Firewall Wizards mailing list archives
Re: Event management
From: Nicholas Tang <ntang () nachtwache org>
Date: Wed, 23 Aug 2000 09:37:58 -0400 (EDT)
On Mon, 21 Aug 2000, [iso-8859-2] Magos?nyi ?rp?d wrote:
If we are talking about only the event handling connected to operation management (and not security related alerts), the following scheme seems to work: All devices run some scripts from cron, which checks the system health of the system. The output of the script is (through the stdin of ssh) sent to the health monitoring station (which is protected on the level of intranet; untrusted operators should look at the results, no one can operate on the firewalls from that station). On the monitoring station there is a Netsaint, which can be looked at through http(s). It can be extended by all bells-and-whistles of netsaint: bells, 3D, independent backup stations, and (this has the best hacque level for me, although have no real use unless one cannot see) alerts told by the computer with festival speech synthesizer system> The above meets all the above specified criteria, but we have not talked about the real question: security alerts.
Two things: one, it doesn't have to be done through cron jobs. Netsaint can use ssh to connect to the remote host and execute the plugin remotely to do things like check for disk usage and other similar things. As far as the security alerts, Netsaint can also handle those through its external input and non-volatile alert features... go to http://www.netsaint.org/ and look at the documentation for the latest (currently non-stable, but I'm guessing no more than a few weeks away from being stable) release, 0.0.6. (Ignore the version numbers, Netsaint was started over over 2 years ago I believe) It's a pretty nice system and the author of Netsaint actually does get security alerts and you can see them in his online demo, which is viewable here: http://real.extension.umn.edu/netsaint/ (username: guest, password: netsaint5). It's a nice piece of software and one of my favorite open source packages, and well worth a look. Nicholas _______________________________________________ Firewall-wizards mailing list Firewall-wizards () nfr net http://www.nfr.net/mailman/listinfo/firewall-wizards
Current thread:
- Event management Chris Trudeau (Aug 20)
- Re: Event management Magosányi Árpád (Aug 21)
- Re: Event management Chris Trudeau (Aug 21)
- Re: Event management Nicholas Tang (Aug 24)
- <Possible follow-ups>
- Re: Event management Nicholas Tang (Aug 26)
- Re: Event management Magosányi Árpád (Aug 21)