[Nagios-users] NRPE_NT and Win NT 4.0 Problem
Hello. Is there a known issue with nrpe_nt (0.8b) and Windows NT 4.0?? The service is running and responding, but the exit code/errorlevel is not transmitted. I always receive 0 (OK). On a Win2k-box everything works fine. The check-command is the known test script test.cmd: @echo off echo hallo from cmd exit 1 Has someone an idea, how to get checks with winNT? The aim is to check if a share is successfully connected. Greetings, Rene -- - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Regarding SNMP Trap
On Thu, Dec 28, 2006 at 11:16:04AM +0530, Ranjeet Kumar wrote: 1. Show your snmptrapd.conf. traphandle default /usr/sbin/snmptthandler Check also, what your snmptrapd runned and your snmptt runned as daemon. In this case, your log files must have messages from snmptrapd and snmptt. 4. submit_check_result must use nsca for transport. I am not using nsca. I don't think it is required because same server is acting as snmptrap server as well as nagios monitoring server. Is it really required? No. You can work directly with nagios command_file. I have not started working on this as exec statement is not working. Try to replace EXEC to some simple command like date /tmp/snmptt.exec.log It's doesn't work too? If yes -- check installed perl modules. I'm using: snmptt-1.1 SNMP trap handler/translator/swiss-army-knife Information for snmptt-1.1: Depends on: Dependency: perl-5.8.8 Dependency: p5-Config-IniFiles-2.39 Dependency: net-snmp-5.2.3_3 FreeBSD 6.2-PRERELEASE WBR -- Dmitriy Kirhlarov OILspace, 26 Leninskaya sloboda, bld. 2, 2nd floor, 115280 Moscow, Russia P:+7 495 105 7247 ext.208 F:+7 495 105 7246 E:[EMAIL PROTECTED] Building Successful Supply Chains - One Solution At A Time. www.oilspace.com - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] NRPE problem
Hi! i'm using NRPE to monitorize a Solaris host. When i launch disk nrpe request through check_nrpe plugin on server machine, it returns me a DISK Warning problem, and my host nrpe config is configured to see warnings since 10% space free, but any filesystem reaches 18%. Curiously, if i try to execute check_disk plugin from the host machine, it works well and returns me a DISK OK message. This is nrpe.cfg from client machine: command[check_disk1]=/usr/local/lib/nagios/plugins/check_disk -w 10 -c 5 if i execute this plugin from localhost, this is the result: [EMAIL PROTECTED]:/usr/local/etc: /usr/local/lib/nagios/plugins/check_disk -w 10 -c 5 DISK OK [2116032 kB (51%) free on /dev/md/dsk/d10] [1916289 kB (46%) free on /dev/md/dsk/d30] [7864408 kB (99%) free on swap] [7864408 kB (99%) free on swap] [3218951 kB (78%) free on /dev/md/dsk/d40] [15269693 kB (83%) free on /dev/md/dsk/d50] [9892740 kB (80%) free on /dev/md/dsk/d60] [16301852 kB (80%) free on nefertari:/product/cvs] [13942787 kB (75%) free on osiris:/opt/contentserver/CSCluster] [6227616 kB (18%) free on nasdm2:/sigma/sigma/utilitats] [6499752 kB (78%) free on nasdm2:/sia/www/cgi-bin] [4126008 kB (99%) free on nasdm2:/portal_forum] and this is the result when i try to check it from server using nrpe: sensor# ./check_nrpe -H isis -c check_disk1 DISK WARNING [2116033 kB (51%) free on /dev/md/dsk/d10] [1917350 kB (46%) free on /dev/md/dsk/d30] [7863912 kB (99%) free on swap] [7863912 kB (99%) free on swap] [3219111 kB (78%) free on /dev/md/dsk/d40] [15269693 kB (83%) free on /dev/md/dsk/d50] [9892868 kB (80%) free on /dev/md/dsk/d60] [16301852 kB (80%) free on nefertari:/product/cvs] [13948714 kB (75%) free on osiris:/opt/contentserver/CSCluster] [6227632 kB (18%) free on nasdm2:/sigma/sigma/utilitats] [6499776 kB (78%) free on nasdm2:/sia/www/cgi-bin] Any help would be greatly appreciated. Thanks in advance! - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NRPE_NT and Win NT 4.0 Problem
On Thu, 28 Dec 2006, Rene Fertig wrote: Is there a known issue with nrpe_nt (0.8b) and Windows NT 4.0?? The service is running and responding, but the exit code/errorlevel is not transmitted. I always receive 0 (OK). On a Win2k-box everything works fine. Retire the NT 4 boxes. (Should have been done quite a while ago in fact.) I guess this is not what you like to hear but NT4 is ancient and not supported by Microsoft for quite a while now. (Unless you pay extorsion level prices to get support on obsolete software.) Hugo. -- [EMAIL PROTECTED] http://hvdkooij.xs4all.nl/ This message is using 100% recycled electrons. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NRPE problem
On Thu, 28 Dec 2006, Jesús Oliván wrote: i'm using NRPE to monitorize a Solaris host. When i launch disk nrpe request through check_nrpe plugin on server machine, it returns me a DISK Warning problem, and my host nrpe config is configured to see warnings since 10% space free, but any filesystem reaches 18%. Curiously, if i try to execute check_disk plugin from the host machine, it works well and returns me a DISK OK message. This is nrpe.cfg from client machine: command[check_disk1]=/usr/local/lib/nagios/plugins/check_disk -w 10 -c 5 if i execute this plugin from localhost, this is the result: [EMAIL PROTECTED]:/usr/local/etc: /usr/local/lib/nagios/plugins/check_disk -w 10 -c 5 DISK OK [2116032 kB (51%) free on /dev/md/dsk/d10] [1916289 kB (46%) free on /dev/md/dsk/d30] [7864408 kB (99%) free on swap] [7864408 kB (99%) free on swap] [3218951 kB (78%) free on /dev/md/dsk/d40] [15269693 kB (83%) free on /dev/md/dsk/d50] [9892740 kB (80%) free on /dev/md/dsk/d60] [16301852 kB (80%) free on nefertari:/product/cvs] [13942787 kB (75%) free on osiris:/opt/contentserver/CSCluster] [6227616 kB (18%) free on nasdm2:/sigma/sigma/utilitats] [6499752 kB (78%) free on nasdm2:/sia/www/cgi-bin] [4126008 kB (99%) free on nasdm2:/portal_forum] Can you do this on a partition basis? What happens if you check only a single partition with 1 check? It is a matter of taste but I would like to get a more specific alert if a partition is running low. So I would split it into 1 service per partition. Also I would prefer to keep NFS disks out of such a list and check on them on the NFS server itself. Hugo. -- [EMAIL PROTECTED] http://hvdkooij.xs4all.nl/ This message is using 100% recycled electrons.- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Regarding SNMP Trap
I had performance issues having Nagios process every trap.
We have a fairly large SNMP utilization over here. Our Netscreen
firewalls send quite a few traps sometimes. On order of 10/s or
more during attacks (usually virus outbreaks). Wasn't very
happy with my monitoring server keel over during an event.
So, here is what I have done:
1) snmptrapd does run snmptthandler, but I ported snmptthandler
to C. http://lanning.cc/nagios/snmptthandler.c
2) snmptt is run in daemon mode with the modification at the end
of this message.
3) Nagios runs this service check for every host
http://lanning.cc/nagios/check_snmp_trap
4) The extra service notes URL points to this CGI scipt:
http://lanning.cc/nagios/showsnmptraps.txt
(in the near future, I am going to put in a way to look at
traps other than today)
5) snmptt seems to have a memory leak. (based on amount of traps
processed) So, I have a cron job restarting it every 6 hours.
6) snmptrapd seems to also have a memory leak, though smaller
than snmptt. So, I have it restarted once a day.
7) snmptt.conf contains: for each configured trap (including a
catchall .1.*)
EXEC log_snmptrap $@ $A 2 ...message...
---
$ diff snmptt snmptt.orig
58,78d57
sub nagiostraplog
{
my $LOGBASE=/usr/local/nagios/var/snmptraps;
my $timestamp = shift;
my $host = shift;
my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) =
gmtime($timestamp);
$year += 1900;
$mon++;
my $LOGDir = $LOGBASE/$host/$year/$mon;
if ( ! -d $LOGDir ) {
system(umask 022;mkdir -p $LOGDir);
};
open (NAGLOG,$LOGDir/${mday}.log);
print NAGLOG [$timestamp] . join(;,@_) . \n;
close (NAGLOG);
}
1539,1556c1518
if ($command =~ /log_snmptrap/)
{
$command =~ s/^.*log_snmptrap\s*//;
my @args = split(/\s+/,$command);
my $timestamp = shift(@args);
my $ip = shift(@args);
my $severity = shift(@args);
my $message = join( ,@args);
$timestamp =~ s/[^0-9]+//g;
$ip =~ s/[^0-9.]+//g;
$severity =~ s/[^0-9]+//g;
$message =~ s///g;
nagiostraplog($timestamp,$ip,$severity,$message);
}
else
{
system $command;
}
---
system $command;
--
And, did Galoka think the Ulus were too ugly to save?
-Centauri
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Performance issues, too
quote who=Tobias Klausmann On Mon, 25 Dec 2006, Robert Hajime Lanning wrote: I have a few that use the output of the last check to see differences in accumulators and the like. And I see that the caching code caches a parsed version of the arguments. This caching has no expirations just appending the new argument list. That might explain memory consumption, though one has to wonder if linear increase is fast enough to explain it. If the arguments get *doubled* everytime, though... Ok, I have done two things. 1) removed caching of arguments (it now parses arguments every time, in the child process) 2) I have modified all my perl based checks to use my instead of use vars. This is to scope the variables to the package that the service check is encapsulated in. So, now my load seems to have lowered to about 1.5 from 2.2. The CPU time in kernel space no longer grows in that curve fashion as seen in the graphs posted earlier. It still grows but now more linearly and at a slower pace. I started a cron job, every five minutes, that logs the size of the master Nagios process in kilobytes. (pagesize is 8k) The drop from 14920 to 11920 was the cron'd restart of Nagios. [Thu Dec 28 00:00:01 UTC 2006] 14920 [Thu Dec 28 00:05:00 UTC 2006] 11920 [Thu Dec 28 00:10:00 UTC 2006] 11960 [Thu Dec 28 00:15:00 UTC 2006] 11992 [Thu Dec 28 00:20:00 UTC 2006] 12000 [Thu Dec 28 00:25:00 UTC 2006] 12000 [Thu Dec 28 00:30:00 UTC 2006] 12000 [Thu Dec 28 00:35:00 UTC 2006] 12024 [Thu Dec 28 00:40:00 UTC 2006] 12032 [Thu Dec 28 00:45:00 UTC 2006] 12048 [Thu Dec 28 00:50:00 UTC 2006] 12056 [Thu Dec 28 00:55:00 UTC 2006] 12072 The service check cache code is implemented in the p1.pl, so I have been really looking at it. Once the check is compiled, there is a really short code path in p1.pl for the Nagios master process. So, I think the leak is more in ePN, than perlcache. -- And, did Galoka think the Ulus were too ugly to save? -Centauri - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] ANNOUNCE: Nagios Looking Glass 1.0.0#PRE is here!
Hi Andy, You're not thinking about the architecture of how NLG works: Client-side - front user-interface (sits on any public webserver) -- this is publicly available Server-side - back-end poller (sits on Nagios server) -- this is what should be authenticated If someone can provide me with a way in which NLG can be used to extract data users wouldn't normally see through Nagios, then I'll be only too happy to change how I feel. Besides the question if webservices are available to the public or not I would like to explain why I posted my findings. Part of my job is checking on security issues for products we might want to use. You have stated that currently it is not a problem. True. But consider the fact that this is a project in development. From my experience one needs to make sure user input is sanitized since you can't predict the excisting code wil not be expended in a case where other url parameters might be read. Sanitizing is always a good idea. As for people like me, I asume I'm not the only one, we tend to do security audits on code that we might want to use for our office or even for our clients. I will always run a first check before installing any solution. With possible problem's like input that is not sanitized I tend to look for other products since it only costs me more time to to audit code that will have unsanitized parts. Again, I am not stating it is insecure but it is my beleive it could get insecure once a project is growing. I will have the time to do a more specified audit in a few weeks. Will let you know what my findings are. Best regards, Hans - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] GroundWork Monitor and GroundWork Foundation
Hi, I am investigating alternatives to a current Nagios installation and am looking at GroundWork Monitor (http://www.groundworkopensource.com/products ). Has anyone evaluated either GroundWork Monitor Open Source or GroundWork Monitor Professional? Is anyone using GroundWork Foundation ( http://www.groundworkopensource.com/products ) with Nagios? Any thoughts on the company or their product would be appreciated. Thanks, John - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] GroundWork Monitor and GroundWork Foundation
I sent the wrong link for GroundWork Foundation. The correct one is http://sourceforge.net/projects/gwfoundation . _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Giaccotto Sent: Thursday, December 28, 2006 8:25 AM To: nagios-users@lists.sourceforge.net Subject: [Nagios-users] GroundWork Monitor and GroundWork Foundation Hi, I am investigating alternatives to a current Nagios installation and am looking at GroundWork Monitor (http://www.groundworkopensource.com/products ). Has anyone evaluated either GroundWork Monitor Open Source or GroundWork Monitor Professional? Is anyone using GroundWork Foundation ( http://www.groundworkopensource.com/products ) with Nagios? Any thoughts on the company or their product would be appreciated. Thanks, John - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NRPE_NT and Win NT 4.0 Problem
Hi Hugo. Am Donnerstag, 28. Dezember 2006 11:28 schrieb Hugo van der Kooij: Is there a known issue with nrpe_nt (0.8b) and Windows NT 4.0?? The service is running and responding, but the exit code/errorlevel is not transmitted. I always receive 0 (OK). On a Win2k-box everything works fine. Retire the NT 4 boxes. (Should have been done quite a while ago in fact.) I guess this is not what you like to hear but NT4 is ancient and not supported by Microsoft for quite a while now. (Unless you pay extorsion level prices to get support on obsolete software.) Unfortunately the application running on this PC need NT4, it didn't run under Win2k. So if there is no solution for the above mentioned NRPE_NT/WinNT-problem I will try if a passive check can do the job. Bye, Rene -- - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] GroundWork Monitor and GroundWork Foundation
Has anyone evaluated either GroundWork Monitor Open Source or GroundWork Monitor Professional? I have used Nagios for many years, ever since before it was called Nagios. It's my preferred open-source monitoring solution. I've also put a lot of time over the years into looking for GUI interface options for Nagios. I, myself, live all day in VI, and I rarely even have X11 installed on my servers. But for others I work with, novice-friendly web interfaces can be real nice. That being said, I like what Groundwork has done a lot. I only discovered what they were doing in the last 6-12 months. Before that, I was generally not satisfied with the quality and features of Nagios GUI options. I've been using the open-source version of Groundwork's package, the latest stable version. (4.5.11, I believe) It made it VERY easy to set up a new server and install all required software. (One big RPM package, mainly) I was also greatly impressed with the quality of the GUI itself. It seems to give easier options for setting up some things, as well as nicer security access options. I highly recommend anyone trying to set up Nagios consider the open-source Groundwork package. For Nagios veterans, well, I'd probably still recommend it about as highly! ;) Is anyone using GroundWork Foundation ( http://www.groundworkopensource.com/products ) with Nagios? Any thoughts on the company or their product would be appreciated. Not familiar with the Foundation stuff, no. -- Jason Byrns Production Manager System Administrator http://www.MicroLnk.com/ 402-328-8600 ext. 653 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Service depedency problem
Quoting Andreas Ericsson [EMAIL PROTECTED]: Because you have 'u' (notify when unreachable) in your host_notification_options. I suppose there is a slight misunderstanding here, as I am very happy with the current host_notification situation (either parent or dependencies). I suggest not using dependencies at all, but instead using the parents directive and removing 'u' from your host_notification_options. I also suggest reading the documentation regarding parents, host_notification_options and notification logic. Dependencies can be a fine thing for services. It's almost always the wrong thing to use for hosts. The real problem is WITH services, if a parent host ping, for example, is critical, I get service alert for hosts that behind the parent host. But if the parent host is down, no alerts are sent for hosts behind the parent (works like a charm). To rephrase the original issue, how should I change the dependencies.cfg, if I really don't want to get any service alerts for dependedent services, if all services rely on the ping status of a parent host PING service? -Miika - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] NC_Net
Hello,
I was wondering if you can help me. I am trying to check a Microsoft
Ishare service with Nagios.
When I run the check_nt command from the command line the service check
work just fine.
./check_nt -H 10.129.162.187 -p 1248 -v SERVICESTATE -l
'mssql$sharepoint' -d SHOWALL
mssql$sharepoint: Started
I have tried several way of checking, with a \ before the dollar sign,
in dowuble quotes etc.
However when I look at the service check via the web there is a trailing
$
Host
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=1sortoption=1
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=2sortoption=1
Service
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=1sortoption=2
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=2sortoption=2
Status
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=1sortoption=3
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=2sortoption=3
Last Check
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=1sortoption=4
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=2sortoption=4
Duration
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=1sortoption=6
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=2sortoption=6
Attempt
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=1sortoption=5
http://co-log01/nagios/cgi-bin/status.cgi?hostgroup=ISHAREstyle=detail
servicestatustypes=4sorttype=2sortoption=5
Status Information
co-spdb http://co-log01/nagios/cgi-bin/extinfo.cgi?type=1host=co-spdb
http://co-log01/nagios/cgi-bin/extinfo.cgi?type=1host=co-spdb
DatabaseServices
http://co-log01/nagios/cgi-bin/extinfo.cgi?type=2host=co-spdbservice=
DatabaseServices
WARNING
12-28-2006 11:30:42
35d 22h 28m 56s
3/3
mssql$sharepoint$: Unknown
Here is my service definition:
define service{
use ping-service
host_name co-spdb
service_description DatabaseServices
contact_groups ishare
check_command
check_nt_service!'mssql$sharepoint'
}
Here is my command definition:
# 'check_nt_service' command definition
define command{
command_namecheck_nt_service
command_line$USER1$/check_nt -H $HOSTADDRESS$ -p 1248 -v
SERVICESTATE -l $ARG1$ -d SHOWALL
}
Any help will be appreciated.
Thanks,
Luis
Luis Lacayo
Sr. UNIX Admin
Chicago Public Schools
Office of Technology Services
125 S. Clark Street - Suite 300
Chicago, IL 60603
Direct:773-553-3835
Office: 773-553-1300
FAX:773-553-1363
[EMAIL PROTECTED]
image001.gif
Description: image001.gif
image002.gif
Description: image002.gif
attachment: image004.jpg
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] NC_Net
I am currently using NC_NET with Nagios to monitor 700+ checks. In order
to check mssql services, I use single quotes and double the $ sign
Example:
check_command check_nt_service!'mssql$$sharepoint'
___
Jason Shein
Network Administrator – Linux Systems
Iovate Health Sciences Inc.
5100 Spectrum Way
Mississauga, ON L4W 5S2
( 905 ) - 678 - 3119 x 3136
1 - 888 - 334 - 4448,x 3136 (toll-free)
[EMAIL PROTECTED]
Customer Service. Collaboration. Innovation. Efficiency.
Iovate's Information Technology Team
___
CONFIDENTIALITY NOTICE:
THIS ELECTRONIC MAIL TRANSMISSION IS PRIVILEGED AND CONFIDENTIAL AND IS
INTENDED ONLY FOR THE REVIEW OF THE PARTY TO WHOM IT IS ADDRESSED.
THE INFORMATION CONTAINED IN THIS E-MAIL IS CONFIDENTIAL AND IS DISCLOSED
TO YOU UNDER THE EXPRESS UNDERSTANDING THAT YOU WILL NOT DISCLOSE IT
OR ITS CONTENTS TO ANY THIRD PARTY WITHOUT THE EXPRESS WRITTEN CONSENT
OF AN AUTHORIZED OFFICER OF IOVATE HEALTH SCIENCES SERVICES INC. IF YOU
HAVE
RECEIVED THIS TRANSMISSION IN ERROR, PLEASE IMMEDIATELY RETURN IT
TO THE SENDER.
___
Lacayo, Luis F [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
12/28/2006 12:44 PM
To
[EMAIL PROTECTED]
cc
nagios-users@lists.sourceforge.net
Subject
[Nagios-users] NC_Net
Hello,
I was wondering if you can help me. I am trying to check a Microsoft
Ishare service with Nagios.
When I run the check_nt command from the command line the service check
work just fine.
./check_nt -H 10.129.162.187 -p 1248 -v SERVICESTATE -l 'mssql$sharepoint'
-d SHOWALL
mssql$sharepoint: Started
I have tried several way of checking, with a \ before the dollar sign, in
dowuble quotes etc.
However when I look at the service check via the web there is a trailing $
Host
Service
Status
Last Check
Duration
Attempt
Status Information
co-spdb
DatabaseServices
WARNING
12-28-2006 11:30:42
35d 22h 28m 56s
3/3
mssql$sharepoint$: Unknown
Here is my service definition:
define service{
use ping-service
host_name co-spdb
service_description DatabaseServices
contact_groups ishare
check_command check_nt_service!'mssql$sharepoint'
}
Here is my command definition:
# 'check_nt_service' command definition
define command{
command_namecheck_nt_service
command_line$USER1$/check_nt -H $HOSTADDRESS$ -p 1248 -v
SERVICESTATE -l $ARG1$ -d SHOWALL
}
Any help will be appreciated.
Thanks,
Luis
Luis Lacayo
Sr. UNIX Admin
Chicago Public Schools
Office of Technology Services
125 S. Clark Street – Suite 300
Chicago, IL 60603
Direct:773-553-3835
Office: 773-553-1300
FAX:773-553-1363
[EMAIL PROTECTED]
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share
your
opinions on IT business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when
reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] error installing nagios-plugins-1.4.5
Hello when i execute make i have an error: check_mysql.c:165: error: âMYSQL_FIELDâ undeclared (first use in this function) check_mysql.c:165: error: âfieldsâ undeclared (first use in this function) make[2]: *** [check_mysql-check_mysql.o] Error 1 make[2]: Leaving directory `/install/nagios-plugins-1.4.5/plugins' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/install/nagios-plugins-1.4.5' make: *** [all] Error 2 anybody can help me? thanks _ Find sales, coupons, and free shipping, all in one place! MSN Shopping Sales Deals http://shopping.msn.com/content/shp/?ctid=198,ptnrid=176,ptnrdata=200639 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] error installing nagios-plugins-1.4.5
When you ./configure you need to add --with-mysql=/path/to/mysql into the ./configure options. Andy. Carlos Sánchez wrote: Hello when i execute make i have an error: check_mysql.c:165: error: ‘MYSQL_FIELD’ undeclared (first use in this function) check_mysql.c:165: error: ‘fields’ undeclared (first use in this function) make[2]: *** [check_mysql-check_mysql.o] Error 1 make[2]: Leaving directory `/install/nagios-plugins-1.4.5/plugins' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/install/nagios-plugins-1.4.5' make: *** [all] Error 2 anybody can help me? thanks _ Find sales, coupons, and free shipping, all in one place! MSN Shopping Sales Deals http://shopping.msn.com/content/shp/?ctid=198,ptnrid=176,ptnrdata=200639 !DSPAM:37,45940ed731941618886302! - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV !DSPAM:37,45940ed731941618886302! ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null !DSPAM:37,45940ed731941618886302! -- Andy Shellam NetServe Support Team the Mail Network an alternative in a standardised world p: +44 (0) 121 288 0832/0839 m: +44 (0) 7818 000834 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] error installing nagios-plugins-1.4.5
Why I need add --with-mysql=/path/to/mysql dont the nagios version 2 use mysql? my instruccion for configure is: ./configure --prefix=/nagios --with-cgiurl=/nagios/cgi-bin From: Andy Shellam (Mailing Lists) [EMAIL PROTECTED] To: Carlos Sánchez [EMAIL PROTECTED], Nagios Users mailinglist nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] error installing nagios-plugins-1.4.5 Date: Thu, 28 Dec 2006 18:46:24 + When you ./configure you need to add --with-mysql=/path/to/mysql into the ./configure options. Andy. Carlos Sánchez wrote: Hello when i execute make i have an error: check_mysql.c:165: error: âMYSQL_FIELDâ undeclared (first use in this function) check_mysql.c:165: error: âfieldsâ undeclared (first use in this function) make[2]: *** [check_mysql-check_mysql.o] Error 1 make[2]: Leaving directory `/install/nagios-plugins-1.4.5/plugins' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/install/nagios-plugins-1.4.5' make: *** [all] Error 2 anybody can help me? thanks _ Find sales, coupons, and free shipping, all in one place! MSN Shopping Sales Deals http://shopping.msn.com/content/shp/?ctid=198,ptnrid=176,ptnrdata=200639 !DSPAM:37,45940ed731941618886302! - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV !DSPAM:37,45940ed731941618886302! ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null !DSPAM:37,45940ed731941618886302! -- Andy Shellam NetServe Support Team the Mail Network an alternative in a standardised world p: +44 (0) 121 288 0832/0839 m: +44 (0) 7818 000834 _ Type your favorite song. Get a customized station. Try MSN Radio powered by Pandora. http://radio.msn.com/?icid=T002MSN03A07001 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] error installing nagios-plugins-1.4.5
On Thu, 2006-12-28 at 13:48 -0500, Carlos Sánchez wrote: Why I need add --with-mysql=/path/to/mysql dont the nagios version 2 use mysql? No. It doesn't. If you need mysql backend you should try nagios-db or ndoutils. my instruccion for configure is: ./configure --prefix=/nagios --with-cgiurl=/nagios/cgi-bin From: Andy Shellam (Mailing Lists) [EMAIL PROTECTED] To: Carlos Sánchez [EMAIL PROTECTED], Nagios Users mailinglist nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] error installing nagios-plugins-1.4.5 Date: Thu, 28 Dec 2006 18:46:24 + When you ./configure you need to add --with-mysql=/path/to/mysql into the ./configure options. Andy. Carlos Sánchez wrote: Hello when i execute make i have an error: check_mysql.c:165: error: ‘MYSQL_FIELD’ undeclared (first use in this function) check_mysql.c:165: error: ‘fields’ undeclared (first use in this function) make[2]: *** [check_mysql-check_mysql.o] Error 1 make[2]: Leaving directory `/install/nagios-plugins-1.4.5/plugins' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/install/nagios-plugins-1.4.5' make: *** [all] Error 2 anybody can help me? thanks _ Find sales, coupons, and free shipping, all in one place! MSN Shopping Sales Deals http://shopping.msn.com/content/shp/?ctid=198,ptnrid=176,ptnrdata=200639 !DSPAM:37,45940ed731941618886302! - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV !DSPAM:37,45940ed731941618886302! ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null !DSPAM:37,45940ed731941618886302! -- Andy Shellam NetServe Support Team the Mail Network an alternative in a standardised world p: +44 (0) 121 288 0832/0839 m: +44 (0) 7818 000834 _ Type your favorite song. Get a customized station. Try MSN Radio powered by Pandora. http://radio.msn.com/?icid=T002MSN03A07001 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null AVISO: A informação contida neste e-mail, bem como em qualquer de seus anexos, é CONFIDENCIAL e destinada ao uso exclusivo do(s) destinatário(s) acima referido(s), podendo conter informações sigilosas e/ou legalmente protegidas. Caso você não seja o destinatário desta mensagem, informamos que qualquer divulgação, distribuição ou cópia deste e-mail e/ou de qualquer de seus anexos é absolutamente proibida. Solicitamos que o remetente seja comunicado imediatamente, respondendo esta mensagem, e que o original desta mensagem e de seus anexos, bem como toda e qualquer cópia e/ou impressão realizada a partir destes, sejam permanentemente apagados e/ou destruídos. Informações adicionais sobre nossa empresa podem ser obtidas no site http://sobre.uol.com.br/. NOTICE: The information contained in this e-mail and any attachments thereto is CONFIDENTIAL and is intended only for use by the recipient named herein and may contain legally privileged and/or secret information. If you are not the e-mail´s intended recipient, you are hereby notified that any dissemination, distribution or copy of this e-mail, and/or any attachments thereto, is strictly prohibited. Please immediately notify the sender replying to the above mentioned e-mail address, and permanently delete and/or destroy the original and any copy of this e-mail and/or its attachments, as well as any printout thereof. Additional information about our company may be obtained through the site http://www.uol.com.br/ir/.
Re: [Nagios-users] ANNOUNCE: Nagios Looking Glass 1.0.0#PRE is here!
Hi Robert, Thanks for your description below but I'm still struggling to come to terms with how NLG can be used to attack another site. Firstly, my understanding of an XSS attack is of the following: - Client requests a page (eg. www.yahoo.com) - Hacker strips the response packets off the wire and replaces them with packets that have come from (eg. www.google.co.uk) - Client receives www.google.co.uk as a result of hacker's actions Sure, this is a problem in sites with login/sensitive details stored in cookies etc, which is over any HTTP connection. If this understanding is correct, is it Google's problem that a hacker is sending it's website in place of a different site? It's a public site after all that anyone (including hackers) can access. Now if the client receives bad data from NLG - the data is only bad in the sense that the server list will be empty, or will be reset to the default (filter/group 0.) Dependent on the attack source, it may even only be part of the template (as the full template is requested in 3 parts.) How is this a security risk? Also if the hacker strips the HTTP request from the client (www.yahoo.co.uk) and instead sends it to my webserver, it'll return an error code as it doesn't proxy - again where's the security risk? Sorry if I'm way off, I'll happily work with anyone who wants to offer their support to make NLG more secure - but I still maintain the only additional check necessary is that fid and gid (GET variables) are integers - if they're not, reset them both to 0 (or throw an error if filter/group 0 don't exist.) This will be implemented in 1.0.0. In actual fact the poller already does this: (in server/s3_poller.php, line 63 - settype($FilterToApply, integer) and also line 73.) Therefore if the variable is non-integer, it will be forced to 0. The only one thing to do is check that the filter/group exists, and perform the same check on the client-side. Thanks, Andy. Robert Hajime Lanning wrote: quote who=Andy Shellam (Mailing Lists) From the client-side, the URL that's built in the JavaScript comes out to: ?view=serverfid=1gid=3 That's the most info you'll get out of the JS - pass that to the s3_client.php page and you'll get an un-styled, plain format of the page that's rendered when you click on a Server link. What benefit is there (to a normal user or a hacker) of wanting to change the fid and gid? They do nothing except choose which data you want to get back to the client front-end. It might not be a security issue to NLG, but passing any variable back to the client, unsanitized, is an opening for cross site scripting (XSS). This is where an attacker feeds the URL for your site (including the bad data) to an unknowing client, that then receives the bad data as part of the returned web page from your site. It is usually an attack directly to the web browser, or to another site, relayed by your site. So, ALL variables that contain data from outside the server environment must be sanitized before use. This is why perl has their taint mode. Where all variables that contain external data are tainted until sanitized through substitutions and the likes. And it gives errors if a tainted variable is used before being sanitized. In PHP, you have to be aware, as it does not have a taint like mode. -- Andy Shellam NetServe Support Team the Mail Network an alternative in a standardised world p: +44 (0) 121 288 0832/0839 m: +44 (0) 7818 000834 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] error installing nagios-plugins-1.4.5
The nagios-plugins builds a MySQL plugin so it needs to know where to find the MySQL libraries. You may need to use --without-mysql or something similar if you don't want this (I can't remember offhand how to exclude MySQL from the plugins.) Andy. Marcel Mitsuto Fucatu Sugano wrote: On Thu, 2006-12-28 at 13:48 -0500, Carlos Sánchez wrote: Why I need add --with-mysql=/path/to/mysql dont the nagios version 2 use mysql? No. It doesn't. If you need mysql backend you should try nagios-db or ndoutils. my instruccion for configure is: ./configure --prefix=/nagios --with-cgiurl=/nagios/cgi-bin From: Andy Shellam (Mailing Lists) [EMAIL PROTECTED] To: Carlos Sánchez [EMAIL PROTECTED], Nagios Users mailinglist nagios-users@lists.sourceforge.net Subject: Re: [Nagios-users] error installing nagios-plugins-1.4.5 Date: Thu, 28 Dec 2006 18:46:24 + When you ./configure you need to add --with-mysql=/path/to/mysql into the ./configure options. Andy. Carlos Sánchez wrote: Hello when i execute make i have an error: check_mysql.c:165: error: ‘MYSQL_FIELD’ undeclared (first use in this function) check_mysql.c:165: error: ‘fields’ undeclared (first use in this function) make[2]: *** [check_mysql-check_mysql.o] Error 1 make[2]: Leaving directory `/install/nagios-plugins-1.4.5/plugins' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/install/nagios-plugins-1.4.5' make: *** [all] Error 2 anybody can help me? thanks _ Find sales, coupons, and free shipping, all in one place! MSN Shopping Sales Deals http://shopping.msn.com/content/shp/?ctid=198,ptnrid=176,ptnrdata=200639 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV !DSPAM:37,45940ed731941618886302! ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null !DSPAM:37,45940ed731941618886302! -- Andy Shellam NetServe Support Team the Mail Network an alternative in a standardised world p: +44 (0) 121 288 0832/0839 m: +44 (0) 7818 000834 _ Type your favorite song. Get a customized station. Try MSN Radio powered by Pandora. http://radio.msn.com/?icid=T002MSN03A07001 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null AVISO: A informação contida neste e-mail, bem como em qualquer de seus anexos, é CONFIDENCIAL e destinada ao uso exclusivo do(s) destinatário(s) acima referido(s), podendo conter informações sigilosas e/ou legalmente protegidas. Caso você não seja o destinatário desta mensagem, informamos que qualquer divulgação, distribuição ou cópia deste e-mail e/ou de qualquer de seus anexos é absolutamente proibida. Solicitamos que o remetente seja comunicado imediatamente, respondendo esta mensagem, e que o original desta mensagem e de seus anexos, bem como toda e qualquer cópia e/ou impressão realizada a partir destes, sejam permanentemente apagados e/ou destruídos. Informações adicionais sobre nossa empresa podem ser obtidas no site http://sobre.uol.com.br/. NOTICE: The information contained in this e-mail and any attachments thereto is CONFIDENTIAL and is intended only for use by the recipient named herein and may contain legally privileged and/or secret information. If you are not the e-mail´s intended recipient, you are hereby notified that any dissemination, distribution or copy of this e-mail, and/or any attachments thereto, is strictly prohibited. Please immediately notify the sender replying to the
Re: [Nagios-users] ANNOUNCE: Nagios Looking Glass 1.0.0#PRE is here!
Okay I've just been reading up on XSS attacks, and from what I can gather it's similar in essence to SQL injection attacks. This link is an example: http://www.bbc.co.uk/bbcone/listings/index.shtml?service_id=4223DAY=today%22%3E%3Cscript%20src=http://www.securitylab.ru/test/sc.js%3E%3C/script%3E%3C!-- From what I gather, most XSS are script-injections or injections where external data (ie. a GET variable) is changed - in the above case a script .../script tag has been inserted. In which case NLG is not vulnerable to these types of attacks as it does not send, verbatim, any GET variables - the 4 variables it uses - fid, gid, sid, and view - are only used to request further information (eg. 'view' tells NLG which view to render - server status, network status, or server summary - 'sid' is a server sequence - so 0 gets the first alphabetical server, 1 gets the second server etc. and the same for the group/filter.) It never returns the variable value to print verbatim in the page. Also with the confirmation that the poller does check the variables before using them, I think NLG isn't going to suffer. If any fancies cracking it, and showing me how it can be done, I'll do everything in my power to fix it, but with the addition of the client-side checking of the variables before passing them off to the poller, I'll maintain it's not at risk. Thanks, Andy. Robert Hajime Lanning wrote: quote who=Andy Shellam (Mailing Lists) From the client-side, the URL that's built in the JavaScript comes out to: ?view=serverfid=1gid=3 That's the most info you'll get out of the JS - pass that to the s3_client.php page and you'll get an un-styled, plain format of the page that's rendered when you click on a Server link. What benefit is there (to a normal user or a hacker) of wanting to change the fid and gid? They do nothing except choose which data you want to get back to the client front-end. It might not be a security issue to NLG, but passing any variable back to the client, unsanitized, is an opening for cross site scripting (XSS). This is where an attacker feeds the URL for your site (including the bad data) to an unknowing client, that then receives the bad data as part of the returned web page from your site. It is usually an attack directly to the web browser, or to another site, relayed by your site. So, ALL variables that contain data from outside the server environment must be sanitized before use. This is why perl has their taint mode. Where all variables that contain external data are tainted until sanitized through substitutions and the likes. And it gives errors if a tainted variable is used before being sanitized. In PHP, you have to be aware, as it does not have a taint like mode. -- Andy Shellam NetServe Support Team the Mail Network an alternative in a standardised world p: +44 (0) 121 288 0832/0839 m: +44 (0) 7818 000834 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
[Nagios-users] Service Check Timed Out Error
I am running Nagios 2.6 on a Fedora Core 5 system, and am trying to monitor a remote host also running Fedora Core 5 with NRPE 2.5.2. I have configured nrpe to use SSL. The commands.cfg file on the Nagios server has an entry for check_nrpe, and I have included the option -t 60 in the definition. The client system has a command_timeout setting of 60 as well. Whenever I try either automatically or manually monitor the remote client, I get a Service Check Timed Out Error message. The messages and nagios.log files on the server both indicate a socket timeout occurred. What do I need to do to correct this? Thanks. THE INFORMATION TRANSMITTED IN THIS ELECTRONIC COMMUNICATION IS INTENDED ONLY FOR THE PERSON OR ENTITY TO WHOM IT IS ADDRESSED AND MAY CONTAIN CONFIDENTIAL AND/OR PRIVILEGED MATERIAL. ANY REVIEW, RETRANSMISSION, DISSEMINATION OR OTHER USE OF OR TAKING OF ANY ACTION IN RELIANCE UPON, THIS INFORMATION BY PERSONS OR ENTITIES OTHER THAN THE INTENDED RECIPIENT IS PROHIBITED. IF YOU RECEIVED THIS INFORMATION IN ERROR, PLEASE CONTACT THE SENDER AND THE PRIVACY OFFICER, AND PROPERLY DISPOSE OF THIS INFORMATION. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] ANNOUNCE: Nagios Looking Glass 1.0.0#PRE is here!
On Thu, 28 Dec 2006, Andy Shellam (Mailing Lists) wrote: Thanks for your description below but I'm still struggling to come to terms with how NLG can be used to attack another site. Firstly, my understanding of an XSS attack is of the following: - Client requests a page (eg. www.yahoo.com) - Hacker strips the response packets off the wire and replaces them with packets that have come from (eg. www.google.co.uk) - Client receives www.google.co.uk as a result of hacker's actions Well if you trust site A but not site B and site B can trick your browser into thinking that the data comes from site A instead you are exposed to site B. Site A is the unwilling accomplish in this scheme and that is one thing you have to be carefull about. Hugo. -- [EMAIL PROTECTED] http://hvdkooij.xs4all.nl/ This message is using 100% recycled electrons. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Service Check Timed Out Error
It seems something is stopping your NRPE client from answering to the server. Try telnet nrpe_client_server 5666 and see if it connects or times out. If it times out, check firewalls/SELinux etc. Andy. Kaplan, Andrew H. wrote: I am running Nagios 2.6 on a Fedora Core 5 system, and am trying to monitor a remote host also running Fedora Core 5 with NRPE 2.5.2. I have configured nrpe to use SSL. The commands.cfg file on the Nagios server has an entry for check_nrpe, and I have included the option –t 60 in the definition. The client system has a command_timeout setting of 60 as well. Whenever I try either automatically or manually monitor the remote client, I get a Service Check Timed Out Error message. The messages and nagios.log files on the server both indicate a socket timeout occurred. What do I need to do to correct this? Thanks. THE INFORMATION TRANSMITTED IN THIS ELECTRONIC COMMUNICATION IS INTENDED ONLY FOR THE PERSON OR ENTITY TO WHOM IT IS ADDRESSED AND MAY CONTAIN CONFIDENTIAL AND/OR PRIVILEGED MATERIAL. ANY REVIEW, RETRANSMISSION, DISSEMINATION OR OTHER USE OF OR TAKING OF ANY ACTION IN RELIANCE UPON, THIS INFORMATION BY PERSONS OR ENTITIES OTHER THAN THE INTENDED RECIPIENT IS PROHIBITED. IF YOU RECEIVED THIS INFORMATION IN ERROR, PLEASE CONTACT THE SENDER AND THE PRIVACY OFFICER, AND PROPERLY DISPOSE OF THIS INFORMATION. !DSPAM:37,459434a931944790858665! - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV !DSPAM:37,459434a931944790858665! ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null !DSPAM:37,459434a931944790858665! -- Andy Shellam NetServe Support Team the Mail Network an alternative in a standardised world p: +44 (0) 121 288 0832/0839 m: +44 (0) 7818 000834 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] ANNOUNCE: Nagios Looking Glass 1.0.0#PRE is here!
Thanks Hugo, I'm just about getting to grips with XSS attacks, and I'm pretty certain NLG is not vulnerable. Andy. Hugo van der Kooij wrote: On Thu, 28 Dec 2006, Andy Shellam (Mailing Lists) wrote: Thanks for your description below but I'm still struggling to come to terms with how NLG can be used to attack another site. Firstly, my understanding of an XSS attack is of the following: - Client requests a page (eg. www.yahoo.com) - Hacker strips the response packets off the wire and replaces them with packets that have come from (eg. www.google.co.uk) - Client receives www.google.co.uk as a result of hacker's actions Well if you trust site A but not site B and site B can trick your browser into thinking that the data comes from site A instead you are exposed to site B. Site A is the unwilling accomplish in this scheme and that is one thing you have to be carefull about. Hugo. -- Andy Shellam NetServe Support Team the Mail Network an alternative in a standardised world p: +44 (0) 121 288 0832/0839 m: +44 (0) 7818 000834 - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] ANNOUNCE: Nagios Looking Glass 1.0.0#PRE is here!
On Thu, Dec 28, 2006 at 06:58:38PM +, Andy Shellam (Mailing Lists) wrote:
Hi Robert,
Hi Andy,
I'm reading your responses and from others, but I'm under impression
that you're trying to fight symptoms instead of really focus your
energy on the real problem. I see that you try to learn and improve
and I think its worth the time to get the discussion going again, but
in a direction we all might benefit from.
Also if you think I'm intrusive or dominant or arrogant. My apologies
in advance to you all, but its not to troll or something like that.
Thanks for your description below but I'm still struggling to come to
terms with how NLG can be used to attack another site.
Firstly, my understanding of an XSS attack is of the following:
- Client requests a page (eg. www.yahoo.com)
- Hacker strips the response packets off the wire and replaces them with
packets that have come from (eg. www.google.co.uk)
- Client receives www.google.co.uk as a result of hacker's actions
This it not really XSS, but more like DNS-spoofing and some wicked
redirection box. But don't focus on XSS right now, but on what Hans
Wolters and others where talking about. It will make thing much easier.
Sure, this is a problem in sites with login/sensitive details stored in
cookies etc, which is over any HTTP connection.
What is the problem really? Is has nothing todo with login or
sensitive data, but with checking you data and keeping a careful eye
on data. So to keep it simple, data should be sanitized always to make
sure its in the bounderies as you would expect it and it need to be.
But a lot of people also make an incorrect assumption here. They
belief that by checking if a variable is an integer at the start of
the function that everything is good. No way, in the most extreme form
you need to sanitize your data after every operation on it, but that
would be too much. But instead of checking everyhing again everytime
you can also write your function in a way that you cover every outcome
or path you funtion can and should take. A litte C-example below is an
exampe of this.
int foobar ( int i )
{
if ( i 0 )
if ( i 100 )
return 0;
else
return 1;
else
return 1;
}
I must say that you're on the right path by saying things like we
check if its an integer or else we fix it to zero. But I leave it up
to you right know to decide if this is enough, but I think you know
the answer already ;-)
If this understanding is correct, is it Google's problem that a hacker
is sending it's website in place of a different site? It's a public
site after all that anyone (including hackers) can access.
Now if the client receives bad data from NLG - the data is only bad in
the sense that the server list will be empty, or will be reset to the
default (filter/group 0.) Dependent on the attack source, it may even
only be part of the template (as the full template is requested in 3
parts.) How is this a security risk?
You're saying something interesting and that is that everyone can
access it. This means the good, the bad and the idiots who think they
have found undocumented features and start using it. And here comes
the bad part, they start complaining when you fixed a bug and there
application stops working. So they stick with the old version, because
that one works. This is one to remember, because most software
currently arround already depends on code that goes back say 10 or 20
years. Imagion people using your code and the results when it seems
your code contains some serious flaws. And I'm not trying to scare
you, but it happens everyday and you should be aware of it.
Also if the hacker strips the HTTP request from the client
(www.yahoo.co.uk) and instead sends it to my webserver, it'll return an
error code as it doesn't proxy - again where's the security risk?
This is a good question and do you remember what I said about making
sure your code can handle any situation? And I think you're starting
to see the point.
Sorry if I'm way off, I'll happily work with anyone who wants to offer
their support to make NLG more secure - but I still maintain the only
additional check necessary is that fid and gid (GET variables) are
integers - if they're not, reset them both to 0 (or throw an error if
filter/group 0 don't exist.) This will be implemented in 1.0.0.
To be honest you have a couple of few good points here. And I would
say may sure 1.0.0 works correct and skip the robustness to a later
version. I think that you have enough work on your hands to make sure
the application works correct and that you can rewrite some parts
afterwards to give the application more reliable and robust.
And on your question about support for making NLG more secure, I think
you see that its not really about fancy words or manpower. Its more of
thinking of what you need and its bounderies, but also building the
mousetrap. It gives others less room
Re: [Nagios-users] ANNOUNCE: Nagios Looking Glass 1.0.0#PRE is here!
Hi Hans, I'll admit first-off I'm reading this e-mail at almost 1am here in the UK and after about ooh 6 glasses of wine, so I may get a different view in the morning, but I'm getting the feeling I'm already thinking along the same path as yourself, maybe I haven't made that clear? Thanks for the wonderfully detailed e-mail btw, made good reading and I certainly don't see it as a personal attack - I'm starting out in web-apps design, but saying that I have about 5 years PHP exp under my belt - this is my first live app (lots of other projects shelved - I'm sure you know the drill) and security is something high on my things to get to grips with list! Right back to your e-mail, let me try to explain: Hans Spaans wrote: I'm reading your responses and from others, but I'm under impression that you're trying to fight symptoms instead of really focus your energy on the real problem. Nope, in a sense yes I want to get things sorted as much as possible, but I don't see that there is a problem - save for the extra sanitation check on the client-side (the poller already does this.) Equally I feel that I have to understand how the symptoms cause a problem in order to get the bottom of *why* the problem can occur in the first-place. (Eg. you wouldn't try to fix a car without knowing how to drive one, would you?) Also if you think I'm intrusive or dominant or arrogant. My apologies in advance to you all, but its not to troll or something like that. I'm happy to take all comments, criticisms, whatever. NLG is after all in the public domain. This it not really XSS, but more like DNS-spoofing and some wicked redirection box. But don't focus on XSS right now, but on what Hans Wolters and others where talking about. It will make thing much easier. Hans Wolters and the others were talking about XSS - it's probably my inexperience that's getting the wrong end of the stick about what XSS actually is, but from my (now more-enhanced understanding after reading about it on Wikipedia and the likes) I still fail to see how NLG is vulnerable. What is the problem really? Is has nothing todo with login or sensitive data, but with checking you data and keeping a careful eye on data. So to keep it simple, data should be sanitized always to make sure its in the bounderies as you would expect it and it need to be. Exactly. There's nothing sensitive about the data - anything anybody could get from NLG by forging variables is nothing more than they could get through the normal interface anyway. NLG cannot be used to inject scripts into the HTML output as it doesn't use the GET variables to generate any HTML anywhere, and the check on the poller side will force the variables to 0 if a user tried to inject any HTML code (sure this check needs to be performed on the client-side too, but even without it, I cannot see a way in which arbitrary HTML code can be executed using the GET variables.) But a lot of people also make an incorrect assumption here. They belief that by checking if a variable is an integer at the start of the function that everything is good. No way, in the most extreme form you need to sanitize your data after every operation on it, but that would be too much. But instead of checking everyhing again everytime you can also write your function in a way that you cover every outcome or path you funtion can and should take. A litte C-example below is an exampe of this. Yep, this is something I've thought as an after-thought - currently the poller forces the filter/group ID to be an integer, then it uses that to look up the filter/group to send back to the client - what I need to do is check that filter/group actually exists - if it doesn't, set it to 0 - if filter/group 0 doesn't exist, throw a fatal error as something in the config's amiss. I must say that you're on the right path by saying things like we check if its an integer or else we fix it to zero. But I leave it up to you right know to decide if this is enough, but I think you know the answer already ;-) I think so :) -- see response to previous para. You're saying something interesting and that is that everyone can access it. This means the good, the bad and the idiots who think they have found undocumented features and start using it. And here comes the bad part, they start complaining when you fixed a bug and there application stops working. So they stick with the old version, because that one works. This is one to remember, because most software currently arround already depends on code that goes back say 10 or 20 years. Imagion people using your code and the results when it seems your code contains some serious flaws. And I'm not trying to scare you, but it happens everyday and you should be aware of it. I'm hoping that the code for NLG and any future projects I work on has no serious flaws (that's the idea of beta-testing after-all.) But yes, I agree with your
Re: [Nagios-users] Service Check Timed Out Error
I ran the telnet hostname 5666 command on the nrpe client system and it did connect without a problem. I did the same on the nagios server, and it timed out. Do I need to have port 5666 open on the nagios server as well as on the client system? -Original Message- From: Andy Shellam (Mailing Lists) [mailto:[EMAIL PROTECTED] Sent: Thu 12/28/2006 5:25 PM To: Kaplan, Andrew H.; Nagios Users mailinglist Subject: Re: [Nagios-users] Service Check Timed Out Error It seems something is stopping your NRPE client from answering to the server. Try telnet nrpe_client_server 5666 and see if it connects or times out. If it times out, check firewalls/SELinux etc. Andy. Kaplan, Andrew H. wrote: I am running Nagios 2.6 on a Fedora Core 5 system, and am trying to monitor a remote host also running Fedora Core 5 with NRPE 2.5.2. I have configured nrpe to use SSL. The commands.cfg file on the Nagios server has an entry for check_nrpe, and I have included the option -t 60 in the definition. The client system has a command_timeout setting of 60 as well. Whenever I try either automatically or manually monitor the remote client, I get a Service Check Timed Out Error message. The messages and nagios.log files on the server both indicate a socket timeout occurred. What do I need to do to correct this? Thanks. THE INFORMATION TRANSMITTED IN THIS ELECTRONIC COMMUNICATION IS INTENDED ONLY FOR THE PERSON OR ENTITY TO WHOM IT IS ADDRESSED AND MAY CONTAIN CONFIDENTIAL AND/OR PRIVILEGED MATERIAL. ANY REVIEW, RETRANSMISSION, DISSEMINATION OR OTHER USE OF OR TAKING OF ANY ACTION IN RELIANCE UPON, THIS INFORMATION BY PERSONS OR ENTITIES OTHER THAN THE INTENDED RECIPIENT IS PROHIBITED. IF YOU RECEIVED THIS INFORMATION IN ERROR, PLEASE CONTACT THE SENDER AND THE PRIVACY OFFICER, AND PROPERLY DISPOSE OF THIS INFORMATION. !DSPAM:37,459434a931944790858665! - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV !DSPAM:37,459434a931944790858665! ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null !DSPAM:37,459434a931944790858665! -- Andy Shellam NetServe Support Team the Mail Network an alternative in a standardised world p: +44 (0) 121 288 0832/0839 m: +44 (0) 7818 000834 THE INFORMATION TRANSMITTED IN THIS ELECTRONIC COMMUNICATION IS INTENDED ONLY FOR THE PERSON OR ENTITY TO WHOM IT IS ADDRESSED AND MAY CONTAIN CONFIDENTIAL AND/OR PRIVILEGED MATERIAL. ANY REVIEW, RETRANSMISSION, DISSEMINATION OR OTHER USE OF OR TAKING OF ANY ACTION IN RELIANCE UPON, THIS INFORMATION BY PERSONS OR ENTITIES OTHER THAN THE INTENDED RECIPIENT IS PROHIBITED. IF YOU RECEIVED THIS INFORMATION IN ERROR, PLEASE CONTACT THE SENDER AND THE PRIVACY OFFICER, AND PROPERLY DISPOSE OF THIS INFORMATION. - Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
