1. Open Source Tools for the Systems Administrator
2. Why Have Tools?
3. Why Open Source?
4. Four Tools
Cacti is a complete frontend to RRDTool, it stores all of the necessary
information to create graphs and populate them with data in a MySQL database.
The frontend is completely PHP driven. Along with being able to maintain
Graphs, Data Sources, and Round Robin Archives in a database, cacti handles
the data gathering. There is also SNMP support for those used to creating traffic
graphs with MRTG.
Ability to add templates and custom scripts
Maintain historical data and display it visually to vendors and management
OSSEC is a scalable, multi-platform, open source Host-based Intrusion
Detection System (HIDS). It has a powerful correlation and analysis engine,
integrating log analysis, file integrity checking, Windows registry monitoring,
centralized policy enforcement, rootkit detection, real-time alerting and active
response. It runs on most operating systems, including Linux, OpenBSD,
FreeBSD, MacOS, Solaris and Windows.
Maintains logs beyond what is feasible for Windows to store
Makes searching logs from multiple servers much easier
Alerts can be setup for specific events and customized to go to individuals
Nmap ("Network Mapper") is a free and open source (license) utility for
network discovery and security auditing. Many systems and network
administrators also find it useful for tasks such as network inventory, managing
service upgrade schedules, and monitoring host or service uptime. It was
designed to rapidly scan large networks, but works fine against single hosts.
Establish baselines for servers and desktops.
Nmap scan report for xxx.xxx.xxx.xxx
Host is up (0.0011s latency).
Not shown: 999 closed ports
PORT STATE SERVICE
23/tcp open telnet
Device type: router|WAP
Running: Cisco IOS 12.X
OS details: Cisco 836, 1751, 1841, or 2800 router (IOS 12.4 - 15.0), Cisco Aironet
AIR-AP1141N WAP (IOS 12.4)
Nmap scan report for esx01.pcsd.monroe.edu (10.120.254.61)
Host is up (0.00044s latency).
Not shown: 992 filtered ports
PORT STATE SERVICE
80/tcp open http
427/tcp open svrloc
443/tcp open https
902/tcp open iss-realsecure
5988/tcp closed unknown
5989/tcp open unknown
8000/tcp open http-alt
8100/tcp open unknown
Device type: general purpose|storage-misc|specialized
Running (JUST GUESSING) : FreeBSD 7.X|8.X|6.X|5.X|5.x (92%), VMware ESX Server
3.X|4.X (90%), Crestron 2-Series (88%), Mirapoint embedded (87%)
Aggressive OS guesses: FreeBSD 7.0-RELEASE-p1 - 8.0-CURRENT (92%), FreeNAS
0.686 (FreeBSD 6.2-RELEASE) or VMware ESXi Server 3.0 - 4.0 (90%), FreeBSD 5.2.1RELEASE (90%), FreeBSD 5.4 or 5.5 (x86) (90%), FreeNAS 0.69.2 (FreeBSD 6.3STABLE - 6.4-RELEASE) (90%), FreeBSD 7.1-RELEASE (90%), FreeBSD 8.0-BETA2 8.0-RC2 (89%), FreeBSD 7.0-CURRENT (pre-release) (89%), FreeBSD 7.0-RELEASE-p2 7.1-PRERELEASE (89%), FreeBSD 7.2-STABLE (89%)
No exact OS matches for host (test conditions non-ideal).
Racktables is a nifty and robust solution for data center and server room asset
management. It helps document hardware assets, network addresses, space in
racks, networks configuration and much much more!
Document your servers both physical and virtual
Maintain visual diagrams of rack placement
Embed Cacti graphs
Front, middle and back rack slots
Automated rack slots (42 - default)
Support contact information
Asset management data