[App_rpt-users] Traffic monitor
R. Wayne
allstar at controlservers.net
Tue Mar 24 08:51:05 UTC 2015
As the network administrator of a rather large hosting company I can attest to the usefulness of Cacti. It is easy to install and one need only set a port for Apache to show traffic. For security purposes one can place it on a non-standard port for anything. Like not using port 8080 or 8880. Find another port. I recommend adding a line in .htaccess restricting access to Cacti to your dedicated IP.
You should also install and run APF (Advanced Policy Firewall) and BFD (Brute Force Detection). One cannot rely on iptables alone.
We run ALL of our web site hosting installations on CentOS because it conforms most closely with “standards” that the others don’t. We then load Virtuozzo, a partitioning layer like VMWare. Some will ask why or declare that it is unnecessary. No, it offers an additional layer of security, it adds features like easy backups, either first run or incremental, it adds the ability to “bounce” the installation to another node if there is a hardware failure, such as a hard drive or SD drive pending failure. Another nice feature is the ability to rebuild the OS if you have been breached. You then restore from a backup that hopefully doesn’t contain the breach. You may begin looking at what you need at http://openvz.org. It’s free software! It will not slow your PC down and in fact it will likely make your PC more stable.
Wayne
From: David Osborn
Sent: Monday, March 23, 2015 11:58 PM
To: app_rpt-users at ohnosec.org
Subject: Re: [App_rpt-users] Traffic monitor
For longer term monitoring, say monthly, you might want to install some additional software.
I use Cacti extensively both on my nodes, and at work, monitoring network and server health in a power station.
www.cacti.net
You’ll need to enable SNMP, so there may be some security considerations, but it’s a great way to monitor what your system is up to (and what it’s been up to!).
David Osborn
GD4HOZ
--------------------------------------------------------------------------------
_______________________________________________
App_rpt-users mailing list
App_rpt-users at ohnosec.org
http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
To unsubscribe from this list please visit http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down to the bottom of the page. Enter your email address and press the "Unsubscribe or edit options button"
You do not need a password to unsubscribe, you can do it via email confirmation. If you have trouble unsubscribing, please send a message to the list detailing the problem.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.keekles.org/pipermail/app_rpt-users/attachments/20150324/5e2bad45/attachment.html>
More information about the App_rpt-users
mailing list