Thursday, April 24, 2014
Flush Your Local DNS Cache
Windows Vista/Windows 7:
ipconfig /flushdns
Successfully flushed the DNS Resolver Cache.
Windows XP
ipconfig /flushdns
Successfully flushed the DNS Resolver Cache.
Mac OS X 10.5.2 and above
dscacheutil -flushcache
Mac OS X 10.5.1 and below
Click on the Finder icon in your dock. Open your Applications folder.
Inside the Applications folder, click on Utilities and then Terminal.
Type the following command in the Terminal window and press Enter:
lookupd -flushcache
Linux
nscd -i hosts
– Clear local DNS cache for current user.
nscd -I hosts
– Clear local DNS cache for all users.
Wednesday, April 23, 2014
Creating a custom Nagios function
Nagios Exit Codes
Exit Code Status
0 OK
1 WARNING
2 CRITICAL
3 UNKNOWN
Create the Script to be added as the Plugin
#!/bin/bash
used_space=`df -h / | grep -v Filesy | awk '{print $5}' | sed 's/%//g'`
case $used_space in
[1-84]*)
echo "OK - $used_space% of disk space used."
exit 0
;;
[85]*)
echo "WARNING - $used_space% of disk space used."
exit 1
;;
[86-100]*)
echo "CRITICAL - $used_space% of disk space used."
exit 2
;;
*)
echo "UNKNOWN - $used_space% of disk space used."
exit 3
;;
esac
try to put the script in same plugin directory with the other ones
/usr/lib/nagios/plugins/
make it executable
Add Your New Command to Nagios Checks on Nagios Monitoring Server
Define new command in /etc/nagios/objects/commands.cfg
define command{
command_name usedspace_bash
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c usedspace_bash
}
Add Your Script to NRPE configuration on client host
command[usedspace_bash]=/usr/lib/nagios/plugins/usedspace.sh
adding to configuration
/etc/nagios/servers/<name-0f-config>.cfg
define service {
use generic-service
host_name Hostname
service_description Custom Disk Checker In Bash
check_command usedspace_bash
}
Exit Code Status
0 OK
1 WARNING
2 CRITICAL
3 UNKNOWN
Create the Script to be added as the Plugin
#!/bin/bash
used_space=`df -h / | grep -v Filesy | awk '{print $5}' | sed 's/%//g'`
case $used_space in
[1-84]*)
echo "OK - $used_space% of disk space used."
exit 0
;;
[85]*)
echo "WARNING - $used_space% of disk space used."
exit 1
;;
[86-100]*)
echo "CRITICAL - $used_space% of disk space used."
exit 2
;;
*)
echo "UNKNOWN - $used_space% of disk space used."
exit 3
;;
esac
try to put the script in same plugin directory with the other ones
/usr/lib/nagios/plugins/
make it executable
Add Your New Command to Nagios Checks on Nagios Monitoring Server
Define new command in /etc/nagios/objects/commands.cfg
define command{
command_name usedspace_bash
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c usedspace_bash
}
Add Your Script to NRPE configuration on client host
command[usedspace_bash]=/usr/lib/nagios/plugins/usedspace.sh
adding to configuration
/etc/nagios/servers/<name-0f-config>.cfg
define service {
use generic-service
host_name Hostname
service_description Custom Disk Checker In Bash
check_command usedspace_bash
}
Tuesday, April 22, 2014
Adding ESXI to Nagios
yum install perl-Pod-Perldoc perl-CPAN openssl-devel
# wget http://dl.fedoraproject.org/pub/epel/6/i386/perl-Nagios-Plugin-0.35-1.el6.noarch.rpm
# wget http://mirror.centos.org/centos/6/os/i386/Packages/perl-Config-Tiny-2.12-7.1.el6.noarch.rpm
# wget http://mirror.centos.org/centos/6/os/i386/Packages/perl-Params-Validate-0.92-3.el6.i686.rpm
# rpm -ivh perl-Nagios-Plugin-0.35-1.el6.noarch.rpm perl-Config-Tiny-2.12-7.1.el6.noarch.rpm perl-Params-Validate-0.92-3.el6.i686.rpm
# cd /root
# tar xvzf VMware-vSphere-Perl-SDK-4.1.0-254719.i386.tar.gz
# cd vmware-vsphere-cli-distrib/
# ./vmware-install.pl
# cd /usr/lib/nagios/plugins/
Download check_esx3.pl and make it executable
http://exchange.nagios.org/components/com_mtree/attachment.php?link_id=2154&cf_id=29
chmod +x check_esx3.pl
vim /usr/local/nagios/etc/objects/vmware.cfg
First define all your hosts as shown below
# Host esx01
define host{
use vmware-server
host_name esxi01
alias VMWare ESXi 01
address IP Address
}
define host{
use vmware-server
host_name esxi02
alias VMWare ESXi 02
address IP Address
}
# Similarly you can define all the hosts
# Now define a hostgroup for your Esxi Hosts:
define hostgroup{
hostgroup_name Esxi-Servers ; The name of the hostgroup
alias Vmware Servers ; Long name of the group
members esxi01,esxi02
}
# Now create the service definition as shown below
# check cpu
define service{
use generic-service
host_name esxi01
service_description ESXi CPU Load
check_command check_esx_cpu!80!90
}
# check memory usage
define service{
use generic-service
host_name esxi01
service_description ESXi Memory usage
check_command check_esx_mem!80!90
}
# check net
define service{
use generic-service
host_name esxi01
service_description ESXi Network usage
check_command check_esx_net!102400!204800
}
# check runtime status
define service{
use generic-service
host_name esxi01
service_description ESXi Runtime status
check_command check_esx_runtime
}
# check io read
define service{
use generic-service
host_name esxi01
service_description ESXi IO read
check_command check_esx_ioread!40!90
}
# check io write
define service{
use generic-service
host_name esxi01
service_description ESXi IO write
check_command check_esx_iowrite!40!90
}
Define the commands related to ESXi in the /usr/local/nagios/etc/objects/command.cfg file
vim /usr/local/nagios/etc/objects/commands.cfg
# check vmware esxi machine
# check cpu
define command{
command_name check_esx_cpu
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l cpu -s usage -w $ARG1$ -c $ARG2$
}
# check memory usage
define command{
command_name check_esx_mem
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l mem -s usage -w $ARG1$ -c $ARG2$
}
# check net usage
define command{
command_name check_esx_net
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l net -s usage -w $ARG1$ -c $ARG2$
}
# check runtime status
define command{
command_name check_esx_runtime
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l runtime -s status
}
# check io read
define command{
command_name check_esx_ioread
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l io -s read -w $ARG1$ -c $ARG2$
}
# check io write
define command{
command_name check_esx_iowrite
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l io -s write -w $ARG1$ -c $ARG2$
}
Adding configuration to nagios
vim /usr/local/nagios/etc/nagios.cfg
cfg_file=/usr/local/nagios/etc/objects/vmware.cfg
# wget http://dl.fedoraproject.org/pub/epel/6/i386/perl-Nagios-Plugin-0.35-1.el6.noarch.rpm
# wget http://mirror.centos.org/centos/6/os/i386/Packages/perl-Config-Tiny-2.12-7.1.el6.noarch.rpm
# wget http://mirror.centos.org/centos/6/os/i386/Packages/perl-Params-Validate-0.92-3.el6.i686.rpm
# rpm -ivh perl-Nagios-Plugin-0.35-1.el6.noarch.rpm perl-Config-Tiny-2.12-7.1.el6.noarch.rpm perl-Params-Validate-0.92-3.el6.i686.rpm
# cd /root
# tar xvzf VMware-vSphere-Perl-SDK-4.1.0-254719.i386.tar.gz
# cd vmware-vsphere-cli-distrib/
# ./vmware-install.pl
# cd /usr/lib/nagios/plugins/
Download check_esx3.pl and make it executable
http://exchange.nagios.org/components/com_mtree/attachment.php?link_id=2154&cf_id=29
chmod +x check_esx3.pl
vim /usr/local/nagios/etc/objects/vmware.cfg
First define all your hosts as shown below
# Host esx01
define host{
use vmware-server
host_name esxi01
alias VMWare ESXi 01
address IP Address
}
define host{
use vmware-server
host_name esxi02
alias VMWare ESXi 02
address IP Address
}
# Similarly you can define all the hosts
# Now define a hostgroup for your Esxi Hosts:
define hostgroup{
hostgroup_name Esxi-Servers ; The name of the hostgroup
alias Vmware Servers ; Long name of the group
members esxi01,esxi02
}
# Now create the service definition as shown below
# check cpu
define service{
use generic-service
host_name esxi01
service_description ESXi CPU Load
check_command check_esx_cpu!80!90
}
# check memory usage
define service{
use generic-service
host_name esxi01
service_description ESXi Memory usage
check_command check_esx_mem!80!90
}
# check net
define service{
use generic-service
host_name esxi01
service_description ESXi Network usage
check_command check_esx_net!102400!204800
}
# check runtime status
define service{
use generic-service
host_name esxi01
service_description ESXi Runtime status
check_command check_esx_runtime
}
# check io read
define service{
use generic-service
host_name esxi01
service_description ESXi IO read
check_command check_esx_ioread!40!90
}
# check io write
define service{
use generic-service
host_name esxi01
service_description ESXi IO write
check_command check_esx_iowrite!40!90
}
Define the commands related to ESXi in the /usr/local/nagios/etc/objects/command.cfg file
vim /usr/local/nagios/etc/objects/commands.cfg
# check vmware esxi machine
# check cpu
define command{
command_name check_esx_cpu
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l cpu -s usage -w $ARG1$ -c $ARG2$
}
# check memory usage
define command{
command_name check_esx_mem
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l mem -s usage -w $ARG1$ -c $ARG2$
}
# check net usage
define command{
command_name check_esx_net
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l net -s usage -w $ARG1$ -c $ARG2$
}
# check runtime status
define command{
command_name check_esx_runtime
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l runtime -s status
}
# check io read
define command{
command_name check_esx_ioread
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l io -s read -w $ARG1$ -c $ARG2$
}
# check io write
define command{
command_name check_esx_iowrite
command_line $USER1$/check_esx -H $HOSTADDRESS$ -u $USER11$ -p $USER12$ -l io -s write -w $ARG1$ -c $ARG2$
}
Adding configuration to nagios
vim /usr/local/nagios/etc/nagios.cfg
cfg_file=/usr/local/nagios/etc/objects/vmware.cfg
Tuesday, April 15, 2014
Openssl-heartbleed-fix
Downloading and updating the SSL.
cd /usr/src
wget http://www.openssl.org/source/openssl-1.0.1g.tar.gz
tar -zxf openssl-1.0.1g.tar.gz
cd openssl-1.0.1g
./config shared
make
make test
make install
cd /usr/src
rm -rf openssl-1.0.1g.tar.gz
rm -rf openssl-1.0.1g
to over write the current open ssl use the following config mode .
./config --prefix=/usr --openssldir=/usr/local/openssl shared Sunday, April 13, 2014
Ubuntu- DNS - setting it to static and dynamic
In case of static
cat /etc/network/interfaces
cat /etc/network/interfaces
# The loopback network interfaceSetting it to dhcp
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.1.58
gateway 192.168.1.1
network 192.168.1.0
broadcast 192.168.1.255
dns-nameservers 66.212.63.228 66.212.48.10
iface eth0 inet dhcp
Friday, April 11, 2014
Mod-Security Installing Along with - Open Source Rules
Installing the Mod Security.
## For RHEL/CentOS 6.2/6.1/6/5.8 ##
Installing needed Modules
yum install gcc make
yum install libxml2 libxml2-devel httpd-devel pcre-devel curl-devel\
Installing the Mod-Security
## For RHEL/CentOS 6.2/6.1/6/5.8 ##
cd /usr/src
wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz
tar xzf modsecurity-apache_2.6.6.tar.gz
cd modsecurity-apache_2.6.6
./configure
make install
cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf
Adding the Mod-security Module to the Apache
# vi /etc/httpd/conf/httpd.conf
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so
[root@54 modsecurity-apache_2.6.6]# httpd -t -D DUMP_MODULES |grep sec
security2_module (shared)
Syntax OK
[root@54 modsecurity-apache_2.6.6]#
<IfModule security2_module>
Include conf.d/modsecurity.conf
</IfModule>
Adding new Mod-Security Rules ..
OWASP core rule set
wget http://pkgs.fedoraproject.org/repo/pkgs/mod_security_crs/modsecurity-crs_2.2.5.tar.gz/a
aeaa1124e8efc39eeb064fb47cfc0aa/modsecurity-crs_2.2.5.tar.gz
tar zxvf modsecurity-crs_2.2.5.tar.gz
mv modsecurity-crs_2.2.5 modsecurity-crs
mv modsecurity-crs /etc/httpd/conf.d/
Adding the rules to httpd
<IfModule security2_module>
Include conf.d/modsecurity.conf
Include conf.d/modsecurity-crs/activated_rules/*.conf
Include conf.d/modsecurity-crs/base_rules/*.conf
Include conf.d/modsecurity-crs/optional_rules/*.conf
Include conf.d/modsecurity-crs/slr_rules/*.conf
</IfModule>
More rules are available at
## For RHEL/CentOS 6.2/6.1/6/5.8 ##
Installing needed Modules
yum install gcc make
yum install libxml2 libxml2-devel httpd-devel pcre-devel curl-devel\
Installing the Mod-Security
## For RHEL/CentOS 6.2/6.1/6/5.8 ##
cd /usr/src
wget http://www.modsecurity.org/download/modsecurity-apache_2.6.6.tar.gz
tar xzf modsecurity-apache_2.6.6.tar.gz
cd modsecurity-apache_2.6.6
./configure
make install
cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf
Adding the Mod-security Module to the Apache
# vi /etc/httpd/conf/httpd.conf
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so
[root@54 modsecurity-apache_2.6.6]# httpd -t -D DUMP_MODULES |grep sec
security2_module (shared)
Syntax OK
[root@54 modsecurity-apache_2.6.6]#
<IfModule security2_module>
Include conf.d/modsecurity.conf
</IfModule>
Adding new Mod-Security Rules ..
OWASP core rule set
wget http://pkgs.fedoraproject.org/repo/pkgs/mod_security_crs/modsecurity-crs_2.2.5.tar.gz/a
aeaa1124e8efc39eeb064fb47cfc0aa/modsecurity-crs_2.2.5.tar.gz
tar zxvf modsecurity-crs_2.2.5.tar.gz
mv modsecurity-crs_2.2.5 modsecurity-crs
mv modsecurity-crs /etc/httpd/conf.d/
Adding the rules to httpd
<IfModule security2_module>
Include conf.d/modsecurity.conf
Include conf.d/modsecurity-crs/activated_rules/*.conf
Include conf.d/modsecurity-crs/base_rules/*.conf
Include conf.d/modsecurity-crs/optional_rules/*.conf
Include conf.d/modsecurity-crs/slr_rules/*.conf
</IfModule>
More rules are available at
sudo wget -O SpiderLabs-owasp-modsecurity-crs.tar.gz https://github.com/SpiderLabs/owasp-modsecurity-crs/tarball/master
Now the Mod Security is in the detect mode . once we are set we need to move it to on mode
[root@54 conf]# cat /etc/httpd/conf.d/modsecurity.conf |grep SecRuleEngine -i
SecRuleEngine DetectionOnly
# when SecRuleEngine is set to DetectionOnly mode in order to minimize
[root@54 conf]#
Change to
SecRuleEngine on
Thursday, April 10, 2014
Setting the Mysql into a ReadOnly mode..
whole database to read only mode by this commands:
In the MySQL Prompt
FLUSH TABLES WITH READ LOCK;
SET GLOBAL read_only = 1;
and back to normal mode with:
SET GLOBAL read_only = 0;
UNLOCK TABLES;
In the MySQL Prompt
FLUSH TABLES WITH READ LOCK;
SET GLOBAL read_only = 1;
and back to normal mode with:
SET GLOBAL read_only = 0;
UNLOCK TABLES;
Subscribe to:
Posts (Atom)