If you are in process of securing your web server or site, there are some tools and online resources that can help us a lot (in one of the following posts will show you some of them).
But simply using the command the fantastic nmap tool, another interesting feature is listing the available cipher suite certain site offers using the … Read more
If you need to trace the HTTP request and response headers by capturing the related packets, you can use tcpdump in this way:
tcpdump -i ens192 -A -s 10240 'tcp port 80' | grep -v IP | egrep --line-buffered "..(GET |\.HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " |sed -r 's/..(GET |HTTP\/|POST |HEAD )/\n\n\1/g'
For example, filtering tcp port 80 and 192.168.10.100 IP address:… Read more
In this 7th post of the Home Server series, after having configured a SSD drive, a working ESX environment and the RAID disks, let’s create our first virtual machine based on Debian Linux.
For the goal we want to achieve (hosting a web server, our personal files, personal streaming server, …) we do not even need the graphic … Read more
In the previous post I explained what is the difference between Icinga active and passive checks, why can be interesting to use passive checks, what is the result format Icinga is expecting when processing those checks and the way I use to send those results (instead of using snmp traps).
Now it is time to show how to configure it … Read more
As I posted long time ago for Nagios (Nagios – Using passive checks without agent), it is time to show an easy way to configure Icinga to perform passive checks (without using SNMP traps).
This is the first of two posts. In this I only want to make some theoretical explanations and then in the second I will … Read more
This post explains how to generate self signed certificates with SAN – Subject Alternative Names using openssl. It is a common but not very funny task, only a minute is needed when using this method.
The example below generates a certificate with two SubAltNames: mydomain.com and www.mydomain.com
Create openssl configuration file
Create configuration file for openssh (In a Linux … Read more
It is not the first time my Icinga suddenlty, stops showing the grafana graphs.
If trying to log to Grafana, admin password is not accepted. I am pretty sure i have not changed the password but I am unable to login to Grafana.
And even worse, given that I still have not configured Grafana SMTP section / admin … Read more
Here I am trying to present (I hope in an easy way to understand) some Icinga concepts (maybe also applicable in Nagios) like active and passive checks, enabling and disabling freshness checks, soft and hard states,… and the related parameters to configure them.
ACTIVE and PASSIVE services
There are two types of services:
- ACTIVE: Check initiated by the Icinga
… Read more
Exim is a very flexible and common MTA (mail transfer agent) in Unix systems.
This posts shows the way to configure Exim as client to send authenticated and encrypted (TLS) emails through a smarthost.
Lets suppose the smarthost email server is listening on port 587 for secure outgoing SMTP…
Configure exim to use the smarthost
To configure exim In … Read more
To configure passive checks in Nagios/icinga I use a tcp listener daemon that launches a script (See Nagios – Using passive checks without agent)
Tried to use inetd superserver daemon, but in the last versions, i have not been able to make it work correctly (See last update in my post: Linux – cannot found / missing inetd.conf)… Read more