CEO's Blog

Archive for August, 2006

Searching for problems on a slow Unix/Linux server

August 31st, 2006

There is a nice article on IBM’s developer works website that explains how to use various command line tools to analyze runtime problems on Unix systems:

When your UNIX® system runs slow, it is vital that you discover what the problem is as quickly as possible so you can get your system back into the normal operating mode. There are many causes for a slow system, but actually identifying the problem can be exceedingly difficult. In this article, study examples of how to identify and diagnose the cause of your slow running UNIX system to get your machine running properly again.

(more…)

Long-Term Intrusion Detection using Network Monitoring

August 28th, 2006

Network Monitoring can alert you about security breaches and intrusions by detecting sudden changes in usage pattern and traffic behavior. For example, many worms or viruses cause sudden changes in the amount and type of network traffic when they start to spread.

Modern computer hackers pose a strong threat from the outside. If an organization??s network is unprotected, a single hacker can easily wreak havoc to vital resources. Just as monitoring and security applications have evolved, hackers have gladly stepped up to the challenge.

You may think that having good defensive features like VPNs, firewalls etc. is enough. But hackers are always using new and more sophisticated methods to try to access company systems. Tools like automated hacker robot (or ??bot?) and Trojans perform automated sweeps of the Internet searching for devices with access vulnerabilities. As soon as they find one they try to break in and use your systems for malicious activity. Most of that activity will lead to changes in network usage pattern and to downtimes in your own services.

Also keep in mind that the most dangerous threats come from the inside: employees that install or run malicious software ?? either by intention or because they do not know better ?? pose a much larger threat to your network. If that happens you have the problem inside of your network.

The conclusion is that you have to prepare for these threats in two ways: Use pro-active tools like firewalls and intrusion detection systems (IDS) as well as proper monitoring of your network usage. For a new threat your IDS and firewall may not be prepared yet. So only with monitoring you will be able to see intrusions that your firewall or IDS device may not yet be aware of.

Directory Traversal Vulnerability Issue Fixed for IPCheck Server Monitor

August 25th, 2006

We have published a new version of IPCheck Server Monitor that fixes a security issue in the webserver: By Using URLs with special characters a so-called “directory traversal” was possible. This fact could be exploited to gain access to files on the disk which IPCheck is installed on.

(more…)

Easy to read Drawings of IP, TCP and UDP Packet Headers

August 24th, 2006

This is some quite technical information, but it may help you to understand the foundations of everyday networking. Matt Baxter has some drawings that will show you how the structure of the headers for IP, TCP, UDP and ICMP looks byte-by-byte. It is just the normal information from the RFCs presented in an easy to read format.

ipheader.jpg

(more…)

Ensuring Your Business?? Success with Network Monitoring

August 23rd, 2006

Computers and computer networks are increasingly becoming indispensable for business. In fact, fully web-based businesses rely completely on computers, as almost every aspect of their business relies on their online presence.

This means that even a little problem with the network or the server can seriously affect the business.

The most important keyword here is ??availability?. Availability is measured in ??percent?. This percentage is calculated by dividing ??uptime? (the time a system was available) by the time this uptime was measured (per hour, day, or month).

??10 percent downtime? may not sound horrible at first glance, but 10 percent of one year equals 36.5 days. That is more than a month of lost sales! This can actually cause an economic loss of far more than 10 percent of your total sales. Customers who repeatedly experience a non-functional website will immediately turn away to your competitors and never return.

For most companies, an availability of 99.9 percent (less than 90 seconds of downtime per day) can be reached with reasonable effort and without paying a fortune. In fact, many ISPs offer 99.9 percent SLAs to their hosting costumers.

Today, larger businesses relying on their Web presence must reach a level of “high availability?, meaning a measurement of “five 9’s” (99.999%). Without Network Monitoring, this is level is impossible to reach, even after expensive investments in load balancing and redundant systems.

High downtimes are not the only aspect threatening the success of an online presence; slow websites can also drive the customers away to your competitors?? faster websites. This is the reason why performance monitoring is also very important.

To retain your existing customer base, as well as to attract new clients, you need to be aware of the problems with your site before the customers have to face them.

Top Five Reasons to use Network Monitoring in Your Network

August 21st, 2006

If your company conducts business via the World Wide Web, optimum performance of your business website is not only critical for the growth of your business but also for its survival.

Listed below are the five most important reasons why you should always monitor your website, and its other components.

(more…)

Analyzing a Slow Exchange 2003 Server

August 17th, 2006

You have been there: All servers seem to be getting slower over time. Always. But is it really the problem? Does it really hurt your business? And what can you do against it?

For Windows servers there are multiple reasons for a slowdown over time:

  • fragmented disks
  • overflowing TEMP folders
  • processes that eat more and more RAM
  • too many processes on a system or cpu-intensive processes
  • hardware problems
  • faulty software

Most of theses issues can be felt when working directly on the system (e.g. using Remote Desktop), but maybe they do not have an impact on the server services they provide.

(more…)

Monitoring System Parameters like Memory, CPU and Disks on Linux Systems via SNMP

August 16th, 2006

Every other day users of our monitoring products PRTG Traffic Grapher and IPCheck Server Monitor ask us how they can monitor system parameters like CPU load, memory load, swap file size or disk usage on Linux and Unix systems.

Today we have published a new step-by-step article in our knowledgebase that explains how to set up system parameter monitoring for Linux systems.

This screenshot shows part of the list of available sensors for a Linux system (using IPCheck Server Monitor):

linux.gif

(more…)

The art of network troubleshooting

August 16th, 2006

Grag Schaffer has published an article on computerworld.com about his approach to network latency hunting and troubleshooting. Makes a nice reading over lunch.

While the technology has changed, the basic methods for troubleshooting networks really haven’t. Sure, there are fancier sniffers, analyzers and monitors, but the real basics that demand an understanding of networking to the core level remain the same. Let me present a case history from the days of Thinnet to illustrate.

(more…)

Why Network Monitoring Is Important For Any Business

August 15th, 2006

Before we begin to talk about the importance of Network Monitoring, let’s see what “Network Monitoring” exactly is.

The free online encyclopedia Wikipedia says:

“The term Network Monitoring describes the use of a system that constantly monitors a computer network for slow or failing systems and that notifies the network administrator in case of outages via email, pager or other alarms.”

I would extend this definition by not only monitoring the network for outages but also monitoring the performance and usage of a network.

(more…)

Blog Archives

Blog Categories

RSS Feeds