Archive

Articles taggués ‘supervision’

Changer le mot de passe perdu de Webmin

21/01/2022 Aucun commentaire

Un jour vous pouvez resté bloqué par un mot de passe perdu pour accéder à Webmin et vous auriez besoin d’un moyen de le changer.

Voici comment: pour commencer, connectez-vous à votre système en ssh.Vous devez trouver où Webmin est installé et donc le chemin que le script utilisera pour réinitialiser le mot de passe. Lire la suite…

Monitor Network Connections in Mac OS X for Free with Private Eye

20/01/2022 Aucun commentaire

Source: OSXdaily

Private Eye is a free real-time network monitor app for Mac OS X that is extremely easy to use. Upon launching the app, you’ll start to see all open network connections by application and process, and you can then filter connections by app, monitor all open connections, or watch only incoming or outgoing transfer.

private-eye-network-connection-monitor-mac

Connections are reported by application, the time of the connection, and arguably the most useful, the IP address that is being connected to by the app, making it easy to see socket and routing data, letting you know exactly what app is communicating with what server or IP address, for both local and broader internet networks. If you have any interest in networking, privacy, security, or you just want to keep an eye on what apps are connecting to the internet and to where, you should download this app, but it’s also an amazingly useful tool for troubleshooting network problems and figuring out what is using the network.

 

Download and install Private Eye by putting it into your /Applications/ folder, then open PrivateEye to get started. The list of open network connections is easy to read, you’ll see a time stamp of the connection, the application name, and where the connection is going to by IP (or coming from, as determined by the arrow pointing left for in, or right for out).

private-eye-connections

Using the left side menu you can quickly break down connections to see them all, only show incoming transfers, outgoing connections, or display connections by specific application only. Apps are easy to identify in this list, as are daemons running in the background (like PubSubAgent), and command line processes belonging to the user are also visible (ssh, for example).

This is a simple yet powerful tool without the complexity or the learning curves related to compiling and using the command line tools lsof, watch, open_ports, or wireshark, and is therefore highly recommended for anyone who is interested in seeing this kind of information, whether it’s out of general curiosity, or to help troubleshoot and diagnose specific network activities.

How to set up web-based network traffic monitoring system on Linux

03/12/2021 Comments off

When you are tasked with monitoring network traffic on the local network, you can consider many different options to do it, depending on the scale/traffic of the local network, monitoring platforms/interface, types of backend database, etc.

ntopng is an open-source (GPLv3) network traffic analyzer which provides a web interface for real-time network traffic monitoring. It runs on multiple platforms including Linux and MacOS X. ntopng comes with a simple RMON-like agent with built-in web server capability, and uses Redis-backed key-value server to store time series statistics. You can install ntopng network traffic analyzer on any designated monitoring server connected to your network, and use a web browser to access real-time traffic reports available on the server.

In this tutorial, I will describe how to set up a web-based network traffic monitoring system on Linux by using ntopng.

Features of ntopng

  • Flow-level, protocol-level real-time analysis of local network traffic.
  • Domain, AS (Autonomous System), VLAN level statistics.
  • Geolocation of IP addresses.
  • Deep packet inspection (DPI) based service discovery (e.g., Google, Facebook).
  • Historical traffic analysis (e.g., hourly, daily, weekly, monthly, yearly).
  • Support for sFlow, NetFlow (v5/v9) and IPFIX through nProbe.
  • Network traffic matrix (who’s talking to who?).
  • IPv6 support.

Install ntopng on Linux

The official website offers binary packages for Ubuntu and CentOS. So if you use either platform, you can install these packages.

If you want to build the latest ntopng from its source, follow the instructions below. (Update: these instructions are valid for ntopng 1.0. For ntopng 1.1 and higher, see the updated instructions).

To build ntopng on Debian, Ubuntu or Linux Mint:

$ sudo apt-get install libpcap-dev libglib2.0-dev libgeoip-dev redis-server wget libxml2-dev
$ tar xzf ntopng-1.0.tar.gz -C ~
$ cd ~/ntopng-1.0/
$ ./configure
$ make geoip
$ make

In the above steps, “make geoip” will automatically download a free version of GeoIP databases with wget from maxmind.com. So make sure that your system is connected to the network.

To build ntopng on Fedora:

$ sudo yum install libpcap-devel glib2-devel GeoIP-devel libxml2-devel libxml2-devel redis wget
$ tar xzf ntopng-1.0.tar.gz -C ~
$ cd ~/ntopng-1.0/
$ ./configure
$ make geoip
$ make

To install ntopng on CentOS or RHEL, first set up EPEL repository, and then follow the same instructions as in Fedora above.

Configure ntopng on Linux

After building ntopng, create a configuration directory for ntopng, and prepare default configuration files as follows. I assume that “192.168.1.0/24” is the CIDR address prefix of your local network.

$ sudo mkir /etc/ntopng -p
$ sudo -e /etc/ntopng/ntopng.start
--local-networks "192.168.1.0/24"
--interface 1
$ sudo -e /etc/ntopng/ntopng.conf
-G=/var/run/ntopng.pid

Lire la suite…

How do I change, sort, add, remove graphs with Munin?

22/07/2021 Comments off

Graphs on Munin

Enable and disable plugins on each node

graphs muninGraphs are added and removed via symlinks in the /etc/munin/plugins/ directory of the node.

To remove a graph you must remove the symlink and restart the node:

rm /etc/munin/plugins/diskstats
service munin-node restart

To add a graph you must add a symlink in the plugins directory to an executable. eg:

ln -s /usr/share/munin/plugins/diskstats /etc/munin/plugins/diskstats
service munin-node restart

When you restart munin-node it runs immediately and any issues with the plugins appears in /var/log/munin/munin-node.log. If all is going well you’ll see a CONNECT logged every cycle; this records the fact that the master connected to collect the latest data.

Process Backgrounded
2014/03/10-15:59:47 Munin::Node::Server (type Net::Server::Fork) starting! pid(32231)
Resolved [*]:4949 to [::]:4949, IPv6
Not including resolved host [0.0.0.0] IPv4 because it will be handled by [::] IPv6
Binding to TCP port 4949 on host :: with IPv6
2014/03/10-16:00:04 CONNECT TCP Peer: "[::ffff:203.28.51.227]:45965" Local: "[::ffff:50.23.111.122]:4949"
2014/03/10-16:05:04 CONNECT TCP Peer: "[::ffff:203.28.51.227]:46109" Local: "[::ffff:50.23.111.122]:4949"
2014/03/10-16:10:04 CONNECT TCP Peer: "[::ffff:203.28.51.227]:46109" Local: "[::ffff:50.23.111.122]:4949"

Lire la suite…

Aide-mémoire administrateur Linux

22/04/2021 Comments off

administrateur linuxCe document rappelle les commandes et les options les plus utilisées par l’administrateur d’un système Linux. Il s’agit surtout de commandes assez générales, dont tout administrateur aura besoin un jour ou l’autre. Les commandes pour l’utilisateur courant se trouvent dans un autre aide-mémoire. Pour plus d’informations, on consultera les pages de manuel ou les publications du Linux Documentation Project

Une version prête à l’impression recto-verso est disponible pour conserver cet aide-mémoire dans un format facile à ranger dans un tiroir ou sous un clavier.

Informations système

uname – Identification du système.

  • -a : toutes les informations.

dmesg – Messages du noyau (et ceux du boot).

uptime – Durée et charge du système.

free – Occupation de la mémoire.

vmstat – Détails sur l’utilisation de la mémoire.

ipcs – Utilisation des ressources IPC System V.

ipcrm – Suppression de ressources IPC System V.

ldconfig – Valider les bibliothèques dynamiques.

init – Changement de niveau de fonctionnement :

  • 0 : arrêt.
  • 1 : mono-utilisateur,
  • 3 : multi-utilisateurs mode texte,
  • 5 : multi-utilisateurs mode graphique,
  • 6 : redémarrer.

Utilisateurs

useradd – Ajout d’un utilisateur :

useradd -m -p "" linus

crée un compte linus, avec répertoire personnel et mot de passe vide.

Lire la suite…