Professional Documents
Culture Documents
dreams never turn to reality unless a lot of effort and hardwork is put into
it.and no effort bears fruit in the absence of support and guidance.it takes a
lot of effort to work your way through this goal and having someone to guide
you and help you is always a blessing.we would like to take this oppurtunity
to thank a few who were closely involved in the completion of this small
dream of ours - this project.
at the outset we thank the principal mr. ommen samuel for granting
permission to proceed with the project .
we would like to thank the vsnl authorities for providing this great
opportunity to us.
we thank our families and friends whose prayer and encouragement kept us
going.
last but not the least we thank the lord for giving us the confidence and the
ability to achieve this dream
introduction
even a small company may have a number of pieces of hardware with many services and
software packages running on them. larger companies may have hundreds or even thousands of
items to keep up and running. both small and large companies may have decentralized
operations, implying a decentralized it infrastructure, with no ability to physically see many of
the machines at all.
naturally, each piece of hardware will have a unique set of software products running on it. faced
with a multitude of hardware and software to monitor, administrators cannot pay attention to
each specific item; the default posture in this kind of situation is to respond to service outages on
a reactive basis. worse, awareness of the problem usually comes only after an end-user
complains.
therefore, an automated tool that can help in system administration can be extremely helpful.
these tools go by the generic name of network management software, and all share the capability
to:
•keep track of all the services and machines running in the infrastructure;
•run from a central location to reduce the need to physically go to each machine; and,
feasibility study
feasibility study is a test of a system proposal, according to its workability, impact on the
organization, ability to meet the user needs and effective use of resources. thus when a new
application is proposed, it normally goes through a feasibility study before it is approved for
development. the main objective of feasibility study is not to solve the problem but acquire a
sense of its scope. during the study, the problem definition is crystallized and aspects of the
problem to be included in the system are determined. every project is feasible, given unlimited
resources and infinite time. it is both necessary and prudent to evaluate of the project at the
earliest possible time. so a detailed study was carried out to check the workability of the system.
during the feasibility study of the project some primary area of interest is considered very
carefully.
they are:
economic feasibility: - an evaluation of development cost weighed against the ultimate
income or benefit derived from the developed system or product.
technical feasibility: -a study of function, performance and constraint that may affect the
ability to achieve an acceptable system.
technical feasibility
open source doesn't just mean access to the source code. the license shall not restrict any
party from selling or giving away the software as a component of an aggregate software
distribution containing programs from several different sources. the program must
include source code, and must allow distribution in source code as well as compiled form.
the license must allow modifications and derived works, and must allow them to be
distributed under the same terms as the license of the original software. it may restrict
source-code from being distributed in modified form only if the license allows the
distribution of "patch files" with the source code for the purpose of modifying the
program at build time. it must not discriminate against any person or group of persons. it
must not restrict anyone from making use of the program in a specific field of endeavor.
the rights attached to the program must apply to all to whom the program is redistributed
without the need for execution of an additional license by those parties. the rights
attached to the program must not depend on the program's being part of a particular
software distribution. the license must not place restrictions on other software that is
distributed along with the licensed software. no provision of the license may be
predicated on any individual technology or style of interface.
•the freedom to run the program, for any purpose (freedom 0).
•the freedom to study how the program works, and adapt it to your needs (freedom 1).
access to the source code is a precondition for this.
•the freedom to redistribute copies so you can help your neighbor (freedom 2).
•the freedom to improve the program, and release your improvements to the public,
so that the whole community benefits (freedom 3). access to the source code is a
precondition for this.
a program is free software if users have all of these freedoms.
moreover linux operating system,apache web server,gd library and gcc - all used to run
nagios ,are freely available.
an srs establishes the basis for agreement between the client and the supplier on what the
software product will do.it is the medium through which the client and the user needs are
accurately specified to the developer.it provides a reference for validation of the final product.it
is a prerequisite to high quality software and also reduces the development cost.
i/o design forms one of the major aspects of any system design. it requires much careful
attention towards the user side. it defines the interface between user and system. carefully
designed inputs and outputs define how effective the system is.
input design
input design converts user-oriented inputs to computer-based format, which
requires careful attention.in input design, data is accepted for computer processing and input to
the system.inaccurate input data is the most common cause of errors in data processing.
output design
outputs are the most important and direct source of information to the user and to the
department. intelligent output design will improve the systems relationship with the user and
help much in decision-making. outputs are also used to provide a permanent hard copy of the
results for later uses. outputs can be meant for users as well as management.
a data flow diagram (dfd) is a diagram that describes the flow of data and the processes
that change or transform data throughout a system. it is a structured analysis and design tool that
can be used for flowcharting in place of, or in association with, information oriented and process
oriented system flowcharts. when analysts prepare the dfd, they specify the user needs at a level
of detail that virtually determines the information flow into and out of the system and the
required data resources. this network is constructed by using a set of symbols that do not imply a
physical implementation. the dfd reviews the current physical system, prepares input and output
specification, specifies the implementation plan etc.
Host Alive
Checking
NAGIOS
SERVER
BRAS
Services
NAGIOS
SERVER BRAS
Alerts
NAGIOS
SERVER
working environment
hardware requirements
processor :pentium 4
memory :1 gb
hard disk :40 gb
keyboard :108 keys
mouse :standard mouse
monitor :vga color monitor
lan card
software requirements
linux
network architecture
the vsnl network we monitored consisted mainly of cisco switches 2950 and 3750.
the cisco catalyst 2950 series switch is a fixed-configuration, stackable standalone switch that
provides wire-speed fast ethernet and gigabit ethernet connectivity. this switch offers two distinct
sets of software features and a range of configurations to allow small, midsize, and enterprise
branch offices and industrial environments to select the right combination for the network edge.
standard image software offers cisco ios software functions for basic data, voice, and video
services. for networks with requirements for additional security, advanced quality of service
(qos), and high availability, enhanced image software delivers intelligent services such as rate
limiting and security filtering for deployment at the network edge.
the cisco catalyst 3750 series switch is an innovative product for midsize organizations and
enterprise branch offices. featuring cisco stackwise technology, the switch improves lan
operating efficiency by combining ease of use and the highest resiliency available for stackable
switches.cisco stackwise technology is a revolutionary stacking architecture that brings high
levels of resiliency, automation, and performance to stackable switches. with cisco stackwise
technology, customers can create a single, 32-gbps switching unit with up to nine cisco catalyst
3750 series switches.
they are connected to the main internet cloud via bras.it is a cisco 7301 router.
a broadband remote access server (bras) routes traffic to and from the digital subscriber line
access multiplexers (dslam) on an internet service provider's (isp) network.the bras sits at the
core of an isp's network, and aggregates user sessions from the access network. it is at the bras
that an isp can inject policy management and ip quality of service (qos).
the specific tasks include:
the compact cisco 7301 router is the industry's highest performance single rack unit router with
million packets per second processing. with 3 built-in gigabit ethernet interfaces (copper or
optical) and a single slot for any cisco 7000 series port adapter, the cisco 7301 is highly flexible
for a variety of applications. additionally for broadband aggregation, the cisco 7301 supports up
to 16,000 subscribers sessions making it ideal for pay-as-you-grow broadband deployment
models.
a dslam collects data traffic from multiple subscribers into a centralized point so that it can be
uploaded to the router over a frame relay, atm, or ethernet connection.the router provides the
logical termination for ppp sessions. these may be ppp over ethernet (pppoe) or ppp over atm
(pppoa) encapsulated sessions. by acting as the ppp termination point, the bras is responsible for
assigning session parameters such as ip addresses to the clients. the bras is also the first ip hop
from the client to the internet.the bras is also the interface to authentication, authorization and
accounting systems
a digital subscriber line access multiplexer (dslam) allows telephone lines to make faster
connections to the internet. it is a network device, located near the customer's location, that
connects multiple customer digital subscriber lines (dsls) to a high-speed internet backbone line
using multiplexing techniques.by locating dslams at locations remote to the telephone company
central office (co), telephone companies are now providing dsl service to consumers who
previously did not live close enough for the technology to work.
the dslam at the co collects the digital signals from its many modem ports and combines them
into one signal, via multiplexing.depending on the product, dslams connect dsl lines with some
combination of asynchronous transfer mode (atm), frame relay or internet protocol networks .in
terms of the osi 7 layer model, the dslam acts like a massive network switch, since its
functionality is purely layer 2.the aggregated signal then loads onto backbone switching
equipment, traveling through an access network (an) — also known as a network service
provider (nsp) — at speeds of up to 10 gbit/s and connecting to the internet-backbone.the dslam,
functioning as a switch, collects the adsl modem data (connected to it via twisted or non-twisted
pair copper wire) and multiplexes this data via the gigabit link that physically plugs into the
dslam itself, into the telco's backbone.a dslam is not always located in the telephone company
central office, but may also serve customers within a neighborhood serving area interface (sai),
sometimes in association with a digital loop carrier. dslams are also used by hotels, lodges,
residential neighbourhoods and other corporations setting up their own private telephone
exchange.besides being a data switch and multiplexer, a dslam is also a large number of modems,
each modem on the aggregation card communicating with a subscriber's dsl modem. this modem
function being inside the dslam rather than separate hardware, and being wideband rather than
voiceband, it isn't often called a modem.
customers connect to the dslam through adsl modems or dsl routers, which are connected to the
pstn network via typical unshielded twisted pair telephone lines. each dslam has multiple
aggregation cards, and each such card can have multiple ports to which the customers lines are
connected. typically a single dslam aggregation card has 24 ports, but this number can vary with
each manufacturer. the most common dslams are housed in a telco-grade chassis, which are
supplied with (nominal) 48 volts dc. hence a typical dslam setup may contain power converters,
dslam chassis, aggregation cards, cabling, and upstream links. the most common upstream links
in these dslams use gigabit ethernet or multi-gigabit fiber optic links.
ip-dslam stands for internet protocol digital subscriber line access multiplexer. user traffic is
mostly ip based.traditional 20th century dslam used asynchronous transfer mode (atm)
technology to connect to upstream atm routers/switches. these devices then extract the ip traffic
and pass it on to an ip network. ip-dslams extract the ip traffic at the dslam itself. thus it is all ip
from there. advantage of ip-dslam over a traditional atm dslam is in terms of lower capital
expenditure and operational expenditure and a richer set of features and functionality.
digital subscriber line (dsl) technology is a modem technology that uses existing twisted-pair
telephone lines to transport high-bandwidth data, such as multimedia and video, to service
subscribers. the term xdsl covers a number of similar yet competing forms of dsl technologies,
including adsl, sdsl, hdsl, hdsl-2, g.shdl, idsl, and vdsl. xdsl is drawing significant attention from
implementers and service providers because it promises to deliver high-bandwidth data rates to
dispersed locations with relatively small changes to the existing telco infrastructure.
xdsl services are dedicated, point-to-point, public network access over twisted-pair copper wire
on the local loop (last mile) between a network service provider's (nsp) central office and the
customer site, or on local loops created either intrabuilding or intracampus. currently, most dsl
deployments are adsl, mainly delivered to residential customers.
asymmetric digital subscriber line (adsl) technology is asymmetric. it allows more bandwidth
downstream—from an nsp's central office to the customer site—than upstream from the
subscriber to the central office. this asymmetry, combined with always-on access (which
eliminates call setup), makes adsl ideal for internet/intranet surfing, video-on-demand, and
remote lan access. users of these applications typically download much more information than
they send.
adsl transmits more than 6 mbps to a subscriber and as much as 640 kbps more in both directions
(shown in figure 21-1). such rates expand existing access capacity by a factor of 50 or more
without new cabling. adsl can literally transform the existing public information network from
one limited to voice, text, and low-resolution graphics to a powerful, ubiquitous system capable
of bringing multimedia, including full-motion video, to every home this century.
figure 21-1 the components of an adsl network include a telco and a cpe
adsl will play a crucial role over the next decade or more as telephone companies enter new
markets for delivering information in video and multimedia formats. new broadband cabling will
take decades to reach all prospective subscribers. success of these new services depends on
reaching as many subscribers as possible during the first few years. by bringing movies,
television, video catalogs, remote cd-roms, corporate lans, and the internet into homes and small
businesses, adsl will make these markets viable and profitable for telephone companies and
application suppliers alike.
an adsl circuit connects an adsl modem on each end of a twisted-pair telephone line, creating
three information channels: a high-speed downstream channel, a medium-speed duplex channel,
and a basic telephone service channel. the basic telephone service channel is split off from the
digital modem by filters, thus guaranteeing uninterrupted basic telephone service, even if adsl
fails. the high-speed channel ranges from 1.5 to 9 mbps, and duplex rates range from 16 to 640
kbps. each channel can be submultiplexed to form multiple lower-rate channels.
adsl characteristics:
asymmetric – the data can flow faster in one direction than the other. more precisely, data
transmission is faster downstream (to the user) to the subscriber than upstream (from the
user). costumers do not need a high bi-directional transmission speed. they actually
connect to the internet in a relatively passive mode because the amount of data they
download is enormously higher than the amount of data they transmitting.
digital – no type of communication is transferred in an analog method. all data is purely
digital, and only at the end, modulated to be carried over the line.
subscriber line – the data is carried over a single twisted pair copper loop to the subscriber
premises
languages & tools
nagios
nagios
nagios is a system and network monitoring application. it is an open source,
unix-based enterprise monitoring package with a web-based
front-end or console. it watches hosts and services that you specify, alerting you
when things go bad and when they get better. nagios can monitor assets like
servers, network devices,and applications, essentially any device
or service that has an address and can be contacted via tcp/ip. it
can monitor hosts running microsoft windows, unix/linux, novell
netware,and other operating systems. we can use a variety of
network protocols, including http, snmp, and ssh, to conduct this
monitoring. nagios can also receive snmp traps, and we can build
and easily integrate our own custom monitoring checks using a
variety of languages, including c, perl,and shell scripts.
nagios is designed to primarily run on the linux operating system.nagios installations consist of
two major components: the nagios server and the nagios plug-ins. the nagios server is the core of
the nagios solution and performs functions such as interpreting the configuration, running the
web console, and initiating notifications and checks. the nagios plug-ins provide the interfaces to
hosts, devices, and applications to allow you to monitor them.
nagios has an impressive list of features that include:
•a very informative web interface that makes it very easy to identify problem hosts.
nagios runs on unix and its variants and optionally requires a web server to be installed
(for the web interface).
to understand the usefulness of nagios, consider a typical it infrastructure that one or
more system administrators are responsible for. even a small company may have a
number of pieces of hardware with many services and software packages running on
them. larger companies may have hundreds or even thousands of items to keep up and
running. both small and large companies may have decentralized operations, implying a
decentralized it infrastructure, with no ability to physically see many of the machines at
all.
naturally, each piece of hardware will have a unique set of software products running on
it. faced with a multitude of hardware and software to monitor, administrators cannot pay
attention to each specific item; the default posture in this kind of situation is to respond
to service outages on a reactive basis. worse, awareness of the problem usually comes
only after an end-user complains.
therefore, an automated tool that can help in system administration can be extremely
helpful. these tools go by the generic name of network management software, and all
share the capability to:
•keep track of all the services and machines running in the infrastructure;
•run from a central location to reduce the need to physically go to each machine;
and,
two main problems keep network management software from being more widely used:
nagios is an open source network management tool that solves the first problem. it too,
requires a fair amount of configuration, but there are a couple of suggestions to reduce
that burden later in this article.
the nagios architecture
the nagios application runs on a central server, either linux or unix. each piece of
hardware that must be monitored runs a nagios daemon that communicates with the
central server. depending on the instructions in the configuration files the central server
reads, it will "reach out and touch" the remote daemon to instruct it to run a necessary
check. while the application must run on linux or unix, the remote machines may be any
piece of hardware that may be communicated with.
depending upon the response from the remote machine, nagios will then respond with an
appropriate action, again, according to its configuration. depending upon what remote
test needs to be performed, nagios will perform the test via a native machine capability
(e.g., test to see if a file exists) or will run a custom test program (called a plugin) to test
something more specific (e.g., check to see if a particular set of values has been placed
into a database). if a check return value is not correct, nagios will raise an alert via one
or several methods -- again, according to how it has been configured.
plugin theory
in order for nagios to be of any use, install plugins.plugins are usually
installed in the /usr/local/nagios/libexec. plugins are scripts or binaries which perform all
the service and host checks that constitute monitoring. plugins are compiled executables
or scripts (perl, shell, etc.) that can be run from a command line to check the status or a
host or service. nagios uses the results from plugins to determine the current status or
hosts and services on the network. nagios is useless without them.
unlike many other monitoring tools, nagios does not include any internal mechanisms for
checking the status of services, hosts, etc. instead, nagios relies on external programs
(called plugins) to do all the dirty work. nagios will execute a plugin whenever there is a
need to check a service or host that is being monitored. the plugin does something to
perform the check and then simply returns the results to nagios. nagios will process the
results that it receives from the plugin and take any necessary actions .
the image below shows how plugins are separated from the core program logic in nagios.
nagios executes the plugins which then check local or remote resources or services of
some type. when the plugins have finished checking the resource or service, they simply
pass the results of the check back to nagios for processing
010009000003ae1806000000254a030000001610000026060f002220574d464301000000
00000100c81b000000002d00000000200000ec740500ec940500010000006c0000000000
000000000000a1020000d4000000000000000000000046520000ff19000020454d460000
0100ec9405000e0000000100000000000000000000000000000000040000000300004001
0000f000000000000000000000000000000000e2040080a90300460000002c0000002000
0000454d462b014001001c000000100000000210c0db0100000060000000600000004600
00005000000044000000454d462b224004000c000000000000001e4009000c0000000000
0000244001000c000000000000003040020010000000040000000000803f214007000c00
the good thing about the plugin architecture is that we can monitor just about anything we
can think of. if we can automate the process of checking something, we can monitor it
with nagios. the only real downside to the plugin architecture is the fact that nagios has
absolutely no idea what it is that we’re monitoring. as such, nagios cannot produce graphs
of changes to the exact values of resources we’re monitoring over time. it can only track
changes in the state of those resources. only the plugins themselves know exactly what
they’re monitoring and how to perform checks. however, plugins can return optional
performance data along with status information.this performance data can then be passed
on to external applications which could produce graphs of service-specific information .
when nagios needs to check the status of a particular service that we have defined, it will
execute the plugin specified in the <check_command> argument of the service
definition. the plugin will check the status of the service or resource specified and return
the results to nagios.in each host definition we use the <host_check_command> argument
to specify a plugin that should be executed to check the status of the host. host checks are
not performed on a regular basis - they are executed only as needed, usually when there
are problems with one or more services that are associated with the host.host checks can
use the same plugins as service checks. the only real difference between the two types of
checks is in the interpretation of the plugin results. if a plugin that is used for a host check
results in a non-ok status, nagios will believe that the host is down.
in most situations, we’ll want to use a plugin which checks to see if the host can be
pinged, as this is the most common method of telling whether or not a host is up.
snmp
in today's complex network of routers, switches, and servers, it can seem like a daunting task to
manage all the devices on the network and make sure they're not only up and running but
performing optimally. this is where the simple network management protocol (snmp) can help.
snmp was introduced in 1988 to meet the growing need for a standard for managing internet
protocol (ip) devices. snmp provides its users with a "simple" set of operations that allows these
devices to be managed remotely. cisco systems currently includes snmp support in every router
and communications server. cisco snmp agents communicate successfully with all snmp-
compliant nmss.cisco routers provide many useful system monitoring and management
capabilities to help administrators manage large cisco router-based internetworks.cisco routers
also can report a wide variety of information about their internal configuration and status. cisco's
snmp implementation allows trap messages to be directed to multiple management stations. this
capability allows virtually instantaneous notification of network problems across the
internetwork.
• managed devices
• agents
a managed device is a network node that contains an snmp agent and that resides on a managed
network. managed devices collect and store management information and make this information
available to nmss using snmp. managed devices, sometimes called network elements, can be any
type of device including, but not limited to, routers and access servers, switches and bridges,
hubs, ip telephones, computer hosts, or printers.
an nms executes applications that monitor and control managed devices. nmss provide the bulk
of the processing and memory resources required for network .
snmp uses the user datagram protocol (udp) as the transport protocol for passing data between
managers and agents.udp was chosen over the transmission control protocol (tcp) because it is
connectionless; that is, no end-to-end connection is made between the agent and the nms when
datagrams are sent back and forth.snmp has been implemented over tcp, but this is more for
special-case situations in which someone is developing an agent for a proprietary piece of
equipment. snmp uses the udp port 161 for sending and receiving requests, and port 162 for
receiving traps from managed devices. every device that implements snmp must use these port
numbers as the defaults
when either an nms or an agent wishes to perform an snmp function (e.g., a request or trap), the
following events occur in the protocol stack:
application
first, the actual snmp application (nms or agent) decides what it's going to do. for example, it can
send an snmp request to an agent, send a response to an snmp request (this would be sent from
the agent), or send a trap to an nms. the application layer provides services to an end user, such
as an operator requesting status information for a port on an ethernet switch.
udp
the next layer, udp, allows two hosts to communicate with one another. the udp header contains,
among other things, the destination port of the device to which it's sending the request or trap.
the destination port will either be 161 (query) or 162 (trap).
ip
the ip layer tries to deliver the snmp packet to its intended destination, as specified by its ip
address.
the final event that must occur for an snmp packet to reach its destination is for it to be handed
off to the physical network, where it can be routed to its final destination. the mac layer is
comprised of the actual hardware and device drivers that put theipdata onto a physical piece of
wire, such as an ethernet card. the mac layer also is responsible for receiving packets from the
physical network and sending them back up the protocol stack so they can be processed by the
application layer (snmp, in this case).
at present there are three different implementations of the snmp protocol.there is namely;
snmpv1, snmpv2c, and snmpv3. nagios works with all versions of snmp.
snmp uses five basic messages (get, get-next, get-response, set, and trap) to
communicate between the manager and the agent. the get and get-next messages allow the
manager to request information for a specific variable. the agent, upon receiving a get or get-next
message, will issue a get-response message to the manager with either the information requested
or an error indication as to why the request cannot be processed. a set message allows the
manager to request a change be made to the value of a specific variable in the case of an alarm
remote that will operate a relay. the agent will then respond with a get-response message
indicating the change has been made or an error indication as to why the change cannot be made.
the trap message allows the agent to spontaneously inform the manager of an "important" event.
the small number of commands used is only one of the reasons snmp is "simple." the other
simplifying factor is its reliance on an unsupervised or connectionless communication link. this
simplicity has led directly to its widespread use, specifically in the internet network management
framework. within this framework, it is considered "robust" because of the independence of the
managers from the agents, e.g. if an agent fails, the manager will continue to function, or vice
versa.
snmp advantages:
• simple design & implementation
-users can easily program variables that they want to monitor
• expansibility
-protocol can be updated to meet future needs.
snmp disadvantages:
• security gaps
-intruders access to the information carried along the network
-snmp version 2 has fixed some security issues
testing methods
system testing is the stage of implementation which is aimed at ensuring that the system
works accurately and efficiently before a live operation begins. during the development of this
software project, errors of various types can occur at various stages. the first major hurdle in the
process of implementation is the period of testing the system. the debugging process is the most
unpredictable part of the testing procedure. to make the system developed here to be reliable and
accepted, various testing methods are used
further testing methods are implemented to make the software developed here completely
error-free and reliable. the types of tests conducted are described below followed by the testing
strategies adopted.
testing objectives
testing is a process of executing a program and finding a bug.
a good test case is one that has a high probability of finding an undiscovered error.
if testing is conducted successfully according to the objectives as stated above, it would uncover
errors in the software. also testing demonstrates that software functions appear to the working
according to the specification, that performance requirements appear to have been met.
for correctness
tests for correctness are supposed to verify that a program does exactly what it was designed to
do. this is much more tedious than it may at first appear, especially for large programs.
tests for implementation efficiency attempt to find ways to make a correct program faster or use
less storage. it is a code-refining process, which re-examines the implementation phase of
algorithm development. tests for computational complexity amount to an experimental analysis
of the complexity of an algorithm or an experimental comparison of two or more algorithms,
which solve the same problem.
preventive measures
spot checks
retesting
for our project has been verified by the reputed faculty of the organization.
whenever an error occurred, it was corrected on the spot. a quality team deputed by the
management verified tested the software .
security measures
system security refers to the technical innovations and procedures applied to the
hardware and operating system to protect against the deliberate or accidental damage from a
defined threat. to avoid unauthorized access, password protection is highly recommended while
running the application.
every candidate system must provide built-in procedures for security and integrity of data.
without safeguards against unauthorized access, fraud, natural disasters etc, system could be so
vulnerable so as to threaten he survival of a computer organization. to do an adequate job on
security, a system analyst must analyze the risks, exposures and costs and specify measures such
as password and encryptions to provide protection. in addition backup copies of software and
recovery restart procedures must be available when needed.
tight system security can be costly, but appropriate security is justified compared to the
catastrophe that could result from no protective measures. the main three motives behind security
are:
1. the near-total dependence of organization on computer-based information's makes it
imperative that a system be protected on a regular basis.
2. data are a major asset and should be protected .in database environment where computer
files are centralized, security becomes critical.
3. demonstrating effective security measures reinforces management support for designing
and implementing candidate system.
system security problem can be divided into four related issues: security, integrity, privacy and
confidentiality. they determine file structure, data structure and access procedures.
system security refers to the technical innovation and procedures applied to the hardware
and operating systems to protect against deliberate or accidental damage from a defined threat. in
contrast, data security is the protection of data from loss, disclosure, modifications and
destructions.
system integrity refers to the proper functioning of hardware and programs, appropriate
physical security and safety against external threats such as eavesdropping and wiretapping. in
comparison data integrity make sure that data do not differ from there original form ad have not
been accidentally or intentionally disclosed, altered or destroyed.
privacy defines the rights of the users or organization to determine what information they
are willing to share with or accept from others and how the organization can be protected against
unwelcome, unfair or excessive dissemination of information about it.
the term confidentiality is a special status given to sensitive information in a database to
minimize the possible invasion of privacy. it is an attribute of information that characterizes its
need for protection. system security is the technical means of providing such protection. in
contrast privacy is largely a procedural matter of how information is used.
data privacy and security are issues that go beyond the scope of the system development.
they are actually societal concern .an organization that depends heavily on the use of databases
requires special controls to maintain viable information. these controls are classified into three
general categories.
1. the physical security or protection from fire, flood and other physical damage.
2. database integrity through data validation techniques.
3. control measures through passwords, encryption and monitoring users on a
regular basis.
potential threats to system security include errors and omissions, disgruntled and
dishonest employees, fire and natural disasters .errors and omissions cause the most damage .risk
analysis helps assess the probability and cost of possible disasters, pinpoint unacceptable
exposures and adopt preventive measures as [part of a security plan .the goal is to identify the
threat that results in the greatest monetary losses and provide protection to the appropriate
degree.
after system security risks have been evaluated, the next step is to select security
measures. these measures are classified as follows
authentcation checking it is a scheme for identifying persons to the system based on "something
you know" such as a username and password or a picture badge," something you are" such as a
finger print or voice print or "something you have" such as a credit card, key or special terminals.
the system provides facility to change the password. this should be done once a week or so. this
is necessary because there is a chance that others can get the username and password by
eavesdropping or so. in such a case this changing of password will help to make the system
secure.
system integrity
these lines of defense safeguards the functioning of hardware, database, software,
physical security and operating procedures .the proper backup of software and hardware is
extremely important.
validation
web developers have faced a tough choice when adding form validation logics to their
pages. we can add form validation routines to the server-side code or to the client –side code.
the advantage of writing validation logic in client-side code is that we can provide instant
feedback to users. for eg, if a user neglects to enter a value in a required form field you can
instantly display an error message without requiring a roundtrip back to the server.
maintenance
maintenance is the enigma of system development. it holds the software industry captive,
tying up programming resources. thirty years ago, software maintenance was considered an
'iceberg'. what was immediately visible was all there is to it, but an enormous mass of potential
problems and cost lies under the surface. the maintenance of existing software can account for
over 60% of all effort expended by a software development organization, and the percentage
continues to rise as the amount of software increases.
types of maintenance activities
only about 20% percent of all maintenance work is spent 'fixing mistakes'. the remaining
80% is spent adapting existing systems to changes in their external environment, making
enhancements requested by users, and reengineering an application for future use. so
maintenance activities include:
a. corrective maintenance
even with the best quality assurance activities, it is likely that the customer
will detect defects in the software. corrective maintenance changes the software to correct
defects.
b. adaptive maintenance
over time, the original environment for which the software was developed
is likely to change. adaptive maintenance results in modification to the software to accommodate
changes to its external environment.
a. poor documentation
b. not as rewarding and exciting as developing systems
c. few tools and techniques are available
d. lack of a good test plan
e. standards, procedures and guidelines are poorly defined and enforced
f. minimal standards for maintenance
g. no such job classification as a maintenance manager
installing nagios
sub-directory contents
etc/ main, resource, object, and cgi configuration files should be put here
sbin/ cgis
var/ empty directory for the log file, status file, retention file, etc.
authenticated contacts are granted the following permissions for each service for which
they are contacts
• authorization to view service status information
• authorization to view service configuration information
• authorization to view history and notifications for the service
• authorization to issue service commands
authenticated contacts are granted the following permissions for each host for which they
are contacts
• authorization to view host status information
• authorization to view host configuration information
• authorization to view history and notifications for the host
it is important to note that by default no one is authorized for the following...
• viewing the raw log file via the showlog cgi
• viewing nagios process information via the extended information cgi
• issuing nagios process commands via the command cgi
• viewing host group, contact, contact group, time period, and command definitions
via the configuration cgi.
this is the most important cgi included with nagios. it allows to view the current status of
all hosts and services that are being monitored. the status cgi can produce two main types
of output – a status overview of all host groups particular and a detailed view of all
services .
this cgi is designed to server as a "birds-eye view" of all network monitoring activity. it
allows to quickly see network outages, host status, and service status. it distinguishes
between problems that have been "handled" in some way (i.e. been acknowledged, had
notifications disabled, etc.) and those which have not been handled, and thus need
attention.
this cgi allows to view objects (i.e. hosts, host groups, contacts, contact groups, time
periods,services, etc.) that is defined in object configuration file.
verify changes :
to check and see if the changes made to apache work, point web browser at
http://127.0.0.1 /nagios/ and get the web interface for nagios.
configuring nagios :
to configure nagios or defined objects (hosts, services, etc.) that should be
monitored.,there are several different configuration files that need to be created or edited
before monitoring anything. they are described below...
• main configuration file
the main configuration file /usr/local/nagios/etc/nagios.cfg contains a number of
directives that affect how nagios operates. this config file is read by both the nagios
process and the cgis. this is the first configuration file going to want to create or edit.a
sample main configuration file is generated automatically when we run the configure
script before compiling the binaries. when we install the sample config files using the
make install-config command, a sample
main configuration file will be placed into /usr/local/nagios/etc. the
default name of the main configuration file is nagios.cfg.
• resource file(s)
resource files can be used to store user-defined macros. resource files can also
contain other information ,although this will depend on how we have compiled nagios.
the main point of having resource files is to use them to store sensitive configuration
information and not make them available to the cgis.
• object definition files
object definition files are used to define hosts, services, hostgroups, contacts,
contactgroups, commands, etc. this is where we define what things we want to monitor
and how to monitor them.
• cgi configuration file
the cgi configuration file /usr/local/nagios/etc/cgi.cfg contains a number of directives
that affect the operation of the cgis.a sample cgi configuration file is generated
automatically when we run the configure script before compiling the binaries. when we
install the sample config files using the make install-config
command, the cgi configuration file will be placed in the same directory as the main and
host config files /usr/local/nagios/etc. the default name of the cgi configuration file is
cgi.cfg.
methods for starting nagios :
there are basically four different ways we can start nagios:
1. manually, as a foreground process
2. 2. manually, as a background process
3. manually, as a daemon
4. automatically at system boot
• running nagios manually as a foreground process
if we enabled the debugging options when running the configure script (and
recompiled nagios), this would be first choice for testing and debugging. running nagios
as a foreground process at a shell prompt will allow us to more easily view what’s going
on in the monitoring and notification processes.
to run nagios as a foreground process for testing, invoke nagios like this...
/usr/local/nagios/bin/nagios </usr/local/nagios/etc/nagios.cfg >
to stop nagios at any time, just press ctrl-c. if we’ve enabled the debugging options we’ll
probably want to redirect the output to a file for easier review later.
• running nagios manually as a background process
to run nagios as a background process, invoke it with an ampersand as follows...
/usr/local/nagios/bin/nagios < /usr/local/nagios/etc/nagios.cfg > &
• running nagios manually as a daemon
in order to run nagios in daemon mode we must supply the -d switch on the command
line as follows...
/usr/local/nagios/bin/nagios -d </usr/local/nagios/etc/nagios.cfg >
• running nagios automatically at system boot
when we have tested nagios and are reasonably sure that it is not going to crash, we will
probably want to have it start automatically at boot time. to do this in linux we will have
to create a startup script in /etc/rc.d/init.d/ directory. we will also have to create a link to
the script in the runlevel(s) that we wish to have nagios to start in.a sample init script
(named daemon-init) is created in the base directory of the nagios distribution when we
run the configure script. we can install the sample script to /etc/rc.d/init.d directory using
the ’make install-init’ command.
once we have nagios up and running, we may need to stop the process or reload the
configuration data "on the fly".: before we restart nagios, make sure that we have verified
the configuration data using the -v command line switch, especially if we have made any
changes to the config files. if nagios encounters problem with one of the config files
when it restarts, it will log an error and terminate.
future scope
a sincere attempt has been made to develop a system,which will increase the performance of
existing system and will be beneficial to the organization. the main aim of the project was to
provide a simple, user friendly and flexible environment.it will run with a good performance and
in a reliable way.
it is designed in such a way that the maintenance of the system is easy.after the successful user
testing ,it has been found that the new system overcomes most of the limitations of the existing
system and works according to the design specifications given.the developed system dispenses
with the problems and meets the need by providing reliable and complete information.the newly
developed system consumes lee processing time and productivity is increased.it also provides
security with the use of passwords.it has been developed with user friendliness , with messages
and control information outputs required are made available in the required format.