Archive for the 'Plugins' Category

Page 2 of 3

Heartbleed: One Bug to Rule Them All

If you’ve missed the news in the last few days, OpenSSL has been found to contain a rather large issue in it’s implementation of TLSv1.1 and TLS1.2 for versions 1.0.1 through 1.0.1f and 1.0.2-beta. Thankfully, no other versions contain this issue and due to responsible disclosure, a patch is already available in the form of OpenSSL 1.0.1g, which many distributions are already making available via standard package management, such as yum and apt.

As for the juicy details… Heartbleed is a vulnerability caused by a missing bounds check and lack of validation, with the TLS heartbeat extension, that allows for up to 64k of memory to be leaked to an attacker. This is done via initializing a TLS connection over TCP or UDP. When this connection is begun, a heartbeat is shared between the client and server to validate that they are both in good working order. If a malformed, specifically empty, heartbeat is sent, the responding client or server will attempt to copy memory from a packet that is not available and instead respond with data that was previously at the same location that the packet should have been located in memory on the victim’s system. The process is not limited to a newly initialized connection and may be repeated at any point in time with existing connections as well. This could result in leaked memory containing rather benign large chunks of empty memory or severe issues such as private encryption keys, session id’s, passwords, and anything else that might be in the victim’s memory.

Just to clarify, this can affect both clients and servers. Yes, your Android phone’s web browser is just as affected as your Apache web server or OpenLDAP server. So, while updating your OpenSSL version, firmware and operating system are extremely important, one must also consider applications and services that ship with internal versions of OpenSSL or include libraries with compilation that standard updates may not correct.

Resolving this on most systems including current CentOS, RHEL, and Debian based distributions can already be found via standard updates with the included package managers. Systems that do not currently provide updated versions of OpenSSL can be manually updated by building version 1.0.1g from source or building previous versions with the -DOPENSSL_NO_HEARTBEATS flag. In the case of embedded systems such as switches, routers and phones, a firmware update request may have to be made to the vendor directly.

After seeing the large effect this particular bug is having worldwide, we decided to modify existing proof of concept code and provide Nagios users with an automated way to check your systems. Through a Nagios plugin, you can now validate whether your TCP services are vulnerable to the bug with both TLSv1.1 and TLSv1.2. Soon to be implemented updates will include checking of STARTTLS vulnerabilities and UDP connections.

Without further ado, we present the check_heartbleed plugin and heartbleed testing page.

Nagios Exchange: check_heartbleed.py
Nagios.com/heartbleed-tester

Monitoring Gas Prices Using Capacity Planning in Nagios XI

Nagios XI is the most powerful IT infrastructure monitoring solution on the market.  You can use it to monitor virtually anything.  Although Nagios XI is typically meant for more “serious” work, you can have some fun with it as well!  I guess I have been somewhat nostalgic lately…  Do you remember when a gallon of gas used to cost less than a dollar? 🙂

In this article I will show you how to install the check_gas_price.py plugin, set up a dummy host, and add multiple services to it.  This will allow you to check the gas prices in the USA.  Then you may use the Capacity Planning component in Nagios XI Enterprise Edition to view the trends of gas prices in the USA.

First, download the check_gas_price.py plugin from this URL:

http://assets.nagios.com/downloads/nagiosxi/scripts/check_gas_price.py

Next, install the plugin from the Nagios XI web interface by going to: Admin –-> Manage Plugins –-> Choose File, then select the check_gas_price.py file and click Upload Plugin.

If you would like, you can view the plugins’ usage by typing in terminal:

Your output should look like this:

Monitoring gas prices with Nagios XI - check_gas_price.py

Continue reading ‘Monitoring Gas Prices Using Capacity Planning in Nagios XI’

New Microsoft Exchange Server Monitoring Wizard!

We’ve had a lot of folks ask about Nagios’ capability of monitoring Microsoft Exchange servers. There are a number of plugins that have been capable of doing so for a while now, but our customers wanted something easier. Thus, we decided to create a nice Exchange server monitoring wizard.

We’ve tested the wizard with Exchange Server 2010. If you’ve got an older version of Exchange, give it a try and let us know how it works for you!

Get the Exchange Server wizard on Nagios Exchange

Monitoring Linux/Unix Machines Using SSH or NRPE

We’ve had a number of customer requests for new Nagios XI wizards that make it easy to monitor Linux/Unix machines either by SSH (using check_by_ssh) or NRPE. This is often useful in environments where Nagios admins have already installed the Nagios plugins and/or NRPE on machine in order to monitor them with Nagios Core.

Due to the requests we received, we whipped together some new wizards that help with this. Specifically, the new SSH Proxy and NRPE wizards.

And lest I forget, we also had a great community member (thanks Joshua!) document and test instructions on monitoring AIX over NRPE. We worked with Joshua to develop the NRPE wizard in a way that would work with his AIX/NRPE setup. BTW: Would you believe using Nagios to monitor AIX could save $300k+ on Tivoli licenses? 🙂