Nagios Uptime Plugin

After the recent nagios-plugins update that we applied to our centos nagios box, we found our uptime check we created no longer worked. The uptime check we created using the check_snmp plugin to grab the OID for Linux HOST-RESOURCES-MIB::hrSystemUptime.0 or for other devices 1.3.6.1.2.1.1.3.0 and then tell us if the uptime for a device was less than ten minutes. For some reason the new check_snmp plugin no longer parses the results of these MIB's in a similar manner. It reported the data correctly, but it would not trigger a critical alert when the uptime was less than what we specified.

In an attempt to get us back up and running I devised a bash script plugin to grab the snmp data manually parse it and report back the status. Here are the results aptly called check_uptime.sh:

#!/bin/bash

#Description: Nagios plugin to check uptimes of servers and equipment.

#Linux uses a different OID for uptime than does everything else. If you use the regular

#OID for Linux hosts you will get an erroneous answer.

#Version 0.5

#Created by Jason Wasser

#Until I can learn how to parse command line arguments, we must accept the command line

#argments in order.

#$1 - hostname

#$2 - community name

#$3 - critical (automatically chooses less than) value in ticks (100 ticks per second)

#$4 - OID - choose between one of the values below

#OID for Linux: HOST-RESOURCES-MIB::hrSystemUptime.0

#OID for Other: 1.3.6.1.2.1.1.3.0

UPTFULL=`snmpget -v1 -c $2 $1 $4 | cut -d "=" -f 2`

UPT=`echo $UPTFULL | cut -d "(" -f 2|cut -d ")" -f 1`

if [ $UPT -lt $3 ]; then

echo "CRITICAL -" "$UPTFULL"

RET=2

elif [ $UPT -gt $3 ]; then

echo "OK -" "$UPTFULL"

RET=0

else

echo "UNKNOWN -" "$UPTFULL"

RET=3

fi

exit $RET

Google Providing Invitations to Google Voice

The Google Voice service allows you to have one phone number reach you at any of your other phone numbers whether it be your home, work, or mobile.

From the Google Blog:

Invite a friend to Google Voice: "(Cross-posted from the Google Voice Blog)

Since the debut of Google Voice, our early users have shared lots of feedback that has led to some exciting new features, like the ability to receive SMS messages via email and the option to change your Google Voice number. But one of the most frequent requests we've received is for the ability to share Google Voice with friends and family.

Starting today, we're beginning to give out invitations to Google Voice users. If you currently use Google Voice, over the next few weeks, you'll see an 'Invite a friend' link appear on the left-hand side of your inbox.


We'll be rolling out these invitations gradually, so don't worry if you don't see your invitations immediately. We're initially giving out three invites to each account, but we're planning to provide more invitations in the future.

If you don't have an account yet, you can request a Google Voice invitation at google.com/voiceinvite.

Posted by Craig Walker and Vincent Paquet, Product Managers, Google Voice

RHSA-2009:1490-1: Moderate: squirrelmail security update

If you use Squirrelmail on your Redhat based servers be sure to upgrade.

RHSA-2009:1490-1: Moderate: squirrelmail security update: "Red Hat Enterprise Linux: An updated squirrelmail package that fixes several security issues is now
available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team. CVE-2009-2964"

Latest udev Package Causes Kernel Panic

Be forewarned: I just installed the latest udev update onto two of my CentOS 4 servers and it caused a kernel panic.  After resetting the servers, they have come up fine.  I am still researching as to what caused the problem.

UPDATE: I believe the problem was caused by an outdated kernel.  We were running 2.6.9.

ClamAV 0.95.1 Packages on CentOS 4

Today I ran yum update on my mail server and noticed that the ClamAV packages were set to be upgraded. Trusting rpmforge’s packages as I do, I ran the updates and attempted to restart clamd and clamav-milter services.  This is where my problems began.  When attempted to start clamd I received the error:

ERROR: LogFile requires full path. 

When I reviewed the clamd.conf file the LogFile line read:

LogFile unix:/var/log/clamav/clamd.log

I’ve never seen the unix: prefix in a path before so I removed it.  When I did clamd started right up.  Then I looked that messages logfile and saw the following line:

clamav-milter[19418]: No clamd server appears to be available

I looked in the clamd.log file and saw that is was set to LocalSocket /tmp/clamd.socket, but the clamav-milter.conf was looking for clamd’s socket at unix:/var/run/clamav/clamd.sock.  So I changed the ClamdSocket line to unix:/tmp/clamd.socket (to match clamd.conf) and restarted clamav-milter.  Then the error messages went away.

Apparently the 0.95.1 version also turns off the X-Virus-Scanned headers as well.  I turned that back on in the clamav-milter.conf file. 

 

Apparently there was a major architectural change in ClamAV 0.95.

UPDATE: A new set of packages was released this week.  I don’t know if they fix the problem, but I suspect they caught their mistake.

GrandCentral SSL Error

FYI.  Google’s GrandCentral site has an expired SSL certificate.  I’ve already contacted them about it via their support site.  I’m sure they’ll have it remedied soon.

Microsoft Releasing an Out-of-Band Security Update for Internet Explorer

 

Update Tuesday came and went this week with a few updates, but a vulnerability has been exposed for Internet Explorer versions 6-8 on Windows XP, 2003, Vista, and even 2008.  Microsoft has decided to release and out-of-band security update for this vulnerability due to its critical nature.  Unfortunately this zero-day exploit has not fix yet from Microsoft.  The update is expected to be released sometime today.  Be sure to sync up your WSUS servers after the exploit has been released. 

Remember my tips to subscribe to important security lists to stay on top of your networks.

Read Microsoft's Security Advisory