Comtrend DSL modem probe for Intermapper

I just made an entry to the Intermapper probe contest.

It’s a probe that tracks the signal-to-noise ratio (SNR) for a Comtrend DSL modem. I was having problems with disconnections overnight. With this probe, I was able to tell my ISP when I was having troubles.

The probe runs a Python program to connect to the DSL modem’s web interface, retrieves the stats from the page, and formats the data in the Status Window. Here’s what it looks like:

Probe for Comtrend Modem

You can read more about the probe at my Github repository

The contest ends in a couple days – 30 September. Enter your probes at Intermapper probe contest

InterMapper Discussions Forum now available

I have created a new forum and mailing list about InterMapper. It’s a place for InterMapper customers and others to talk about using InterMapper, IM Flows, the Layer2 facility, creating and requesting new probes, etc.

You can check it out at InterMapper Discussions [See update below…]

Note: This forum is not sponsored or affiliated with HelpSystems, the makers of InterMapper, in any way. It’s just a fan site – please enjoy the forums!

PS The InterMapper Discussions use the Discourse forum platform. What a great piece of software! It’s easy to set up, looks great, and incorporates all the slick technologies that you’d expect from a product written in this decade…

Update: August 2015 I decommissioned the forum because it appeared that HelpSystems was establishing their own forum.

Is that forum working? Should I re-establish this forum? Let me know… Thanks!

TrimCharts Program Available

For all who’ve been following the teaser… The TrimCharts program is now available. TrimCharts is an add-on program for InterMapper that decreases the size of the Chart Data folder. It has the following benefits:

  • It speeds up startup because InterMapper doesn’t have to scan huge Chart Data files;
  • It reduces the amount of disk space consumed by InterMapper (the Chart Data folder on long-running installations can consume tens of gigabytes);
  • It makes chart data appear faster in RemoteAccess.

You can read more about it at TrimCharts man page or get information from me, rich.brown@blueberryhillsoftware.com

PS Join the conversation at InterMapper Discussions!

Update to Security Monitoring Webinar

I mentioned a couple items in the Security Monitoring webinar today:

  • The Heartbleed bug arose from a reasonable-sounding feature request. The client could send periodic “heart beat” requests to the server to see if the connection is still alive. But it was implemented very badly, leading to the Heartbleed bug.

  • How bad was it? Bruce Schneier’s blog leads with this sentence, “Heartbleed is a catastrophic bug in OpenSSL.” Read the remainder at Schneier on Security: Heartbleed The official Heartbleed site also gives good information.

  • The best explanation for non-techies of the Heartbleed bug comes (as always) from XCKD

  • Please contact me if you would be interested in a version of the “Check SSL Certificate” probe that can run on Windows. I will collect these requests to judge the interest in the probe.

Thanks to all who attended!

check_ssl_cert Probe for InterMapper

Do you know when your SSL certificate expires for critical services, such as your public web server or the on-line store? Are you sure that someone’s aware of the cutoff date?

The Check SSL Certificate probe for InterMapper will continually check a web server’s SSL certificate, and give you a warning when the expiration date is less than 30 days away, or go to critical when it’s less than 10 days away. The probe runs every six hours, so it won’t tax your server.

Download from Github.com/blueberryhillsoftware

Instructions:

  • You will also need the Nagios check_ssl_cert plugin (.zip archive)
  • Expand the archive, and copy the check_ssl_cert file from the archive to the top level of the InterMapper Settings/Tools folder.
  • Ensure that the check_ssl_cert file is executable (chmod +x check_ssl_cert)
  • Use File -> Import Probe… to import the InterMapper probe
  • Add a device to your map with IP address/DNS name of your SSL server.

The probe will query the SSL server and examine its certificate.

Note: The Nagios plugin only works on Linux, Unix or OSX that can execute a /bin/sh command. If you would like a Windows version of this probe, please contact me

Webinar: Security Monitoring and InterMapper

I’m going to present a webinar to describe how to enhance your network’s security. This webinar is hosted by HelpSystems, the makers of the InterMapper network monitoring software. I’ll cover:

  • Detecting systems that are (still) vulnerable to Heartbleed
  • Monitoring SSL Certificate expiration dates
  • Checking many security-related devices: firewalls, mail and spam appliances, intrusion detection/prevention systems, and more
  • Ensuring that your mail servers actually are delivering notifications that you desire

Join me on Wednesday, 11 June 2014 at 10:00am CDT. Send me a note – info@blueberryhillsoftware.com – for signup information.

Heartbleed probe for InterMapper

You’ve all heard about the Heartbleed bug in OpenSSL that leaves a lot of information in the open, even private keys for web servers. This catastrophe has been well described in the Heartbleed website and loads of other places.

There is advice on the SANS site for patching the software, and a Heartbleed test site for servers that are on the public internet.

If you have an internal HTTPS server (or if you want to check all your HTTPS servers), you might be interested in the InterMapper Probe I created that checks a web server for vulnerability to the Heartbleed bug.

Download from Github.com/blueberryhillsoftware

Instructions:

  • Download and import the Check Heartbleed probe into your InterMapper server
  • Add one or more web servers to a map
  • Set Probe… and select Servers-Standard/HTTP & HTTPS/Check Heartbleed
  • The Check Heartbleed probe may take a while to run as it tests all four versions of encryption. You may need to set the Timeout and response time thresholds to 15 seconds to allow it to complete.

The default Version parameter is set to -1: This checks all versions of the TLS (v1.0, v1.1, v1.2) to look for vulnerabilities. You may also enter a version of 0, 1, or 2 to test only TLS v1.0, v1.1, or v1.2, respectively.

Test Cases

  • The server at https://cloudflarechallenge.com:443 is intentionally vulnerable to Heartbleed
  • All major HTTPS sites either never were vulnerable, or have been patched.

I have made the Check Heartbleed Probe for InterMapper available at no cost, under the Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.

Cheers!

Updated: 12Jun2014 – added screen shot, minor edits to Status Window