[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Recomendations for surveillance/configuration/heartbeat tool for remote servers

Hi Robert,

first of all we would need to know which OS the remote servers are 
running. If it is (SuSE) Linux, you should at least have SSH access on 
port 22. Then you can tunnel all other applications through SSH (see 
"man ssh" and the "-L/-R" options.

Installing VPN is more complicated and is (at least partly) dependent
on whether the servers are behind a NAT-router or not. SSH and
tunneling is more simple. You could run a VNC-server on the machines
to access the graphical screen (make it listen on localhost only and
tunnel port 5900 by SSH to get security+encryption also on VNC).

If you are running Windows on the servers, one option is to install 
the Cygwin package (www.cygwin.com) and use the Cygwin SSH server for 
access. Then run TightVNC on localhost only and tunnel port 5900 by 
SSH for secure access.

The nice thing about SSH is that you need only one port through your 
firewall(s)/router(s). Make sure each server has its own firewall and 
allow SSH access only from your IP.

For "heartbeat" functionality, run a script on your server 
that pings all servers and writes an email if the ping times out. If 
ping (ICMP packages) are not able to reach the remote servers, you 
could run a script on the remote server to send an email every 5min. 
Use procmail on your site to process the incoming emails and notice 
you when one of the server stops sending them.


Am Hasenberg 26         office: Institut für Atmosphärenphysik
D-18209 Bad Doberan             Schloss-Straße 6
Tel. ++49-(0)38203/42137        D-18225 Kühlungsborn / GERMANY
Email: schoech@xxxxxxxxxxxx     Tel. +49-(0)38293-68-102
WWW: http://armins.cjb.net/     Fax. +49-(0)38293-68-50

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here