Projects tagged ‘linux’, ‘sysadmin’, and ‘unix’

CUPS provides a portable printing layer for Unix(r)-based operating systems. It has been developed to promote a standard printing solution for all Unix vendors and users. CUPS provides the System V and Berkeley command line interfaces, and uses the ... [More] Internet Printing Protocol ("IPP") as the basis for managing print jobs and queues. The Line Printer Daemon (LPD) Server Message Block (SMB), and AppSocket (a.k.a. JetDirect) protocols are also supported with reduced functionality. CUPS adds network printer browsing and PostScript Printer Description ("PPD") based printing options to support real world printing under UNIX. It includes an image file RIP that supports printing of image files to non-PostScript printers. A customized version of GNU Ghostscript 7.05 for CUPS called ESP Ghostscript is [Less]

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions. (Wireshark was known as Ethereal until June 09, 2006)

Clam AntiVirus (ClamAV) is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a ... [More] tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. [Less]

Nagios (formerly Netsaint) is a daemon written in C that is designed to monitor networked hosts and services. It has the ability to notify contacts (via email, pager or other methods) when problems arise and are resolved. Host and service checks are ... [More] performed by external "plugins", making it easy to write custom checks in your language of choice. Several CGIs are included in order to allow you to view the current and historical status via a Web browser, and a WAP interface is also provided to allow you to acknowlege problems and disable notifications from an internet-ready cellphone. [Less]

The OpenSource industry standard, high performance data logging and graphing system for time series data. Use it to write your custom monitoring shell scripts or create whole applications using its Perl, Python, Ruby, TCL or PHP bindings. RRD is ... [More] the acronym for Round Robin Database. It is a system to store and display time-series data (i.e. network bandwidth, machine-room temperature, server load average). [Less]

Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously ... [More] discrete elements like packages, services, and files. Puppet's simple declarative specification language provides powerful classing abilities for drawing out the similarities between hosts while allowing them to be as specific as necessary, and it handles dependency and prerequisite relationships between objects clearly and explicitly. [Less]

Snort® is an open source network intrusion prevention and detection system using a flexible rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is ... [More] the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry. [Less]

Zabbix is software that monitors your servers and applications. Polling and trapping techniques are both supported. It has a simple, yet very flexible notification mechanism, and a Web interface that allows quick and easy administration. It can be ... [More] used for logging, monitoring, capacity planning, availability and performance measurement, and providing the latest information to a helpdesk. [Less]

Facter is a cross-platform library for retrieving simple operating system facts, like operating system, linux distribution, or MAC address.

John the Ripper is a fast password cracker, currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. ... [More] Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches. [Less]

Bcfg2 helps system administrators produce a consistent, reproducible, and verifiable description of their environment, and offers visualization and reporting tools to aid in day-to-day administrative tasks.

Ganglia is a scalable distributed monitoring system for high-performance computing systems such as clusters and grids. It is based on a hierarchical design targeted at federations of clusters. Ganglia is currently in use on over 500 clusters around the world and has scaled to handle clusters with 2000 nodes.

A complete availability monitoring solution that ensures IT infrastructure uptime while identifying issues before they become real problems. Unifies proven open source tools - Nagios, Nmap, sendpage, PHP, Apache, MySQL and more - through PHP/AJAX-based components and an integrated user interface to deliver the extensible functionality you require.

Openwall GNU/*/Linux (or Owl for short) is a security-enhanced server platform. The primary approaches to security are proactive source code review, privilege reduction, privilege separation, careful selection of third-party software, safe defaults ... [More] , "hardening" to reduce the likelihood of successful exploitation of security flaws, and the uses of "strong" cryptography. Also available are policy enforcement and integrity checking capabilities. Besides the security enhancements, other key properties of Owl include the ability to rebuild the entire system from source with one simple command ("make buildworld"), support for software packages found in or developed for Red Hat's and compatible Linux distributions, and support for multiple architectures (currently x86, x86-64, SPARC, and Alpha). [Less]

Support unattended installation of several Linux and Windows. Also a collection of scripts for inventory, deinstallation and other add-ons like dhcp-ldap, php-ssh, samhain, syslog-ng, switch managment, ldap browser. All written in bash and php.

Bastille Unix is a Hardening and Reporting/Auditing Program which enhances the security of a Unix box, by configuring daemons, system settings and firewalling. It currently functions on HP-UX, Red Hat, SuSE, Gentoo, Mandrivia, and OSX

scanlogd is a TCP port scan detection tool, originally designed to illustrate various attacks an IDS developer has to deal with, for a Phrack Magazine article. Thus, unlike some of the other port scan detection tools out there, scanlogd is designed ... [More] to be totally safe to use. scanlogd supports several packet capture interfaces: the raw socket interface on Linux (which does not require any libraries), libnids, and libpcap. [Less]

Cricket is a high performance, flexible system for monitoring trends in time-series data. It was developed to help network managers visualize and understand the traffic on their networks, but it can be used for all kinds of other jobs, as well. It ... [More] features a hierarchical configuration system (which avoids duplicate info in the config files), full flexibility in RRD structure (arbitrary numbers of DS's and RRA's), a CGI-based graph-on-demand application, and SNMP- and EXEC-based data gathering. [Less]

Augeas is a configuration editing tool. It parses configuration files in their native formats and transforms them into a tree. Configuration changes are made by manipulating this tree and saving them back into native config files.

wbmclamav is a webmin module to manage Clam Antivirus

HST are a set of CLI tools meant to ease administration of GNU/Linux systems (in terms of user accounts, groups, shares, email-adresses/aliases, permissions...). HST are built on a python lib which allows accessing the underlying system in an uniform way, whatever the service (shadow, samba, postfix, dhcpd and so on).

Sawmill is a log analysis tool which can be used to analyze Web site traffic, proxy usage, ftp usage, and much more. Major features include a persistent database for long-term tracking of statistics, hierarchical data mining features, and many security features appropriate for use in a multi-user environment.

This is an LDAP shell. I wrote it a long time ago, actually, but have only recently gotten around to making it release-worthy. It is composed of two parts: Net::LDAP::Config, and ldapsh. Net::LDAP::Config is a library for simplifying and ... [More] centralizing access to your LDAP repositories. Instead of having every single script ask for your ldap server and search base, or have it hard coded, you can simply use this library: my $config = Net::LDAP::Config->new("default"); It's got a couple other nice features, like the fact that it caches your LDAP UID (per host), so you should only ever have to type it in once. It's pretty well documented, so 'perldoc Net::LDAP::config' should get you the rest of the way. ldapsh, and its corresponding library Net::LDAP::Shell, provide (shockingly) the shell [Less]

Spine is a configuration framework for managing large numbers of Redhat Linux based systems (though it should be fairly easy to extend to any UNIX). It scales well due to hierarchical configs that can be used to interpolate templates. Spine is the ... [More] system Ticketmaster uses to manage it's infrastructure of around 3000 systems and growing. The system is highly pluggable - plugins can be written to gather/provide extra data, configure additional systems, and more. [Less]