Installing Open-AudIT on Linux

Open-Audit — a system for collecting information about existing equipment and creating reports.

On an example I will describe the installation process in Linux Ubuntu:

1) Download the latest version from the official site
https://www.open-audit.org/downloads.php

2) Switch to the root user, make the downloaded file with Open-AudIT executable and run it:

sudo -i
chmod u+x ./OAE-Linux-x86_64-release_1.12.10.1.run
sh ./OAE-Linux-x86_64-release_1.12.10.1.run

In the installation process, follow the instructions, agreeing with the questions pressing “y” or “Enter“.
Additional components such as apache2, mysql-server, etc. will be automatically installed.

3) Open in the browser web-interface Open-AudIT by reference http://HOST/omk/oae/
Standard login and password – admin/password

Done.

Setting the default mail address in cPanel

Suppose you want all mail that arrives at nonexistent mailboxes in your domain to be delivered to a specific mailbox.

For this:

1) On the cPanel main page, in the “Email” section, select “Default Address

2) In the window that opens, select the domain (if there are several), select “Forward to Email Address” and specify which address to forward.

Instead of sending it, you can also choose to delete emails, forward to a system mail account, or send to a script.

Done.

SMS sending script via Goip4 gateway

Here is an example of a script written in PHP, for sending SMS messages through the Goip4 gateway.
The script receives data from the SQL database with a query and alternately sends SMS to each number, and also writes an entry about sending it to a special sms table.
Continue reading “SMS sending script via Goip4 gateway”

Using the firmware password on a Mac

To enable or disable the firmware password on the Mac and MacBooks, you must press the Command+R keys or the Option(Alt) key after turning on the sound, then select the menu “Utilities“-“Firmware password utility “and select” Enable firmware password “in the window that opens and set the password.
Continue reading “Using the firmware password on a Mac”

Monitoring BGP in Zabbix

I’ll give an example of a simple check whether something is running on TCP port 179 which uses BGP.

Create the following data item with the name Zabbix in the new Zabbix template or right in the network node “Template App BGP Service” (where 192.168.10.2 is the address of the host on which the performance of the BGP is checked):

Name: BGP service is running
Type: Zabbix agent
Key: net.tcp.service[tcp,192.168.10.2,179]
Type of information: Numeric (positive integer)
Data type: Decimal
Displaying the value: Service state

If Zabbix-agent is installed on the node, then we will create two data elements and in the field “Key:” we will indicate:

proc.num[bgpd]
proc.num[zebra]

If the data element reports 0, then BGP does not work, or the port is closed, if 1 is OK.

Accordingly, we will add a trigger that will notify about the idle BGP:

Name: BGP does not work on {HOST.NAME}
Expression: {Template App BGP Service:net.tcp.service[tcp,192.168.10.2,179].max(#3)}=0

Все.

Monitoring Samba in Zabbix

I will give an example of monitoring the number of running Samba processes, as well as creating a triggering trigger when there are no running processes.
In a system with Samba, a Zabbix agent must be installed.
See my popular articles about Zabbix.

Create a template, for example, with a name “Template Service Samba” and add the following data item to it:

Name: Number of processes nmbd
Type: Zabbix agent
Key: proc.num[nmbd]

Similarly, we create for smbd.
You can also create data items that represent the amount of memory used by the process, in which case the key will look like this:

proc.mem[nmbd,,sum]

And also add graphics for them.

Now add a trigger for each process to see when the process is not running:

Name: Does not work nmbd on {HOST.NAME}
Expression: {Template Service Samba:proc.num[nmbd].max(1)}<1

Done.

How to fix “client denied by server configuration” error

I noticed once in the browser the error of opening a GoIP SMS crypt:

[authz_core:error] [pid 23415] [client 192.168.56.1:50388] AH01630: client denied by server configuration: /usr/local/goip/

As it turned out, the script was supposed to work in apache2 version 2.2 and in the file /etc/apache2/conf-enabled/goip.conf the following parameters were specified:

Order allow,deny
Allow from all

And in my case, an apache2 version of the newer 2.4 was installed, in which access control is configured a little differently, and to fix the error, change the above parameters to:

Require all granted

Or to restrict access to IP by resolving locally and to specified addresses:

Require local
Require ip 192.168.56.1 192.168.22.10

And restart apache2 to apply the changes:

sudo service apache2 restart

See also:
Access Control Apache2