just my own personal notes that i don't want to forget

Category: Technology (page 1 of 2)

Monitoring and alerting

I now have all these VM’s and physical devices; each usually having their own dashboard or other way of monitoring the resources being used. But it is a pain to look in numerous locations to see how much RAM is being used or that my storage drives are full.  I could have kept relying on the Xen Orchestra monitoring features to provide 90% of the solution, but that still wouldn’t address the other physical hardware I have like my switch, wireless AP, etc. So I started looking to 3rd party solutions.  My “requirements” are it needs to monitor everything I have, support alerting via email, and be open source.  Nearly all my hardware (and software via snmp packages) supports SNMP and Syslog, so getting information out shouldn’t be a problem. Syslog is going to ELSA in my Security Onion vm. This post will focus on SNMP.

Continue reading

NAS, RAID, filesystems, drive pooling

One of the primary reasons I bought the R710 with large form factor (LFF) 3.5″ drive bays was for use as a new network attached storage (NAS).  Why not buy a NAS appliance like a Synology, QNAP, etc? Cost for starters, but also my plans for storage weren’t offered by any of the usual vendors.  I tried out the various NAS distro’s like FreeNAS, NAS4Free, OpenMediaVault, and Rockstor, but each wasn’t exactly what I wanted.  OMV and Rockstor got the closest, but ultimately I went the DIY approach.

Continue reading

Security Onion virtual machine in Xenserver

Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!”

I virtualized this under my Xenserver all-in-one host.  This host has the resources to host a vm like this.  It also contains my virtual pfSense firewall performing inter-VLAN routing and numerous virtual machines, so the Open vSwitch bridge is seeing nearly all the packets bouncing around my home network.

Continue reading

Xenserver, Open vSwitch, and port mirroring

One of my interests, as well as my day job, is cyber security. I have dabbled with running an IDS at home for 10+ years now, but as my hardware aged or died, I just didn’t have the tech at home to do it anymore. With the arrival of my new server, time to virtualize an IDS.

In the physical world, this is “easy”. In the old days, I would plug my 10Mbps hub inline between my cable modem and router/firewall. Off the hub I would connect my monitoring server running Snort. Well things have come a LONG way since then. Now with 100Mbps WAN connections becoming the norm, and gigabit networks in the LAN, a hub isn’t going to cut it. On a managed switch I just configure a port mirror (RSPAN) source and destination. Plug monitoring server into the destination and watch the packets!

Continue reading

Postfix relay server

After messing with hosting my own email server on and off for years (sendmail, qmail, postfix, etc), with more off than on, I decided I need the ability to receive and forward mail outbound.  I do NOT need to receive email, that is what Gmail is for.  This server will not be exposed to the Internet and any real mail addressed to <user>@jamestimberlake.com is handled by my DNS provider, relaying it to Gmail.

Why the need to relay email? Primarily I have a multi-function printer/copier/scanner/fax and I’d like to be able to scan directly to email from the front panel.  Secondly I have numerous things I’d like to receive alerts on, for example SMART data from a dying hard drive.  All these things can be told to email to a SMTP server. The postfix MTA comes installed on even a minimal Centos install, but it doesn’t scale well to configure each vm as a Postfix forwarder.  But the big kick in the teeth is my ISP.

Continue reading

Xen Orchestra

One of my biggest gripes with Xenserver is the management utility, XenCenter, from Citrix is Windows only. My laptop runs Fedora, with a Windows VM, but I’d prefer a web GUI.  Don’t get me wrong, XenCenter is well done and for certain things I still find myself using it.

Then I stumbled upon Xen Orchestra.  Initially I tried the appliance, XOA, and watched it mature over a number of months.  However, some of the features I wanted to try were limited to the “Premium” version.  Then I discovered that the developers want to support little guys like me and provide the full features if you compile from sources. Sweet!

Continue reading

WiFi, SSIDs, VLANs, and more

As I stated earlier, I desired different wifi networks depending on how much I trust the device and/or user. More and more things showing up in my house support wifi…that whole Internet-of-things (IoT). The real threat of cryptoware or other malware being brought in by my wife, kids, or guests sent me down this path.  And I think it is just cool to do.

I’ve had an Asus RT-N16 802.11n wifi router for years, mostly unused.  It is flashed with TomatoUSB firmware already, which exposes many neat tricks.  Most of them I don’t need, but a VLAN aware firmware is a must for what I want to do. I could go out and by some cool PoE Ubitquity devices, but that costs $$$….I don’t like spending money. So putting the Asus back into production here we go.

Continue reading

Virtualized Firewall

Having been “stuck” with the Verizon provided Actiontec router/firewall since I bought the house, I used my newly acquired Xenserver to virtualize my preferred firewall…pfSense.

I’ve been using pfSense on and off for many years now, but mostly back when I had cable internet. Verizon complicates things. My house came pre-provisioned over coax and I have yet to get around to running a Cat5e cable from the ONT to the area in my basement where I keep my network gear. So I still retain the Actiontec upstream and am effectively double NAT-ed. Since I don’t game or torrent, I’m not concerned right now.

Continue reading

Xenserver 7 config

Why Xenserver? I’ve used Esxi, Proxmox, oVirt, and rolled my own hypervisors in the past. Xenserver provides the right blend of features, price (free), and command-line API.  It has its quirks (they all do), but they are easily solved.

Having used 6.2 and 6.5 previously, this was my first look at 7.0.  The install is the same familiar Redhat-based text mode. During install, I set the management network to NIC0 with static IP. Once installed and rebooted, I installed the latest XenCenter GUI in a Windows 10 VirtualBox VM I keep around for stuff like this and got to setting it up.

Continue reading

Older posts

© 2024 James Timberlake

Theme by Anders NorenUp ↑