Re: [suse-security] Recomendations for surveillance/configuration/heartbeat tool for remote servers
Hi,
I'll give some more informations. Basically we would like to have servers on
primary schools and remotely control/watch them from our main head computer.
Also at off hours video surveillance application runs on them (called
"motion").
So I guess I'd need somekind of secure connection with all of them (is VPN
the solution?) to configure/maintain them and also to have some sort of
heartbeat mechanism to detect failure at once - especially when used in
security surveillance mode. All servers are basically local servers for
local networks and also connected to Internet through router.
Hope this helps a bit,
thanks in advance,
Robert.
----- Original Message -----
From: "Lyle Giese"
Off the top of my head, I can think of several products and/or custom perl scripts. Nagios is one such package that would ping/poll services and report outages. MRTG is one performance reporting package. But I can't tell if your network topology/connectivity will support either of these.
But to really get a flavor for your needs, I am thinking you need to post more information. Are these remote servers on one subnet behind one router or is each on it's own Internet connection behind their own or a shared router? Do you have any control over the router or is this in a colo site and you have no control over the router controls?
I am not an expert and you should repost to the list some more information if you want a realistic answer.
Lyle
----- Original Message ----- From: "Robert Rozman"
To: Sent: Sunday, June 27, 2004 9:01 AM Subject: [suse-security] Recomendations for surveillance/configuration/heartbeat tool for remote servers Hi,
I have a network of servers and I'd like to get some recomendations for selecting the right tools for this task: - I have a series of simple servers connected on the Internet - I'd like to remotely: - control all those servers, - watch their behaviour, - implement somekind of heartbeat function (servers send heartbeat packets in regular time intervals - if not received -> alarm), - statistics framework for performance analysis - if possible to have secure connections (possibly in software) also for other communication ports that other applications use ...
I found some tools like Argus, but as newbie I'm not sure if they satisfy my needs...
Any recomendation, idea, pointer to more info would be great,
thanks in advance,
Robert.
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Hi Robert, first of all we would need to know which OS the remote servers are running. If it is (SuSE) Linux, you should at least have SSH access on port 22. Then you can tunnel all other applications through SSH (see "man ssh" and the "-L/-R" options. Installing VPN is more complicated and is (at least partly) dependent on whether the servers are behind a NAT-router or not. SSH and tunneling is more simple. You could run a VNC-server on the machines to access the graphical screen (make it listen on localhost only and tunnel port 5900 by SSH to get security+encryption also on VNC). If you are running Windows on the servers, one option is to install the Cygwin package (www.cygwin.com) and use the Cygwin SSH server for access. Then run TightVNC on localhost only and tunnel port 5900 by SSH for secure access. The nice thing about SSH is that you need only one port through your firewall(s)/router(s). Make sure each server has its own firewall and allow SSH access only from your IP. For "heartbeat" functionality, run a script on your server that pings all servers and writes an email if the ping times out. If ping (ICMP packages) are not able to reach the remote servers, you could run a script on the remote server to send an email every 5min. Use procmail on your site to process the incoming emails and notice you when one of the server stops sending them. HTH, Armin -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
Hi, thanks for responses. I guess webmin could satisfy most of my needs. My situation is something like that: - we intend to have servers based on linux located in buildings (mostly private homes) - they run video surveillance when in alarm mode and automation/IP telephony/multimedia stuff when users are in building. We would like to remotely watch and maintain those servers, but also have some sort of heartbeat security feature - so to respond to situation where server doesn't send any heartbeat for some time interval. This could be particularly important in video surveillance, alarm mode. Now we would like to communicate with those servers securely from one main computer, but also inhabitants would like to have secure access to their coresponding server (from inside and also from Internet). Se we seek for security for remote surveillance/maintain purposes from our main center and also secure access from individual inhabitants that would like to control/access their building - whereever they are situated. Any further guidance in this direction would be really helpful. Thanks in advance, regards, Robert.
participants (2)
-
Armin Schoech
-
Robert Rozman