NsMon (Network Security MONintor) is a program which can check
your servers which are connected to the internet/intranet via TCP/IP.
The check are the following: ping and port check. Ping check is a simple
5 ICMP echo with a timout. Port check is a simple connect() via TCP socket.
If one of the checks was unsuccessfull NSMON sends a mail to the admin of that
host which was wrong. You have to define an smtp mailer, NSMON will connet
into it directly and send an RFC compatible message.
NsMon is a free, GNU/GPL software.
Click here to read
the terms and conditions for copying, ditribution and modification.
My name is Tibor Koleszar, i live in Hungary and workng for an ISP
corporation called IntegraNET. You can reach me via email( t.koleszar@somogy.hu)
or on ircNet (on #linux, or hungarian #linux.hu or irc.debian.org's #debian).
If you have a problem with nsmon, please send me an email, and i will correct
the problem.
By the way... If you like nsmon, and want to show it to others add a
link to this page with the following image.
WHERE CAN I GET IT?
Check http://www.debian.org for the binary or for the source.
So, if you've got the source untar and unzip it with the following command :
tar xzvf nsmon-X.X.tar.gz. After type cd nsmon-X.X and run make.
Now run make install it will copy nsmon binary into /usr/sbin. After you
have to make the magical nsmon config file.
Here is some help to do it:
| KEYWORD |
DESCRIPTION | TYPE |
| logfile | the path and name of the nsmon logfile. (logfile=/nsmon/nsmon.log) | global required |
| lock | the path of the nsmon lockfiles. (lock=/nsmon/lock) | global required |
| servername | It will be the sender of the mails. It have to be a real address because some intelligent mailer checks is. (servername=pluto.somogy.hu) | global required |
| username | It will be the sender of the mails. (username=root) | global required |
| gateway | Before every port or ping check nsmon checks the gateway ping. It has to be a 123.123.123.123 ip address because if there is no DNS there can be some problem. (gateway=193.91.74.3) | global required |
| checkhost | Checkhost is a beginer word of a section. Begins with checkhost { and ends with a } | global required |
| name | Name of the host what you want to check. NsMon will get its inet address at first time, so there will be no DNS problem during the tests. (name=mail.somogy.hu) | member of checkhost required |
| The "To:" field of the mail header (email=123123@sms.pgsm.hu) | member of checkhost required |
|
| smtpserver | The smtp mail server. (smtpserver=localhost) | member of checkhost required |
| sendalarmtime | If your checkhost is down nsmon wont send you email in every check time, just the first time and in every sendalarmtime min. (sendalarmtime=60) | member of checkhost required |
| pingtimeout | Timeout of the ping test in sec. (pingtimeout=15) | member of checkhost depends on pintest |
| pingtest | Test ping in every pingtest min. (pingtest=5) | member of checkhost depends on pingtimeout |
| portchecktime | Check ports in every portchecktime min. (portchecktime=3) | member of checkhost depends on portcheck |
| portcheck | Portcheck is a section to declare those ports which you want to check in this checkhost. Example:
portcheck = (
80 = http
25 = smtp
)
It checks port 80 called http in the logfile and port 25 called smtp.
|
member of checkhost depends on portchecktime |
nsmon.conf:
logfile = /var/log/nsmon.log
lock = /var/lock/nsmon
servername = www.foo.org
username = root
gateway = 123.123.123.123
checkhost {
name = mail.foo.org
email = jsmith@foo2.org
smtpserver = mail.foo.org
sendalarmtime = 60
pingtimeout = 20
pingtest = 2
portchecktime = 5
portcheck = (
80 = http
3128 = squid
25 = smtp
)
}
You can add a lots of chekchost section. OK! Now you can start nsmon with nsmon nsmon.conf &.
You will get ther errors of the config file or the host sudenly if there is some.Good luck!