From owner-freebsd-questions Sat May 23 13:12:13 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA25340 for freebsd-questions-outgoing; Sat, 23 May 1998 13:12:13 -0700 (PDT) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from caladan.tdx.co.uk (caladan.tdx.co.uk [195.188.177.4]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA25310 for ; Sat, 23 May 1998 13:12:04 -0700 (PDT) (envelope-from kpielorz@tdx.co.uk) Received: from tdx.co.uk (lorca-tx.tdx.co.uk [195.188.177.242]) by caladan.tdx.co.uk (8.8.8/8.8.8) with ESMTP id VAA05224; Sat, 23 May 1998 21:11:57 +0100 (BST) (envelope-from kpielorz@tdx.co.uk) Message-ID: <35672D63.773FB7E@tdx.co.uk> Date: Sat, 23 May 1998 21:11:15 +0100 From: Karl Pielorz Organization: TDX X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: Jerry Preeper CC: freebsd-questions@FreeBSD.ORG Subject: Re: Testing / Monitoring A New Server References: <3.0.5.32.19980523115315.00832ca0@crash.cts.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, I don't know about much which will help you monitor the performance of the server - I know of some sites that run 'mrtg' (see /usr/ports/net/mrtg) and have that draw pretty graphs of the throughput on the boxes NIC's, and load average / free memory etc... As for keeping the box secure - Have a look at 'tripwire' (I'm not sure where you can get this from now), and 'swatch'. Tripwire will MD5 all the files on the system - and can be made to notify you when critical files change. Swatch will 'watch' your log file (on our systems we log _everything_ to /var/log/message) and again - can perform 'real time' notifications of 'unusual' behaviour etc... If your _really_ into security you may also want to check out Bind 8.1.2 and Sendmail 8.9.0 (though your Sendmail sounds well setup anyway)... If you have some free time I'd be interested in any hints/advice over SSH - we've been looking to install it here, but I've not got any experience with it, I don't even know where to get it from for starters ;-) (not enough hours in the day ;-) Regards, Karl Pielorz Jerry Preeper wrote: > > I just finished having a web server built for me with FreeBSD 2.2.6, Apache > 1.2.5 and Stronghold SSL (for later use) and it is up and running and > everything seems fine. We haven't switched any domains to it yet while I > still finish putting a couple of sites on it to get it started. We will be > running our own nameserver. We have installed the firewall. Sendmail has > email relaying prohibited except from specified IPs. > > Now that everything is running, I was wondering what tools you might > recommend I use for: > - monitoring the server performance on a regular basis > - testing the security of the server (only has ssh access, no telnet) > - monitoring the security of the server on a regular basis > > Thanks for any info you can provide. > > Jerry Preeper To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message