I recently ran into an issue where my I had Xymon clients on a network which was unpingable from the Xymon server. The clients could could send data to the server, but they were hidden behind network address translation and only on a local network. I had one box (the gateway for the unreachable clients), that saw both networks. I played with the idea of running bbproxy on it, but didn’t really want an entire Xymon server and it really was not necessary since the other clients could get their data out. Looking at hobbitlaunch.cfg I noticed it was really just a larger clientlaunch.cfg, which gave me the idea of just copying over bbnet and using on a client install – which worked perfectly. Read more…
After a recent job switch I’ve had the opportunity to setup Xymon from scratch and start developing even more scripts for new pieces of software and work flows. One of my first tasks was to setup a new “cluster” using all the software I felt most comfortable with as a show case in order to determine if my preferred tools worked as well or better than the currently used ones – or not. After a week or so of setting up a full Cobbler installation, Xymon and my own Glovebox, I presented it to my new employers with positive responses. After all that work I wanted to make sure that the people using the system were as happy as possible with the monitoring needs – one thing was mentioned more than others, which was the ability to easily see the status of Sun’s Grid Engine running on the cluster. I immediately set to work and came up with a quick solution for them using Xymon and a script that parsed the output of ‘qstat -f’ As with my Xen monitoring script, it runs in one place and sends in data for all the associated machines. Meaning for each execution node you’ll have a column with just its information, and a combined column for the qmaster. Read more…
I’ve released Glovebox Version 0.2.1 on Sourceforge. It has a few bug fixes as well as the correct database schema included. Other changes include:
- Modified JavaScript so it would load & function in IE
- Changed “class” to “clas” within JS, Perl, and the database. IE didn’t like using the word “class” as a variable name, changed else where for consistency.
- Stopped opening of “right-click” menu when pressed on an interface folder
- Fixed DB Schema to include basic information for default OIDs and Interfaces.
- Modified Apache configuration so SSIs would work correctly in Apache 2, changed the SSIs to only execute on .shtml files
- Renamed index.html to index.shtml
There is a database change, so you must run the sql file located in the upgrade folder!
You can download it here.
As far as security is concerned actually advertising what software versions are running on your site is not favorable. With most any software, whether its open source or not, if there is a bug that is exploitable and its noted on the manufacturers/projects website, there is very likely to be a version number associated with it. With that being the case, if your server software responds with “Apache/2.2.0″ as the description of itself this can tell everyone if your a vulnerable or not. To obfuscate this a bit I suggest setting the following items in your Apache config:
ServerSignature Off
ServerTokens Prod
Read more…
