Not shown: 999 closed portsPORT STATE SERVICE23/tcp open
telnetDevice type: router|WAPRunning: Cisco IOS 12.XOS details:
Cisco 836, 1751, 1841, or 2800 router (IOS 12.4 - 15.0), Cisco
Aironet AIR-AP1141N WAP (IOS 12.4)
Nmnmap
Nmap scan report for esx01.pcsd.monroe.edu (10.120.254.61)Host
is up (0.00044s latency).Not shown: 992 filtered portsPORT STATE
SERVICE80/tcp open http427/tcp open svrloc443/tcp open https902/tcp
open iss-realsecure5988/tcp closed unknown5989/tcp open
unknown8000/tcp open http-alt8100/tcp open unknownDevice type:
general purpose|storage-misc|specializedRunning (JUST GUESSING) :
FreeBSD 7.X|8.X|6.X|5.X|5.x (92%), VMware ESX Server 3.X|4.X (90%),
Crestron 2-Series (88%), Mirapoint embedded (87%)Aggressive OS
guesses: FreeBSD 7.0-RELEASE-p1 - 8.0-CURRENT (92%), FreeNAS 0.686
(FreeBSD 6.2-RELEASE) or VMware ESXi Server 3.0 - 4.0 (90%),
FreeBSD 5.2.1-RELEASE (90%), FreeBSD 5.4 or 5.5 (x86) (90%),
FreeNAS 0.69.2 (FreeBSD 6.3-STABLE - 6.4-RELEASE) (90%), FreeBSD
7.1-RELEASE (90%), FreeBSD 8.0-BETA2 - 8.0-RC2 (89%), FreeBSD
7.0-CURRENT (pre-release) (89%), FreeBSD 7.0-RELEASE-p2 -
7.1-PRERELEASE (89%), FreeBSD 7.2-STABLE (89%)No exact OS matches
for host (test conditions non-ideal).
RtRackTables
Racktables is a nifty and robust solution for data center and
server room asset management. It helps document hardware assets,
network addresses, space in racks, networks configuration and much
much more!
Document your servers both physical and virtual
Document networks
Generate reports
Maintain visual diagrams of rack placement
Embed Cacti graphs
RtRackTables
Drill down
Filter
Front, middle and back rack slots
Automated rack slots (42 - default)
Warranty dates
Support contact information
Asset management data
Questions
????
Click to edit the title text formatModifiez le style du
titre
11/1/13
Click to edit the title text formatModifiez le style du
titre
Click to edit the outline text formatSecond Outline LevelThird
Outline LevelFourth Outline LevelFifth Outline LevelSixth Outline
Level
Seventh Outline LevelModifiez les styles du texte du masque
Deuxime niveau
Troisime niveau
Quatrime niveau
Cinquime niveau
11/1/13
