Educause Security Discussion mailing list archives

Re: Alerting tool

From: "Dunker, Mary" <dunker () VT EDU>
Date: Fri, 23 Oct 2009 11:13:46 -0400

We are concerned about using secret questions for self-service password resets. Has anyone implemented a self-service 
tool that utilizes one-time-passwords sent to cell phones? 

--------------------------------------------
Mary Dunker
Director, Secure Enterprise Technology Initiatives
Virginia Tech Information Technology
1700 Pratt Drive
Blacksburg, VA 24060
e-mail: dunker () vt edu
Telephone: 540-231-9327

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Emery Rudolph
Sent: Friday, October 23, 2009 10:07 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Alerting tool

Good morning,

I've used Nagios in past jobs and it was not too hard to learn and
offered great flexibility and features. Any alerting tool is going to
require some level of knowledge curve, so I wouldn't be put off by that
prospect.

Currently, at our University we use SiteScope, which was purchased by
HP. It has several iterations and does a very good job with a fairly
simple user interface. In addition, we utilize their external alerting
service called Siteseer, so that we are kept abreast of issues as
experienced by students and other external users.

Very Best Regards,

Emery Rudolph
Acting Director, Systems Management
University of Maryland University College
301-985-7447
http://www.umuc.edu

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Peter Charbonneau
Sent: Friday, October 23, 2009 8:10 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Alerting tool

Matt,

   Thanks.

   We have What's Up Gold and Cacti for monitoring.  I have been
looking around for something that might be able to do this, and Nagios
looks like it will, but also seems like the Nagios learning curve is
pretty steep.  If I was going to use it for more, then that would not
be an issue.

p

On Oct 22, 2009, at 11:37 AM, Matthew Gracie wrote:

Peter Charbonneau wrote:

SNMP read interface OID string to get bytes in.  In one (two, five)
minutes read the counter again, if the difference between the two
reads is less than value x, but more than value y, page as "down".


I would prefer and open source tool.  I am using Cisco routers.

What's up Gold doesn't seem to be able to do this.  Is there,
potentially an addon for Cacti that can do it?  Using Nagios for this
seems to be like swatting a fly with a sledge hammer, but ...

Anyone out there doing anything like this?


I've written some custom SNMP read rules in Nagios that do something
similar. I imagine if you've already got a Nagios implementation in
place, it would be pretty straightforward.

What are you currently using for monitoring?

--
Matt Gracie                     (716) 888-8378
Information Security Administrator  graciem () canisius edu
Canisius College ITS                    Buffalo, NY
http://www2.canisius.edu/~graciem/graciem_public_key.gpg




PeteC


Peter Charbonneau
Sr. Network and Systems Administrator
Williams College
(413) 597-3408 (office)
(413) 822-2922 (cell)
OIT will NEVER ask for your password!

Current thread:

Alerting tool Peter Charbonneau (Oct 22)
- <Possible follow-ups>
- Re: Alerting tool Matthew Gracie (Oct 22)
- Re: Alerting tool Peter Charbonneau (Oct 23)
- Re: Alerting tool Crim, David (Oct 23)
- Re: Alerting tool Emery Rudolph (Oct 23)
- Re: Alerting tool Dunker, Mary (Oct 23)
- Re: Alerting tool Joel Rosenblatt (Oct 23)
- Re: Alerting tool Raw, Randy (Oct 23)
- Re: Alerting tool Mike Lococo (Oct 27)