Jon Jon Clausen wrote: > On Wed, 27 Jul, 2005 at 21:32:41 -0500, Charles Steinkuehler wrote: > > >>I track bandwidth (and other stats) on several (about 8) LEAF boxes I have >>in production. > > > I'd like to set up something like this on (currently) 10+ LEAF boxes.
I am tracking a number of LEAF boxes using MRTG and Smokeping from a central site. > > .. > > Among the stuff I'd like to stat on the LEAF boxes is the number of > connections through each. Is this possible with net-snmp? AFAIK not with MRTG, but it should not be very difficult to write a probe for smokeping for example. Else you could always write a logging script, which, running on the leaf box, would check connections and report them, for example, using syslog to a remote logging machine. > > > > Will something as simple as firewall rules be sufficient to prevent badness > from happening? No, but you can reduce the number of culprits. > > And would the same apply to remote logging? I don't know of syslog exploits, but then I don't follow CERT on a regular basis. > > I'm not happy about the thought of having this data go unencrypted through > the Internet, but OTOH I need some way to track these hosts... I am mostly using IPSEC tunnels for all the above, added a little iproute2 magic to allow to use the tunnel from the LEAF box itself. cheers Erich ------------------------------------------------------- SF.Net email is Sponsored by the Better Software Conference & EXPO September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
