Loading...

Follow Hacker Combat | Cyber Security and Hacking News on Feedspot

Continue with Google
Continue with Facebook
or

Valid

Cyberattacks, as per a recent report by the WEF (World Economic Forum), are almost as disastrous for the already-struggling economies as are natural disasters.

The WEF Global Risks Report 2019, released recently, has flagged cyberattacks, data fraud and critical infrastructure breakdown among the year’s most significant causative risks. The report, which presents a detailed analysis of societal risks, underscores the critical importance of cybersecurity. It says that cyberattacks, which are almost as likely as natural disasters are, would have an impact that’s similar to water crisis, on the global level.

As per the WEF Global Risks Report 2019, cyberattacks pose lesser risk compared only to extreme weather events, natural disasters, water crises, biodiversity loss and our failure to mitigate climate change. Data fraud or data theft, though slightly more likely than cyberattacks, is actually a bit less impactful.

CSO Online reports, “Based on the opinions of nearly 1000 global decision-makers, the WEF Global Risks Report 2019 also flagged quantum computing and “emotionally responsive” artificial intelligence as key disruptors but flagged cybersecurity risk as a major and likely issue for already-struggling economies around the world.”

The CSO report further says, analyzing the WEF Global Risks Report 2019- “Cyberattacks were linked to trends such as increasing national sentiment, the increasing polarisation of societies, shifting power, and rising income and wealth disparity…They were connected to a range of risks including the failure of critical infrastructure, critical information infrastructure breakdown, terrorist attacks, profound social instability, interstate conflict, failure of national governance, and the adverse consequences of technological advances.”

The Global Risks Report is based on the WEF’s annual GRPS (Global Risks Perceptions Survey), which covers around 1,000 members of WEF’s multistakeholder communities. The executive summary for the Global Risks Report 2019 observes, “Technology continues to play a profound role in shaping the global risks landscape. Concerns about data fraud and cyber-attacks were prominent again in the GRPS, which also highlighted a number of other technological vulnerabilities: around two-thirds of respondents expect the risks associated with fake news and identity theft to increase in 2019, while three-fifths said the same about loss of privacy to companies and governments. There were further massive data breaches in 2018, new hardware weaknesses were revealed, and research pointed to the potential uses of artificial intelligence to engineer more potent cyberattacks. Last year also provided further evidence that cyber-attacks pose risks to critical infrastructure, prompting countries to strengthen their screening of cross-border partnerships on national security grounds.”

82 percent of those covered in the survey felt that 2019 would see increased risks around the theft of money and data and 80 percent expected cyberattacks to cause disruption of operations and infrastructure. Almost 60 percent expected that 2019 would witness increasing loss of privacy to companies and governments and 69 percent expected to see a rise in risks associated with fake news. Another issue that bothered many was identity theft; 64% of respondents felt there would be an increase in identity theft in 2019.

The report’s findings prove that the world is now aware of the risks that cyberattacks pose to the overall digital economy and to our way of life itself. It also shows that many recent attacks (WannaCry, Equifax etc) have had a considerable impact on our global psyche and we have started taking into account the frequency of cyberattacks and the risk they pose.

The post Cyberattacks Almost as Impactful as Natural Disasters: WEF appeared first on .

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

The #10YearChallenge was fun when people shared their pictures one from today and one from a decade ago. It gained widespread traction on social media. Some made jokes, paid tribute to old hairstyles. Celebrities posted glamour shots from one decade to the next.

People were posting pictures on Facebook and Instagram, which is owned by Facebook. Then came a tweet that moved thousands of people to worry: Are we unknowingly helping Facebook to improve their algorithms for biometric identification and age progression?

But one tweet by Kate O’Neill went viral that reads “Me 10 years ago: probably would have played along with the profile picture aging meme going around on Facebook and Instagram,” she wrote in a tweet last week. “I now: ponders how all this data could be mined to train facial recognition algorithms on age progression and age recognition.”

She hit the nail, and people started debating about whether they were helping Facebook get better at identifying people. Kate O’Neill’s post got more than 10,000 retweets and more than 20,000 likes. She elaborated her thoughts in a widely shared article in Wired.

O’Neill said “I wondered about why this particular thought, in this particular moment, generated so much traction,” adding that she was not trying to stoke any panic.”

Experts said the photos for the #10YearChallenge is a very big bonus of data that Facebook has been collecting for years.

“We have an awful lot of data that we’re sharing all the time, and companies are collecting it and using it in various ways,” Ms. O’Neill said.

Supporters of facial recognition technologies said they can be indispensable for catching criminals or finding missing people. But critics warned that they can enable mass surveillance or have unintended effects that we can’t yet fully fathom.

The #10YearChallenge could conceivably provide a relatively clean data set for a company that wanted to work on age-progression technology,” said Lauren A. Rhue, an assistant professor of information systems and analytics at the Wake Forest School of Business.

She added that Facebook already has billions of photographs on its platform, and people should be wary of any company being in possession of such a large trove of biometric data.

“The risk of giving up any type of biometric data to a company is that there’s not enough transparency, not only about how the data is currently being used, but also the future uses for it,” she said, pointing to another form of biometric data, DNA, which is increasingly being used by law enforcement to track down suspects — something many people might not have anticipated when they volunteered saliva in exchange for help tracing their ancestral roots.

“There are things we don’t think of as being threats,” Professor Rhue said. “And then five or 10 years from now, we realize that there is a threat, but the data has already been given.”

Facebook announced that it was using facial recognition technology in 2010. The company said it does not intend to help strangers identify you, and has repeatedly pointed out that users can disable face recognition in their personal settings.

As for the 10-year challenge, Facebook said it’s just a fun trend. The company said on Twitter “the 10-year challenge is a user-generated meme that started on its own, without our involvement,”

Facebook has its share of controversy when last time when it faced crises when it was revealed how a political consulting firm had improperly obtained data of as many as 87 million Facebook users. The New York Times reported in November that company leaders had tried to play down major concerns about privacy or deflect blame, and in December that Facebook gave big technology companies more intrusive access to users’ personal data than it had previously disclosed.

Jennifer Lynch, the director of surveillance litigation for the Electronic Frontier Foundation, a digital rights group said: “The threat to privacy has become real to people in the last year.” She added, “My hope is that people will become concerned about this vast face recognition database that Facebook has amassed and pushed back on Facebook, turn off face recognition in our Facebook profiles, and push for strict privacy laws at the state and federal levels.”

The post Facebook’s 10-Year Challenge – Is It More Than What Meets the Eye appeared first on .

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Six years jail time, that may become the penalty awaiting the 6 young hackers, two who were allegedly responsible for DDoS (Distributed Denial of Service) attack against Ukraine government and education sectors, most severely hit was Mariupol City while the rest were involved with the online heist. DDoS is a type of network attack with the goal of using up all the resources of a server so that legitimate transactions on that server will never become successful for legitimate users/customers.

Employees of the Donetsk Department of the Department of Cyber policies together with the police investigators of the Donetsk region, under the procedural guidance of the Mariupol local prosecutor’s office, exposed two residents of the city of Mariupol in carrying out DDoS attacks on a number of regional information resources. This has caused the site to be unavailable for some time,” said by the Cyberpolice department.

Ukrainian Cyber Police Department arrested the 6 individuals, aged 26-30 years old were working for an undisclosed IT firm. They were arrested while in the company’s premises, the computers and mobile phones they were using were also confiscated by the authorities. The four individuals in the case allegedly stole $178,380 through hacking bank accounts of innocent Ukrainian depositors. They are also allegedly responsible for the keylogging of their victim’s computers, enabling them to steal bank account information covertly.

The employees of the cyber police have determined that the 22-year-old newborn has created two software codes for the implementation of DDoS- attack. Using the software he created, he, together with his 21-year-old friend, interfered with the work of the Internet portal. Yes, the program sent about hundreds of automatic queries to the resource every second. As a result, this led to the refusal to service the news portal,” explained the Ukrainian Policy team who arrested the suspects.

They jointly developed a program that queries a system multiple times a second, disabling the service capacity of the system for legitimate users. Forensic investigation was conducted of the government’s Eastern region Information Technology and Programming Department. They clearly confirmed that the seized computers were actually used for DDoS attack.

The six suspects will be facing a case under the Unauthorized Interference with the work of computers, automated systems, computer networks or telecommunication networks of the Criminal Code of Ukraine.

The post Ukraine Watch: 6 Young Hackers Caught DDoSing and Stealing Money From Bank Accounts appeared first on .

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Our mobile devices contain a lot of personal information, even more than on our computers. We go all day with our mobile phone, we can not leave home without it, and if we lose it or it is stolen it becomes a drama, which can be even greater if we do not have our device protected. The Android operating system has been adding over the years’ security features that allow us to have very well protected our Android and our data so that only we can access and avoid dislikes if our device falls into the wrong hands or if we install any application malicious.

Here are some tips in order to help lock down an Android device:

1. Google Play Protect

By default, Google installs a real-time updating antimalware system in Android. It is part of the Google Play Services system, which all Android handset manufacturers install by default, except for Amazon devices and those Google-free devices made in China, for the Chinese citizens. Google Play Protect automatically scans all apps before it gets installed and the good thing about it is its maintenance-free nature. Users don’t need to manually update it with new signatures to detect new malware; it updates itself in the background while Google Play Store is open.

2. Use a lock screen

If we want to protect our Android, it is mandatory to put a screen lock. This can be a pattern, a PIN, a password or our fingerprint if the device has a reader. Of course, if we choose a pattern let’s put one that is not easy to predict. It is configured in Settings> Security> Screen lock. If it bothers us having to be unlocking the device every time we turn on the screen we can use the Smart Lock that released Android Lollipop. This automatic unlocking will avoid having to put the pattern or PIN when it recognizes our face, we have it in hand, we are at home, etc. It is configured in Settings> Security> Smart Lock.

3. Only use the Google Play Store for downloading apps

The safest way to install applications and games is to do it from Google Play. The shop already analyzes and approves the applications, with which malicious applications are rarely leaked. It is advisable to deactivate the option Settings> Unknown origins. To have the peace of mind that all the applications that we have installed are safe, nothing better than to activate the application verifier. In the Google Settings> Security, we have to activate the option “Search for security threats on the device” and “Improve the detection of harmful applications.”

4. Take control of permissions

From Android Marshmallow we can manage the permissions of the applications, a security measure that will give us more control and privacy. In Settings> Applications> Advanced options> Application permissions we can decide to what type of information and functions each of the applications can access.

5. Encrypt the device

Available since Android 4.0 Ice Cream Sandwich is full device encryption support. The encryption process is very slow, lasts more than an hour, and then every time we turn on the phone, all the data has to be deciphered, which slightly affects the performance.

The post First 5 Things To Do After Activating A New Android Device appeared first on .

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Amazon’s Cloud offering provides reasonable security tools in order to prevent technical infiltration from outside attempts. However, breaches due to unknown bugs, security exploits or plain old human error can occur to even the best safeguards current technology can offer. The use of the cloud as a storage container and remote application host has grown in an unprecedented rate, to a point that companies taking advantage of cloud services are becoming more and more dependents and confident with storing unencrypted files in their shared storage section of Amazon and other web services.

This what happened with Australia’s First National, a real-estate firm in the land down under. Their Amazon S3 bucket which contained unencrypted resumes and other personal records of 6,000 applicants and employees were leaked publicly. The following information was leaked:

  • Full name
  • Address
  • Contact number
  • Birthdate
  • Educational Attainment
  • Employment history
  • And other auxiliary information that a typical application resume contains.

First National is now under the jurisdiction of the Australian Notifiable Data Breaches ruling, that legally compel companies to notify all information affected by a data breach, especially if the chance of being subjected to an identity theft campaign is highly imminent. The ruling is enforced by a state agency named Office of the Australian Information Commissioner (OAIC).

The real estate firm went public and issued a press release stating that the Sales Inventory profile used by a contracted recruitment agency is to blame for the breach. “First National immediately responded through every appropriate channel to ensure that its network had not breached or participated in any notifiable data breach. As this breach is not within First National’s responsibility, we, like all networks with the real estate industry are dependent upon the Sales Inventory Profile organisation complying with the necessary security arrangements. We are working with our affected offices, and more importantly, any applicants that have been affected,” explained Ray Ellis, Network Chief Executive, First National.

The leaked resumes and cover letters can be found floating online, a copy of the Amazon S3 bucket also contains around 300 psychometric exams questions and answers as well. Additional information such as technical skills, length of tenure with other companies and information about the applicants’ reference persons are also included in the breached data. That means there are more things than meets the eye, as 3rd party people who just happened to be the chosen personal references of the application lost their data as well.

It is not yet known if First National will spend for the applicants and employees credit protection service. Credit protection service, also known as credit monitoring service aggressively creates a 24/7 checking of the borrower’s financial actions for potentially fraudulent transactions. Stolen information can be used by the cybercriminals to pretend to be their victim, transacting on behalf of the original owner of the information.

Gareth Llewellyn, an information security officer for Brass Horn Communication stated in her Twitter account that she got hold from the Internet some lost records from the breach. He saw the information leaked documents himself, which are very glaring since these are enough information to pull off a very successful fraud transaction at the expense of the real owner of the data.

The post First National’s Amazon S3 Bucket Leaked, 6,000 Applicant Resumes Exposed appeared first on .

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

When a normal person hears the phrase computer forensics, immediately comes to mind an image of a shadowy figure wearing reflective glasses and a white lab coat inside a server room. The goal of digital forensics is to recover information from media held by a suspect, in the hopes to extract relevant information for the resolution of a crime. Some of the first digital crimes date back to the late seventies and early eighties. In those days, computer security and privacy were the topics of interest only for a very small group of innovative computer scientists.

Before the arrival of the new millennium, the discussion still revolved mainly around the recognition of computer crimes as serious threats to personal, business and national security. The typical forensic process has several distinct stages: seizure, forensic acquisition, analysis and the production of a report based on the collected data.

Computer forensic specialists deal with both the private sector and the public sector. When it comes to the public sector, their job is to support or refute a hypothesis before criminal or civil courts. The bread and butter of forensic investigators in the private sector are corporate investigations and intrusion investigations. As the complexity of modern technology increases, computer forensic specialists often concentrate on one or more subcategories of digital forensic science, to gain knowledge at the expert level.

Digital forensic experts are hired for specific cases of corporate, political and even personal nature.
In the case of corporate espionage, in companies whose email accounts of managers have been hacked to appropriate strategic business information.

  1. Politically, they are responsible for complaints about spying emails with political motives.
  2. In the personal area, in cases of violation of privacy for sentimental reasons of ex-partners who circulate defamatory information or photos of explicit sexual content on the internet and social networks.
  3. In addition, they deal with false profiles of computer criminals.

To describe some of the many forensic computer tools used by forensic computer researchers and specialists, imagine a crime scene with child pornography stored on a personal computer. In most cases, researchers first disconnect the hard drive from the PC and connect it to a hardware write lock device. This device makes it completely impossible to alter the contents of the HDD in any way at the same time allowing researchers to capture and preview the contents of the disk.

Many professional forensic specialists prefer to build their own custom toolboxes from individual tools and utilities that exactly match their needs and preferences. The options are plentiful for each stage of the forensic data recovery process, including forensic hard disk analysis and forensic file system analysis.

The field of forensic software analysis is full of innovative and prolific, existing software companies that are ready to expand their operations. Remember, to catch a criminal, you must think like a criminal. A digital forensic analyst has to be incredibly curious about how computers work and how people behave as well. In addition to curiosity and knowledge, the digital forensic surgeon is expected to have above-average oral and communication skills. A considerable part of an expert’s work is devoted to writing reports and explaining evidence.

The post What Is Computer Digital Forensics? How Can You Qualify As One? appeared first on .

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

New attacks that target a recent PHP framework vulnerability have been detected.

It was last month that a code vulnerability was detected in the ThinkPHP framework; ThinkPHP is a rapid-development framework that is developed by TopThink, a Chinese firm. The vulnerability- CVE-2018-20062- was soon patched, but then a researcher detected new attacks targeting the vulnerability.

Vulnerability researcher Larry Cashdollar has found that multiple threat actors are exploiting this ThinkPHP vulnerability to launch cryptominers, skimmers and other malware payloads.

Dark Reading reports, “Larry Cashdollar, a vulnerability researcher and member of Akamai’s Security Incident Response Team, was doing research on a recent Magecart attack targeting extensions to the Magento e-commerce platform when he noticed a malware request he hadn’t seen before – a request to ThinkPHP.”

In a blog post that describes these attacks, Cashdollar writes, “While investigating the recent Magecart card skimming attacks, I came across a payload I was not familiar with. Further research into it lead me to discover that in December a researcher disclosed a remote command execution vulnerability in ThinkPHP, a web framework by TopThink…The developers fixed the vulnerability stating that because “the framework does not detect the controller name enough, it may lead to possible ‘getshell’ vulnerabilities without the forced routing enabled.” It appears that the code does not properly sanitize user input allowing an unauthenticated user to specify their own filter function to execute. The vulnerability has been assigned CVE-2018-20062.”

He further adds, “There are multiple actors abusing this flaw to install everything from a Mirai like botnet to Microsoft Windows malware…Currently we’re seeing widespread scanning for the ThinkPHP vulnerability. Threat actors are performing one of many simple checks.”

Cashdollar explains that the threat actors are exploiting the vulnerability to install coin miners, skimmers etc, to install different kinds of payload targeting Windows systems, IoT devices etc or to mine Bitcoin/Monero coins. He also points out that the threat actors can, using a single line of code, scan for the presence of the vulnerability and then exploit it for carrying out attacks involving simple cut-and-paste code that is widely available.

While observing the many payloads delivered exploiting the ThinkPHP vulnerability, Larry Cashdollar has seen a Mirai variant, which he thinks is a matter of concern.

The Dark Reading report quotes Cashdollar as saying, “I had been waiting for Mirai botnet kits to include Web app code in their arsenal, and this was an indicator that it’s happening.”

The report further says, “The code being executed through the PHP framework calls can skip a series of steps long considered essential for malware.” Cashdollar is quoted as saying that unlike in the 1990s, threat actors today don’t try to get root access. Instead, they just execute code on a system as a user and spread botnet, share malware or mine cryptocurrency. Their intention now it to execute code on large numbers of systems.

Though it’s in Asia that the attack has largely happened, cybercriminals exploiting the ThinkPHP framework vulnerability are actively scanning systems in other parts of the world as well. There are as many as 600 scans happening per day, with threat actors scanning software companies, car rental firms etc.

Some Web application security firms have reportedly begun writing advisories to their customers regarding this vulnerability. Cashdollar says that companies that are using the ThinkPHP framework should update it to the current version immediately.

The post Attacks Targeting Recent PHP Framework Vulnerability Found appeared first on .

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Troy Hunt, a prolific cybersecurity researcher has probably assembled one of the largest data leak collection in the world at the time of this writing. A collection of aggregate massive leaks containing 773 million email addresses and around 21 million passwords. Dubbed ‘Collection #1’, when laid out in a spreadsheet, it will occupy 2,692,818,238 rows.

“Collection #1 is a set of email addresses and passwords totaling 2,692,818,238 rows. It’s made up of many different individual data breaches from literally thousands of different sources,” explained by Hunt.

Anonymous sources gave him a lead to track down a huge stash of files, measuring 87 GB from MEGA (a mainstream cloud storage service). The 87GB data stash is contained in the 12,000 files.

“However, what I can say is that my own personal data is there and it’s accurate; right email address and a password I used many years ago,” revealed Hunt.

With the information at hand, Hunt voluntarily created a website haveibeenpwned.com, in order for people to search their email address and see if their email accounts one way or another was part of the data leak contained in the collection. Newly created email accounts are more likely to produce ‘Good news – no pwnage found!’which indicates that cybercriminals involved in the data leaks didn’t get a hold of the user’s email address. A message ‘Oh no – pwned!’ indicate that the email account of the user somehow was part of the hacked data now at the hands of cybercriminals.

One of the biggest data leaks in an email system was Yahoo, that happened in 2013 covering 3 billion Yahoomail accounts. Most of the ‘Oh no – pwned!” result came from old Yahoo emails predating the year 2013. This was very damaging to Yahoo as their user base dwindled in favor of their more popular rival, Gmail due to the incident.

It is easy to just abandon a personal email account if it tends to be included in the Pwned Password list provided by Mr. Hunt. The only silver lining is for users to ensure that their passwords will be kept secure from this point going forward. Surely if someone asked us how many passwords we have or how many services we put some type of verification with username and password that number would surely exceed 15 per individual. We also manage our own social network accounts in which we have a username and password to access them.

A typical user will probably repeat an already used password across multiple accounts, or with easy variations to be able to remember them, but this is a big security failure. For the fact that if someone with bad intentions knew our password could do a lot of damage in the services in which we are registered. The solution is very simple and will not leave you indifferent: password managers, Programs capable of remembering passwords and users that we have previously added and thus help us remember them, which also allow creating more secure passwords, no matter how difficult they may be.

The post What We Need To Learn From The World’s Largest Data Leak? appeared first on .

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

The New Year marriage of two security firms took place, as Zix, an email security consulting firm announced the acquisition of AppRiver, a cloud-based cybersecurity vendor to the tune of $275 million, an all-cash transaction purchase. With the acquisition, Zix is estimated to reach their target profit of $180 million, with the target revenue is seen growing from 11% to 15% for the fiscal year 2019.

Founded in 2002, AppRiver’s business model is to provide subscription services for email and IT security tools. They are in the business of antispam and antimalware, encryption technology, Exchange server hosting and archiving technology. AppRiver is also a Microsoft certified partner for Office 365 and Windows servers, one of the companies that help host more than 60,000 clients of Microsoft technology globally.

In the early stages of the acquisition, Zix will be able to save $8 million due to a more efficient corporate structure for the next one and the half years after the acquisition. Part of completing the deal is Zix’s loan of $175 million, plus $25 million in structured credit from Keybanc Capital Markets and SunTrust Bank. Zix also released $65 million Series A preferred stocks for True Wind Capital to close the deal.

AppRiver’s key people like Brandon Van Buren and James Greene will be part of Zix board of directors once the agreement is in force. “From a cross-selling standpoint, the acquisition provides attractive and abundant synergies at the onset. Over the past two years, Zix has been successfully executing on its strategy of becoming a leading provider of email security for compliance. The acquisition helps us expand our customer base, enhance our advanced threat protection position, and accelerate our high-velocity go-to-market strategy through AppRiver’s numerous and long-standing channel partnerships,” explained David Wagner, Zix CEO.

True Wind Capital, the current mother firm of AppRiver will also add $100 million in investment for the acquisition in order to usher a strong start for the latter under the Zix brand. Acquisition of this kind is nothing new in the industry, recently the tech giant Akamai bought an access control security startup vendor, Janrain. With the purchase, Akamai hopes to tap the technology in order to strengthen its portfolio. Radware, a mainstream DDoS Firewall vendor is also trying to acquire ShieldSquare, an automation management vendor.

The post The Marriage Of Two Security Companies: Zix Acquires AppRiver appeared first on .

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

System administrators are tasked with monitoring software network / server that runs the backbone of any business today. They have to be alert with the activities on the system and should detect slow or defective components. The monitoring tools that we will be featuring here can automatically send updates or activate backup copies in case of interruptions caused by server crashes or overloads, network connections and other factors. In the case of requesting the status of the faults, the monitoring software can send an alarm message to the system administrator, in turn in failover systems to eliminate the problem of the server until it can be corrected, or make other imperative actions.

For those of people who are looking for monitoring tools that can handle small and large infrastructures, here is a list of some of the best open source applications and network monitoring software that you can use for free:

Zenoss Core

Based on the Zope application server and written in Python, Zenoss Core is a server and network management platform that combines original programming and several open source projects to integrate data storage and data collection processes. data through the Web-based user interface. It allows users to monitor availability, inventory and configuration, performance and events. Zenoss Core is able to monitor the availability of network devices through SNMP, SSH, WMI, network services like HTTP, POP3, NNTP, SNMP, FTP and host resources (processor, disk usage) in most systems network operations. A plug-in architecture provided by ZenPacks allows members of the community to extend its functionality. ZenPacks are encapsulated in Python and instrumentation supplies and reports for units of the tracking infrastructure.

Cacti

Cacti is a graphical web tool that is designed as a complete interface for RRDtool data storage and graphical utility that allows users to monitor and graph the CPU load, network bandwidth utilization, traffic network, and much more. It can be used to configure the data collection itself, which allows particular configurations, to be controlled without any manual configuration of RRDtool. Cacti allows to poll the services in the pre-established period and the graph of the resulting data. It is mainly used to graphically represent the time series data of parameters such as the CPU load and the network bandwidth utilization. Cacti can be extended to control any source through shell scripts and executables. It also supports plug-in architecture and has a large and active community that has gathered around the Cacti forums to provide scripts, templates and tips on creating plugins.

Nagios

Nagios is considered one of the most popular, if not the most popular open source network monitoring system available. It was originally designed to run on Linux, but other Unix variants are also supported. Nagios provides monitoring of network services like SMTP, POP3, HTTP, NNTP, ICMP, SNMP, FTP, SSH and host resources like processor load, disk usage, system logs, among others. The remote control is managed through SSH tunnels or encrypted SSL. Nagios has a simple design that offers users the freedom to develop their service checks without own effort based on the needs and by using any of the support tools that you like. To detect and differentiate between hosts that are below and those that are unreachable, Nagios allows you to define the hierarchy of the host network with the “parent” hosts. When services or reception problems arise, the notification will be sent to the person in charge of the network through email, SMS, etc.

Munin

Like the Cacti, Munin uses RRDtool to present graphical results through a web interface. It has a master / node architecture in which the master binds all the nodes at regular intervals and requests the data. Using Munin, you can quickly and easily monitor the performance of your computers, networks, SAN networks, and applications. This makes it easy to detect the problem when a performance problem occurs and see clearly how it is doing the rational capacity of all restricted resources. For the Munin plugin, its main priority is the plug and play architecture. It has a lot of control plugins available that will easily work without a lot of modifications.

Zabbix

Zabbix is a kind of business-type surveillance mechanism that is fully equipped and has commercial support. It is able to monitor and track the status of different types of network services, servers and other network hardware. Zabbix has great visualization features including user defined views, zoom, and cartography. It has a versatile communication method that allows a quick and easy configuration of the different types of notifications of predefined events. Zabbix has three main modules: the server, the agents, and the user. To store the tracking data, you can use MySQL, PostgreSQL, Oracle or SQLite as the database. With no need to install any software on the tracking host, Zabbix allows users to check the availability and responsiveness of standard services, such as SMTP or HTTP. To monitor statistics, such as CPU load, network utilization, and disk space, a Zabbix agent must be installed on the host machine. Zabbix includes support for monitoring through SNMP, TCP and ICMP controls, IPMI and custom parameters as an option to install an agent on hosts.

The post Top 5 Monitoring Tools Every System Administrators Should Know appeared first on .

Read Full Article

Read for later

Articles marked as Favorite are saved for later viewing.
close
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Separate tags by commas
To access this feature, please upgrade your account.
Start your free month
Free Preview