lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <fdb3980a0406250758730c79bf@mail.gmail.com>
From: mohit.muthanna at gmail.com (Mohit Muthanna)
Subject: server administration

> Having said that, you're going to be disappointed in what snmp will
> provide unless you want to start writing MIBs (you don't). So you will
> be doing some sort of client/server model maybe with *NIX tools like
> vmstat and traceroute and wget. We did something similar in 1998 I
> recall.

I wouldn't discount SNMP so easily. A good SNMP agent will provide a
lot of useful information related to the system. Eg. see net-snmp
(opensource) or sysedge (Commercial).

You don't _ever_ have to write a MIB unless you're developing an SNMP
agent/layer for a custom application.

I've worked in environments (ISPs and Telecos) where we've had to
manange servers with numbers in the thousands. And generally the first
question we ask when a new device comes in is: "Is it SNMP enabled?"

Standard UNIX tools vmstat, traceroute, etc. are cool when you're
trying to debug a problem on a machine. Or when you have only a few
machines to maintain. But as soon as you hit about 30 - 40 machines,
your'e going to have problems.

SNMP (v1 and v2c) does, OTOH, have security drawbacks since the
packets pretty much "in the air". But with good host and network
security, you can work around them. SNMPv3 addresses most of the
security issues with the earlier versions.

Mohit.

-- 
Mohit Muthanna [mohit (at) muthanna (uhuh) com]
"There are 10 types of people. Those who understand binary, and those
who don't."


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ