Showing posts from December, 2013

Detecting a Hacker Attack

I work as a system administrator for a company monitoring around 20 servers running open source applications . One of the application we are using is Jboss . The Jboss version we are running is an old version (4.0) as per client requirement .We have upgraded jboss to the latest after this incident . Besides this we  are using Nagios for application and Infrastructure monitoring. 
The alarm of a server getting compromised raised on a Monday morning when we saw continuous Nagios high load alerts from the server running old version of Jboss . The alerts actually started coming from Saturday morning .

I immediately logged to the affected machine and the first few commands I run was w and top command .
Checking System Load and identifying top contributor top command showed high load on the system with some perl commands running for 'jboss' user with CPU utilization around 100%

# top top - 15:03:03 up 22 days, 2:37, 1 user, load average: 29.02, 28.40, 23.27 Tasks: 310 total, 3 runn…

MRTG : Montoring Network Bandwidth of Linux Servers

About MRTG:

MRTG stands for Multi Router Traffic Grapher  is a free software for monitoring and measuring the traffic load on network devices . MRTG is written in perl and works on Unix/Linux as well as Windows and even Netware systems. MRTG is free software licensed under the Gnu GPL.

Download MRTG:

MRTG is available for download from . 

Steps to install MRTG is available here

Configuring MRTG:  We will be using MRTG to monitor traffic flow of  three Linux based servers . In order to proceed further , we need to configure SNMP on these Linux Servers . Following are the steps to be followed to configure SNMP . In part 2 , we will steps to configure MRTG to monitor these Linux servers.

Part 1: 

1. Install following net-snmp tools on all the three servers.


2.  Start snmpd service as root

service snmpd start 
         chkconfig snmpd on

3.  Default community string i…