Dixon-Ratzlaff Family Blogs

Observium: Bandwidth monitoring and more

by on Oct.07, 2014, under Tech Tips

Back when I started this job and wanted network monitoring tools, I was already familiar with MRTG and I soon found Nagios, two great open source projects that did exactly what I needed: give me traffic graphs and let me know when something goes down. The only problem with both of those packages was that configuration was a manual process, editing configuration files. As our network grew, I started looking for alternatives.

I found OpenNMS and used that for quite a while.  It combined the functions of my MRTG and Nagios, and seemed a little friendlier to configure.  Then when we were looking for help desk software, we found Spiceworks (not open-source, but free!), which also does a good job of inventorying all our equipment and also notifying us when something is awry.

Over time, our OpenNMS installation grew slower and slower and finally started locking up at various times.  I found I didn’t really use it as much as I used to since we had Spiceworks, so I just turned it off.

But recently I found myself wanting the traffic graphs again.  Some performance issues had cropped up on the network, and I needed to see what was going on.  I actually considered setting up MRTG again, until I found Observium.

I followed a step-by-step walkthrough on how to get it set up on CentOS 6.  One of the last steps was “add your first host manually” via the command-line.  I chose our core Cisco router and let fly, but was amazed at how much data was flashing across my screen.  Observium was intelligent enough about Cisco devices that it accessed CDP information and other data to discover all the rest of my routers and managed switches I had on the network.  Most of the system ended up getting set up in that one command.  The few devices it missed were easy to add via the web interface.

I haven’t had good luck adding Windows servers yet, mostly because it seems that Windows has so many “interfaces” defined that really don’t mean anything to me.  It was too much work turning off monitoring to all the interfaces I didn’t care about.  Also, Spiceworks does a decent enough job monitoring CPU and RAM usage on Windows that I didn’t see the need to have the data twice.

In addition to logging traffic on network interfaces, Observium collects data on whatever the device will provide.  For example, from our Cisco 7206 VXR router Observium collects CPU and memory utilization, temperatures, voltages, power supply status, and all manner of statistics from the network interfaces.

Right now, I’m just using Observium as a kind of Super MRTG on Steroids, but it can also send out notifications if something goes down, and I’m interested in setting it up to receive interface status traps from my routers to get even quicker notifications when a link goes down.

I like it.  It’s pretty, it offers a lot of useful information, and it’s easy to configure.  And it’s free and Open Source.

Comments Off on Observium: Bandwidth monitoring and more more...

When The Drama Dies

by on Jul.07, 2014, under Imagined Images & Other Tricks with Mirrors

I never journal, much, 'cause, well... I'm happy. Got a loving husband, a roof over my head, a munchkin that drives me to drink, but still has his moments of potential. It's nice, I tell ya. Nice. 
Comments Off on When The Drama Dies more...

When The Drama Dies

by on Jul.07, 2014, under Imagined Images & Other Tricks with Mirrors

I never journal, much, 'cause, well... I'm happy. Got a loving husband, a roof over my head, a munchkin that drives me to drink, but still has his moments of potential. It's nice, I tell ya. Nice. 
Comments Off on When The Drama Dies more...

Windows Update Error 80244022

by on Dec.03, 2013, under Tech Tips

One of our servers hadn’t been getting updates.  Once I finally stripped some of our group policies off the box to allow me to check for updates manually, Windows helpfully reported “Code 80244022 – Windows Update encountered an unknown error”.

Searching Google for this error code returned a Microsoft article which was also less than helpful.  But the bit about checking proxy settings got me to thinking.

Windows Update uses winhttp and its proxy settings rather than Internet Explorer’s proxy settings.  Sure enough, when I checked I found a proxy set for winhttp and no exceptions listed.  Our WSUS server is on the same LAN as the problem server, and that server has no need to access the Internet, so I simply cleared the proxy settings:

C:\Windows\system32>netsh winhttp reset proxy

Current WinHTTP proxy settings:
    Direct access (no proxy server).

Then after restarting the Windows Update service, everything worked correctly.

Comments Off on Windows Update Error 80244022 more...

Increase corporate security with AppLocker

by on Apr.19, 2013, under Tech Tips

I came across a TechRepublic article today about how DropBox could be used as a conduit to drop malware on a corporate computer.  Long story short – DropBox wasn’t the security hole, just the delivery mechanism.  An attacker was able to utilize a compromised laptop that synced to a corporate desktop via DropBox to deliver malware files to the corporate desktop.  Since the default location for the DropBox files were in the user profile, when the malware ran, there were no UAC warnings.

Many of the comments on the article had to do with, “What if DropBox wasn’t installed in the user profile?”  But that’s not the real problem in my mind.  I wondered, “Why do users have access to execute programs in their profile at all?”

In our network, we have AppLocker group policies in place to disallow execution from anywhere but trusted program locations.  Our users do not have access to write in those trusted locations, and the AppLocker policies do not allow execution from anywhere our users do have access to write files. (such as their user profile and removable drives)  This helps prevent our staff from installing or running software they download or bring from home (which is against our company policy), and it also mitigates the types of attacks described in the TechRepublic article.  If it can’t be executed, it can’t infect.

Of course, AppLocker policies can only be enforced on workstations running Windows 7 Enterprise, Windows 7 Ultimate, or Windows 8, or on servers running 2008 R2 or 2012.

Comments Off on Increase corporate security with AppLocker more...

Real Life…

by on May.21, 2012, under Imagined Images & Other Tricks with Mirrors

True story. David is currently wearing a Spiderman bodysuit/costume, a red Scooby-Doo sun hat, Dan's black leather winter gloves, and a Darth Vader mask. He's running about the house declaring "Behold! I am Obchowock! That kid is OUT there, sometimes. *lol*
Comments Off on Real Life… more...

Real Life…

by on May.21, 2012, under Imagined Images & Other Tricks with Mirrors

True story. David is currently wearing a Spiderman bodysuit/costume, a red Scooby-Doo sun hat, Dan's black leather winter gloves, and a Darth Vader mask. He's running about the house declaring "Behold! I am Obchowock! That kid is OUT there, sometimes. *lol*
Comments Off on Real Life… more...

It is… What it Is…

by on May.08, 2012, under Imagined Images & Other Tricks with Mirrors

I am WEARY. 

I am so sorry for everyone and every pain all of my friends are dealing with this year.

There are pains I can't even relate to. I am SO SORRY. I wish I could do more. Truly. 
Comments Off on It is… What it Is… more...

It is… What it Is…

by on May.08, 2012, under Imagined Images & Other Tricks with Mirrors

I am WEARY. 

I am so sorry for everyone and every pain all of my friends are dealing with this year.

There are pains I can't even relate to. I am SO SORRY. I wish I could do more. Truly. 
Comments Off on It is… What it Is… more...

The Worst Dinner Party…

by on Oct.15, 2011, under Imagined Images & Other Tricks with Mirrors

Mom is prepping a turkey about the size of my hand and having major issues. She insists that I cancel my classes so I can stay and help. There is a huge gathering out at The Ranch with various foods. Mom and I prep eats all day and put everything in a huge wall length oven to keep warm. In a fit of confusion she puts the turkey in and it never cooks proper. I am disgusted trying to carve through the raw meat. I know it was a simple mistake but can't help but be irritated at the wasted time. 

There is a huge fireworks display outside and UFO's and all kinds of wondrous things. I am angry, again, trying to get David out of the house to see, but he is too busy eating cheese and watching telly with Nanna. She keeps insisting "He's too little to care about those types of things, anyway." My only retort to him is, "Fine pal. Have it your way." I go out and watch a shower of falling stars. 
Comments Off on The Worst Dinner Party… more...