Source: munin-monitoring.org There are a number of situations where you’d like to run munin-node on hosts not directly available to the Munin server. This article describes a few scenarios and different alternatives to set up monitoring. Monitoring hosts behind a non-routing server.
In this scenario, a *nix server sits between the Munin server and one or more Munin nodes. The server in-between reaches both the Munin server and the Munin node, but the Munin server does not reach the Munin node or vice versa.
To enable for Munin monitoring, there are several approaches, but mainly either using SSH tunneling or “bouncing” via the in-between server.
SSH tunneling
The illustration below shows the principle. By using SSH tunneling only one SSH connection is required, even if you need to reach several hosts on “the other side”. The Munin server listens to different ports on the localhost interface. A configuration example is included. Note that there is also a FAQ entry on using SSH that contains very useful information.
Bouncing
This workaround uses netcat and inetd/xinetd to forward the queries from the Munin server. All incoming connections to defined ports are automatically forwarded to the Munin node using netcat.
Linux comes with a host based firewall called Netfilter. According to the official project site:
netfilter is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses the respective hook within the network stack.
This Linux based firewall is controlled by the program called iptables to handles filtering for IPv4, and ip6tables handles filtering for IPv6. I strongly recommend that you first read our quick tutorial that explains how to configure a host-based firewall called Netfilter (iptables) under CentOS / RHEL / Fedora / Redhat Enterprise Linux. This post list most common iptables solutions required by a new Linux user to secure his or her Linux operating system from intruders.
Linux
IPTABLES Rules Example
Most of the actions listed in this post are written with the assumption that they will be executed by the root user running the bash or any other modern shell. Do not type commands on remote system as it will disconnect your access.
For demonstration purpose I’ve used RHEL 6.x, but the following command should work with any modern Linux distro.
This is NOT a tutorial on how to set iptables. See tutorial here. It is a quick cheat sheet to common iptables commands.
You have a problem while monitoring your servers, switches or physical machines. Observium fits your need. As a free monitoring system, it helps you to monitor your servers remotely. It is an auto-discovering SNMP based network monitoring platform written in PHP which includes support for a wide range of network hardware and operating systems including Cisco, Windows, Linux, HP, NetApp and many other. I will give you the steps to follow while setting up an Observium server on Ubuntu 12.04.
Currently there are two different versions of observium.
The observium Community is a free tool and licensed under the QPL Open Source license. This version is the best solution for small deployments. It gets security updates each 6 months.
While the second version, the Observium Professional is distributed under SVN based release mechanism. And it gets daily security updates. This tool is the best for Service Provider and enterprises deployments.
In this example hping3 will behave like a normal ping utility, sending ICMP-echo und receiving ICMP-reply
hping3 -1 0daysecurity.com
2. Traceroute using ICMP:
This example is similar to famous utilities like tracert (Windows) or traceroute (Linux) who uses ICMP packets increasing every time in 1 its TTL value.
hping3 --traceroute -V -1 0daysecurity.com
3. Checking port:
Here hping3 will send a SYN packet to a specified port (80 in our example). We can control also from which local port will start the scan (5050).
